https://wiki.archlinux.org/api.php?action=feedcontributions&user=Sangy&feedformat=atom
ArchWiki - User contributions [en]
2024-03-28T15:57:23Z
User contributions
MediaWiki 1.41.0
https://wiki.archlinux.org/index.php?title=User:Sangy/archlinux-docker&diff=594069
User:Sangy/archlinux-docker
2020-01-05T18:50:40Z
<p>Sangy: add first draft</p>
<hr />
<div>= Archlinux Official Image Process Documentation =<br />
<br />
== What is this? ==<br />
<br />
This document contains information about how the official archlinux image is built and published. It also contains a list of goals for the project moving forward.<br />
<br />
== Build process ==<br />
<br />
In order to build the official images, the [https://github.com/docker-library Docker library team] requires us to generate a all the artifacts that they will use in their docker builds. In the context of a distribution image (e.g., Debian or Arch Linux) this basically means generating the rootfs and any ancillary files that may be needed. For the Arch Linux build, we only create the rootfs in our infrastructure, and the rest of the operations are done inside of the Docker build.<br />
<br />
Once all the required artifacts are created, they need be handed off to the library team, who will fetch them from a GitHub repository and schedule a build in their infrastructure. To do this, we are required to submit a pull-request to their [https://github.com/docker-library/official-images official-images] repository with all the meta-information required by the build. This information is used by their build tool, bashbrew, and contains things such as the build architecture, the git remote from which to fetch the artifacts and the like.<br />
<br />
In other words, in order to produce a new image, we the following steps need to happen:<br />
<br />
# A build is kicked off in the Arch Linux infrastructure. This is scheduled to happen on the 5th of each month (see the [https://git.archlinux.org/infrastructure.git/tree/roles/docker-image docker-image] role in our infrastructure repository for more information)<br />
# Once a new rootfs and all the required artifacts are generated, a new tag in the [https://github.com/archlinux/archlinux-docker archlinux/archlinux-docker] repository must be made. The tagname follows the DDMMYYYY format. The tag is then pushed to the canonical repository. There are two requirements to keep in mind when tagging a build:<br />
## That there are no other copies in the artifacts in the history (i.e., the contents of the older tag are in any of the parent commits)<br />
## There are no objects larger than 100MB. This is because the bashbrew toolchain does ''not'' have support for git-lfs.<br />
# With all the artifacts hosted on GitHub, a pull-request for the official-images repository. In it, the <code>latest</code> Docker tag needs to be updated to match the new id of the newly-created git tag ID. Optionally, the older tag can be kept by using the DDMMYYYY Docker tag format. Please see a [https://github.com/docker-library/official-images/pull/7087 previous PR] to see how this is done.<br />
# Once the PR is merged, the docker build is kicked off on the docker-library side and, if successful, it is eventually released in docker hub under the [https://hub.docker.com/_/archlinux _/archlinux] namespace<br />
<br />
=== Creating the artifacts ===<br />
<br />
The most critical part of a release is creating the build artifacts. To ensure transparency, reproducibility, audit-ability, and to increase the bus factor release artifacts are automatically built on the Arch Linux infrastructure. The build process is namespaced to its own user (again, see the infrastructure.git repository) and kicked off by a systemd timer on the 5th of each month. When the timer is hit, and the “make rootfs” job is triggered.</div>
Sangy
https://wiki.archlinux.org/index.php?title=Notmuch&diff=587181
Notmuch
2019-10-25T16:46:32Z
<p>Sangy: alot was changed from aur to community</p>
<hr />
<div>[[Category:Email clients]]<br />
[[ja:Notmuch]]<br />
{{Related articles start}}<br />
{{Related|mutt}}<br />
{{Related articles end}}<br />
<br />
[http://notmuchmail.org/ Notmuch] is a mail indexer. Essentially, is a very thin front end on top of ''xapian''.<br />
Much like [[Sup]], it focuses on one thing: indexing your email messages. Notmuch can be used as an email reader, or simply as an indexer and search tool for other MUAs, like [[mutt]].<br />
<br />
==Overview==<br />
Notmuch is written in C and an order of magnitude faster than sup-mail.<br />
Notmuch can be terminated during the indexing process, on the next run it will continue where it left off.<br />
Also like sup-mail, it does not provide a way to permanently delete unwanted email messages (however, see [[#Permanently delete emails]]).<br />
It doesn't fetch or send mails, nor does it store your email addresses, you'll need to use programs like [[OfflineIMAP]], [[msmtp]] and ''abook'' for those tasks.<br />
<br />
Notmuch is available in the [[official repositories]]: {{Pkg|notmuch}} or {{AUR|notmuch-git}}{{Broken package link|package not found}} from the [[AUR]]<br />
<br />
It provides [[python]], [[vim]], and [[emacs]] bindings.<br />
<br />
==First time Usage==<br />
After installation, you enter an interactive setup by running:<br />
notmuch setup<br />
The program prompts you for the location of your maildir and your primary and secondary email addresses. You can also edit the config file directly which is created by default at {{ic|$HOME/.notmuch-config}}.<br />
<br />
Subsequent re-indexing of the mail directories is done with:<br />
notmuch new<br />
<br />
==Frontends==<br />
There are [http://notmuchmail.org/frontends/ a range of ways to use notmuch], including cli, or with one of the Unix $EDITORS:<br />
<br />
===Emacs===<br />
The default frontend for notmuch is Emacs. It is developed by the same people that develop notmuch.<br />
<br />
===Vim===<br />
There is a vim interface available and included in the {{pkg|notmuch-vim}} package. To start it, type:<br />
vim -c NotMuch<br />
<br />
===alot===<br />
alot is a standalone CLI interface for notmuch, written in python. It is available in community as {{Pkg|alot}} and on [[AUR]] as {{AUR|alot-git}}.<br />
<br />
Alot uses [[wikipedia:Mailcap|mailcap]] for handling different kinds of files. This currently includes html mails, which means that you need to configure a {{Ic|~/.mailcap}} file in order to view html mails. As minimum, put this line into your {{Ic|~/.mailcap}}:<br />
<br />
text/html; w3m -dump -o -document_charset=%{charset} %s; nametemplate=%s.html; copiousoutput<br />
<br />
This uses {{Pkg|w3m}}, some other text based clients such as {{Pkg|links}} or {{Pkg|lynx}} can be used instead, although their arguments might differ.<br />
<br />
More file handlers can be configured of course.<br />
<br />
===bower===<br />
[https://github.com/wangp/bower bower] is another CLI interface, this one is written in [https://mercurylang.org/ Mercury]. It is available from [[AUR]] as {{AUR|bower-mail}}.<br />
<br />
===Neomutt===<br />
[https://www.neomutt.org/ Neomutt] - Another mutt fork which includes many feature patches, among them the [http://www.neomutt.org/feature/notmuch Notmuch] integration patch. Install the {{Pkg|neomutt}} or the {{AUR|neomutt-git}} package.<br />
<br />
===astroid===<br />
<br />
[https://github.com/astroidmail/astroid Astroid] is a graphical MUA and interface to notmuch written using C++ and GTK. {{AUR|astroid}} (stable) and {{AUR|astroid-git}} (VCS) packages are available in [[AUR]]. The GUI is designed to be very fast, preview HTML and attachments, be navigable by keyboard. It is extensively configurable and you use your favorite editor either embedded or launch it externally. Check out the [https://github.com/astroidmail/astroid/wiki Tour] to see how astroid can be used and for a description of the complete setup, or check out the [https://github.com/astroidmail/astroid README] for more information.<br />
<br />
===ner===<br />
<br />
{{Note|Ner does not seem to be actively developed anymore. The latest commit on github is from May 2012.}}<br />
<br />
[https://github.com/pioto/ner ner] - notmuch email reader - is yet another CLI interface, apparently written in C++.<br />
<br />
{{AUR|ner-git}}{{Broken package link|{{aur-mirror|ner-git}}}} is available from the [[AUR]].<br />
<br />
==Integrating with mutt==<br />
If you use [[mutt]] as your MUA, then notmuch is an excellent complementary tool to index and search your mail. The {{Pkg|notmuch-mutt}} package provides a script to integrate notmuch with mutt.<br />
<br />
After installing the {{Pkg|notmuch-mutt}} package and configuring notmuch, the only thing left before using notmuch to search from mutt is adding keybindings to call the <code>notmuch-mutt</code> perl script from mutt. Adding the following to your <code>.muttrc</code> is what is recommended in notmuch contrib source:<br />
<br />
macro index <F8> \<br />
"<enter-command>set my_old_pipe_decode=\$pipe_decode my_old_wait_key=\$wait_key nopipe_decode nowait_key<enter>\<br />
<shell-escape>notmuch-mutt -r --prompt search<enter>\<br />
<change-folder-readonly>`echo ${XDG_CACHE_HOME:-$HOME/.cache}/notmuch/mutt/results`<enter>\<br />
<enter-command>set pipe_decode=\$my_old_pipe_decode wait_key=\$my_old_wait_key<enter>" \<br />
"notmuch: search mail"<br />
<br />
macro index <F9> \<br />
"<enter-command>set my_old_pipe_decode=\$pipe_decode my_old_wait_key=\$wait_key nopipe_decode nowait_key<enter>\<br />
<pipe-message>notmuch-mutt -r thread<enter>\<br />
<change-folder-readonly>`echo ${XDG_CACHE_HOME:-$HOME/.cache}/notmuch/mutt/results`<enter>\<br />
<enter-command>set pipe_decode=\$my_old_pipe_decode wait_key=\$my_old_wait_key<enter>" \<br />
"notmuch: reconstruct thread"<br />
<br />
macro index <F6> \<br />
"<enter-command>set my_old_pipe_decode=\$pipe_decode my_old_wait_key=\$wait_key nopipe_decode nowait_key<enter>\<br />
<pipe-message>notmuch-mutt tag -- -inbox<enter>\<br />
<enter-command>set pipe_decode=\$my_old_pipe_decode wait_key=\$my_old_wait_key<enter>" \<br />
"notmuch: remove message from inbox"<br />
<br />
The above uses <code>F8</code> to search your inbox using notmuch, <code>F9</code> to create threads from search results, and <code>F6</code> to tag search results.<br />
<br />
===notmuch-mutt problems===<br />
There can sometimes be disagreement between pacman-installed and managed perl modules and perl modules installed via cpan/cpanm. An error message of the format:<br />
Gnu.c: loadable library and perl binaries are mismatched (got handshake key 0xdb00080, needed 0xdb80080)<br />
can indicate that some of the notmuch-mutt dependencies are installed via cpan while some are installed and managed via pacman, and that you should install all dependencies via one or the other method.<br />
<br />
==Integrating with NeoMutt ==<br />
<br />
If you use {{Pkg|neomutt}}, the {{Pkg|notmuch-mutt}} package is not required. Instead, create a {{Ic|~/.mailboxes}} with some basic (virtual) mailboxes. A virtual mailbox is not an actual folder, but the result of a notmuch query for a specific tag:<br />
{{hc|~/.mailboxes|2=<br />
virtual-mailboxes "inbox" "notmuch://?query=tag:inbox"<br />
virtual-mailboxes "archive" "notmuch://?query=tag:archive"<br />
virtual-mailboxes "sent" "notmuch://?query=tag:sent"<br />
virtual-mailboxes "newsletters" "notmuch://?query=tag:newsletters"<br />
}}<br />
Next, make mutt aware of your virtual mailboxes by enabling virtual spoolfile and sourcing the latter:<br />
{{hc|~/.muttrc|2=<br />
set virtual_spoolfile=yes<br />
set folder=''notmuch-root-folder''<br />
source ~/.mailboxes<br />
}}<br />
At this point, mutt will still list your mailboxes as empty, because your mails are not yet tagged and thus, notmuch querys are empty. To fill your virtual mailboxes, you need to initially tag the messages in your maildir. A very simple approach is to create a shell script like the following:<br />
{{hc|~/.scripts/notmuch-hook.sh|2=<br />
#!/bin/sh<br />
notmuch new<br />
# retag all "new" messages "inbox" and "unread"<br />
notmuch tag +inbox +unread -new -- tag:new<br />
# tag all messages from "me" as sent and remove tags inbox and unread<br />
notmuch tag -new -inbox +sent -- from:me@example.org or from:me@myself.com<br />
# tag newsletters, but dont show them in inbox<br />
notmuch tag +newsletters +unread -new -- from:newsletter@example.org or subject:'newsletter*'<br />
}}<br />
Make the shell script executable and run it:<br />
chmod +x ~/.scripts/notmuch-hook.sh<br />
~/.scripts/notmuch-hook.sh<br />
For the above example to work, make sure that notmuch tags new messages as 'new':<br />
{{hc|~/.notmuch-config|2=<br />
[new]<br />
tags=new<br />
}}<br />
Finally, your hook script needs to rerun on new mail arrival. If you use {{Pkg|offlineimap}} to sync IMAP to a local maildir, create a post sync hook:<br />
{{hc|~/.offlineimaprc|2=<br />
[Account myaccount]<br />
postsynchook = ~/.scripts/notmuch-hook.sh<br />
}}<br />
Some useful key bindings:<br />
{{hc|~/.muttrc|2=<br />
macro index A "<modify-labels>+archive -unread -inbox\\n" "Archive message"<br />
macro index c "<change-vfolder>?" "Change to vfolder overview"<br />
macro index \\\\ "<vfolder-from-query>" "Search mailbox"<br />
}}<br />
<br />
==Permanently delete emails==<br />
<br />
One choice is to maintain a tag of emails you wish to remove from your disk, for example, "killed". Then, you can run this to delete them permanently:<br />
notmuch search --output=files --format=text0 tag:killed | xargs -0 rm<br />
notmuch new</div>
Sangy
https://wiki.archlinux.org/index.php?title=User:Sangy&diff=569085
User:Sangy
2019-03-18T20:20:01Z
<p>Sangy: /* Involvement */</p>
<hr />
<div>__NOTOC__<br />
===Involvement===<br />
Member of the [[Arch_Security_Team|Arch Security Team]] and [[trusted_user|Trusted User]].<br />
<br />
===Profession===<br />
Computer Scientist/Security Researcher<br />
<br />
===Location===<br />
Mexico<br />
<br />
===Contacts===<br />
santiago ~et~ archilnux.org<br><br />
irc://irc.freenode.net:sangy<br><br />
<br />
===PGP Key===<br />
[https://pgp.mit.edu/pks/lookup?op=get&search=0x468F122CE8162295 0x468F122CE8162295] <br><br />
(fingerprint 903B AB73 640E B6D6 5533 EFF3 468F 122C E816 2295)</div>
Sangy
https://wiki.archlinux.org/index.php?title=User:Sangy&diff=569084
User:Sangy
2019-03-18T20:19:19Z
<p>Sangy: /* Contacts */</p>
<hr />
<div>__NOTOC__<br />
===Involvement===<br />
Member of the [[Arch_Security_Team|Arch Security Team]].<br />
<br />
===Profession===<br />
Computer Scientist/Security Researcher<br />
<br />
===Location===<br />
Mexico<br />
<br />
===Contacts===<br />
santiago ~et~ archilnux.org<br><br />
irc://irc.freenode.net:sangy<br><br />
<br />
===PGP Key===<br />
[https://pgp.mit.edu/pks/lookup?op=get&search=0x468F122CE8162295 0x468F122CE8162295] <br><br />
(fingerprint 903B AB73 640E B6D6 5533 EFF3 468F 122C E816 2295)</div>
Sangy
https://wiki.archlinux.org/index.php?title=Netboot&diff=568818
Netboot
2019-03-15T22:48:24Z
<p>Sangy: Remove OCSP FS#58470 related workaround section.</p>
<hr />
<div>[[Category:Installation process]]<br />
[[ja:Netboot]]<br />
[[lt:Netboot]]<br />
Netboot images are small (<1MB) images that can be used to download the latest Arch Linux release on the fly upon system boot. It is unnecessary to update the netboot image, the newest release will be available automatically. Netboot images can be downloaded from the [https://www.archlinux.org/releng/netboot/ Arch Linux website].<br />
<br />
== BIOS ==<br />
<br />
To use netboot on a BIOS-based computer, you need either the ipxe.lkrn or ipxe.pxe image.<br />
<br />
=== Using ipxe.lkrn ===<br />
<br />
The ipxe.lkrn image can be booted like a Linux kernel. Any Linux bootloader (like Grub or syslinux) can be used to load it from your hard drive, a CD or a USB drive. For example, the Syslinux wiki gives instructions to install[https://wiki.syslinux.org/wiki/index.php?title=Install] and configure[https://wiki.syslinux.org/wiki/index.php?title=Config] Syslinux on a bootable medium.<br />
<br />
You can make flash drive that boots ipxe.lkrn with the following steps:<br />
* Find out your device path using [[lsblk]]. Let's assume it is /dev/sdc.<br />
* Create ms-dos partition table on the device.<br />
* Create a primary partition with FAT32 file system and flag it as active.<br />
* Mount partition, create ./boot/syslinux directory there and copy ipxe.lkrn to boot directory<br />
# mount /dev/sdc /mnt<br />
# mkdir -p /mnt/boot/syslinux<br />
# cp ipxe.lkrn /mnt/boot<br />
* Create config for syslinux<br />
{{hc|/mnt/boot/syslinux/syslinux.cfg |2=<br />
DEFAULT arch_netboot<br />
SAY Booting Arch over the network.<br />
LABEL arch_netboot<br />
KERNEL /boot/ipxe.lkrn<br />
}}<br />
* Unmount partition<br />
# umount /mnt<br />
* Install syslinux mbr and syslinux itself<br />
# ms-sys --mbrsyslinux /dev/sdc<br />
# syslinux --directory /boot/syslinux/ --install /dev/sdc1<br />
* Now you should be able to boot your usb stick with ipxe.lkrn.<br />
<br />
<br />
Alternatively, you can also try the image with qemu by running the following command:<br />
<br />
qemu-system-x86_64 -enable-kvm -m 2G -kernel ipxe.lkrn<br />
<br />
=== Using ipxe.pxe ===<br />
<br />
The ipxe.pxe image is a PXE image. It can be chainloaded from an existing PXE environment. This allows configuring a DHCP server such that booting from the network will always boot into Arch Linux netboot.<br />
<br />
== UEFI ==<br />
<br />
The ipxe.efi image can be used to launch Arch Linux netboot in UEFI mode. Only 64 Bit UEFI is supported. The ipxe.efi image can be added as a boot option via efibootmgr, chainloaded from a boot manager like [[systemd-boot]] or launched directly from the UEFI shell.<br />
<br />
=== Installation with efibootmgr ===<br />
<br />
First install the {{Pkg|efibootmgr}} package, then download the [https://www.archlinux.org/releng/netboot/ UEFI netboot image].<br />
<br />
Assuming your [[EFI system partition]] (ESP) is mounted under {{ic|''esp''}}, you should move it as follows - let's also give it a more friendly name:<br />
<br />
# mkdir ''esp''/EFI/arch_netboot<br />
# mv ipxe.*.efi ''esp''/EFI/arch_netboot/arch_netboot.efi<br />
<br />
Then you can create a boot entry as follows:<br />
<br />
# efibootmgr --create --disk /dev/sda --part 1 --loader /EFI/arch_netboot/arch_netboot.efi --label "Arch Linux Netboot"</div>
Sangy
https://wiki.archlinux.org/index.php?title=Netboot&diff=568817
Netboot
2019-03-15T21:21:12Z
<p>Sangy: /* Using ipxe.lkrn */ change qemu call to use 2G as 1G will kpanic.</p>
<hr />
<div>[[Category:Installation process]]<br />
[[ja:Netboot]]<br />
[[lt:Netboot]]<br />
Netboot images are small (<1MB) images that can be used to download the latest Arch Linux release on the fly upon system boot. It is unnecessary to update the netboot image, the newest release will be available automatically. Netboot images can be downloaded from the [https://www.archlinux.org/releng/netboot/ Arch Linux website].<br />
<br />
== BIOS ==<br />
<br />
To use netboot on a BIOS-based computer, you need either the ipxe.lkrn or ipxe.pxe image.<br />
<br />
=== Using ipxe.lkrn ===<br />
<br />
The ipxe.lkrn image can be booted like a Linux kernel. Any Linux bootloader (like Grub or syslinux) can be used to load it from your hard drive, a CD or a USB drive. For example, the Syslinux wiki gives instructions to install[https://wiki.syslinux.org/wiki/index.php?title=Install] and configure[https://wiki.syslinux.org/wiki/index.php?title=Config] Syslinux on a bootable medium.<br />
<br />
You can make flash drive that boots ipxe.lkrn with the following steps:<br />
* Find out your device path using [[lsblk]]. Let's assume it is /dev/sdc.<br />
* Create ms-dos partition table on the device.<br />
* Create a primary partition with FAT32 file system and flag it as active.<br />
* Mount partition, create ./boot/syslinux directory there and copy ipxe.lkrn to boot directory<br />
# mount /dev/sdc /mnt<br />
# mkdir -p /mnt/boot/syslinux<br />
# cp ipxe.lkrn /mnt/boot<br />
* Create config for syslinux<br />
{{hc|/mnt/boot/syslinux/syslinux.cfg |2=<br />
DEFAULT arch_netboot<br />
SAY Booting Arch over the network.<br />
LABEL arch_netboot<br />
KERNEL /boot/ipxe.lkrn<br />
}}<br />
* Unmount partition<br />
# umount /mnt<br />
* Install syslinux mbr and syslinux itself<br />
# ms-sys --mbrsyslinux /dev/sdc<br />
# syslinux --directory /boot/syslinux/ --install /dev/sdc1<br />
* Now you should be able to boot your usb stick with ipxe.lkrn.<br />
<br />
<br />
Alternatively, you can also try the image with qemu by running the following command:<br />
<br />
qemu-system-x86_64 -enable-kvm -m 2G -kernel ipxe.lkrn<br />
<br />
=== Using ipxe.pxe ===<br />
<br />
The ipxe.pxe image is a PXE image. It can be chainloaded from an existing PXE environment. This allows configuring a DHCP server such that booting from the network will always boot into Arch Linux netboot.<br />
<br />
== UEFI ==<br />
<br />
The ipxe.efi image can be used to launch Arch Linux netboot in UEFI mode. Only 64 Bit UEFI is supported. The ipxe.efi image can be added as a boot option via efibootmgr, chainloaded from a boot manager like [[systemd-boot]] or launched directly from the UEFI shell.<br />
<br />
=== Installation with efibootmgr ===<br />
<br />
First install the {{Pkg|efibootmgr}} package, then download the [https://www.archlinux.org/releng/netboot/ UEFI netboot image].<br />
<br />
Assuming your [[EFI system partition]] (ESP) is mounted under {{ic|''esp''}}, you should move it as follows - let's also give it a more friendly name:<br />
<br />
# mkdir ''esp''/EFI/arch_netboot<br />
# mv ipxe.*.efi ''esp''/EFI/arch_netboot/arch_netboot.efi<br />
<br />
Then you can create a boot entry as follows:<br />
<br />
# efibootmgr --create --disk /dev/sda --part 1 --loader /EFI/arch_netboot/arch_netboot.efi --label "Arch Linux Netboot"<br />
<br />
== Troubleshooting ==<br />
<br />
=== Error 022fe2 ===<br />
When loading ipxe.1e77e6bfd61e.efi you get such error:<br />
<br />
https://www.archlinux.org/releng/netboot/archlinux.ipxe... Permission denied (http://ipxe.org/022fe28f)<br />
<br />
When loading ipxe.8da38b4a9310.pxe you get such error:<br />
<br />
https://www.archlinux.org/releng/netboot/archlinux.ipxe... Permission denied (http://ipxe.org/022fe23c)<br />
<br />
This is a bug related to https/ocsp/certificates (see {{Bug|58470}}).<br />
<br />
As a workaround, download this file (https://www.archlinux.org/releng/netboot/archlinux.ipxe) and place it to your own http server. Then run in iPXE shell:<br />
<br />
iPXE> chain http://''yourdomain.com''/path/to/file/archlinux.ipxe<br />
replacing ''yourdomain.com'' and path.</div>
Sangy
https://wiki.archlinux.org/index.php?title=Systemd&diff=567757
Systemd
2019-03-02T20:50:25Z
<p>Sangy: /* Running services after the network is up */ mention netctl</p>
<hr />
<div>{{Lowercase title}}<br />
[[Category:Daemons]]<br />
[[Category:Init]]<br />
[[ar:Systemd]]<br />
[[de:Systemd]]<br />
[[el:Systemd]]<br />
[[es:Systemd]]<br />
[[fa:Systemd]]<br />
[[fr:Systemd]]<br />
[[it:Systemd]]<br />
[[ja:Systemd]]<br />
[[pt:Systemd]]<br />
[[ru:Systemd]]<br />
[[zh-hans:Systemd]]<br />
[[zh-hant:Systemd]]<br />
{{Related articles start}}<br />
{{Related|systemd/User}}<br />
{{Related|systemd/Timers}}<br />
{{Related|systemd/Journal}}<br />
{{Related|systemd FAQ}}<br />
{{Related|init}}<br />
{{Related|Daemons}}<br />
{{Related|udev}}<br />
{{Related|Improving performance/Boot process}}<br />
{{Related|Allow users to shutdown}}<br />
{{Related articles end}}<br />
<br />
From the [https://freedesktop.org/wiki/Software/systemd/ project web page]:<br />
<br />
:''systemd'' is a suite of basic building blocks for a Linux system. It provides a system and service manager that runs as PID 1 and starts the rest of the system. systemd provides aggressive parallelization capabilities, uses socket and [[D-Bus]] activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux [[control groups]], maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. ''systemd'' supports SysV and LSB init scripts and works as a replacement for sysvinit. Other parts include a logging daemon, utilities to control basic system configuration like the hostname, date, locale, maintain a list of logged-in users and running containers and virtual machines, system accounts, runtime directories and settings, and daemons to manage simple network configuration, network time synchronization, log forwarding, and name resolution.<br />
<br />
{{Note|1=For a detailed explanation of why Arch moved to ''systemd'', see [https://bbs.archlinux.org/viewtopic.php?pid=1149530#p1149530 this forum post].}}<br />
<br />
== Basic systemctl usage ==<br />
<br />
The main command used to introspect and control ''systemd'' is ''systemctl''. Some of its uses are examining the system state and managing the system and services. See {{man|1|systemctl}} for more details.<br />
<br />
{{Tip|<br />
* You can use all of the following ''systemctl'' commands with the {{ic|-H ''user''@''host''}} switch to control a ''systemd'' instance on a remote machine. This will use [[SSH]] to connect to the remote ''systemd'' instance.<br />
* [[Plasma]] users can install {{AUR|systemd-kcm}} as a graphical frontend for ''systemctl''. After installing the module will be added under ''System administration''.}}<br />
<br />
=== Analyzing the system state ===<br />
<br />
Show '''system status''' using:<br />
<br />
$ systemctl status<br />
<br />
'''List running''' units:<br />
<br />
$ systemctl<br />
<br />
or:<br />
<br />
$ systemctl list-units<br />
<br />
'''List failed''' units:<br />
<br />
$ systemctl --failed<br />
<br />
The available unit files can be seen in {{ic|/usr/lib/systemd/system/}} and {{ic|/etc/systemd/system/}} (the latter takes precedence). '''List installed''' unit files with:<br />
<br />
$ systemctl list-unit-files<br />
<br />
Show the [[cgroups|cgroup slice]], memory and parent for a PID:<br />
<br />
$ systemctl status ''pid''<br />
<br />
=== Using units ===<br />
<br />
Units can be, for example, services (''.service''), mount points (''.mount''), devices (''.device'') or sockets (''.socket'').<br />
<br />
When using ''systemctl'', you generally have to specify the complete name of the unit file, including its suffix, for example {{ic|sshd.socket}}. There are however a few short forms when specifying the unit in the following ''systemctl'' commands:<br />
<br />
* If you do not specify the suffix, systemctl will assume ''.service''. For example, {{ic|netctl}} and {{ic|netctl.service}} are equivalent.<br />
* Mount points will automatically be translated into the appropriate ''.mount'' unit. For example, specifying {{ic|/home}} is equivalent to {{ic|home.mount}}.<br />
* Similar to mount points, devices are automatically translated into the appropriate ''.device'' unit, therefore specifying {{ic|/dev/sda2}} is equivalent to {{ic|dev-sda2.device}}.<br />
<br />
See {{man|5|systemd.unit}} for details.<br />
<br />
{{Note|Some unit names contain an {{ic|@}} sign (e.g. {{ic|name@''string''.service}}): this means that they are [http://0pointer.de/blog/projects/instances.html instances] of a ''template'' unit, whose actual file name does not contain the {{ic|''string''}} part (e.g. {{ic|name@.service}}). {{ic|''string''}} is called the ''instance identifier'', and is similar to an argument that is passed to the template unit when called with the ''systemctl'' command: in the unit file it will substitute the {{ic|%i}} specifier. <br />
<br />
To be more accurate, ''before'' trying to instantiate the {{ic|name@.suffix}} template unit, ''systemd'' will actually look for a unit with the exact {{ic|name@string.suffix}} file name, although by convention such a "clash" happens rarely, i.e. most unit files containing an {{ic|@}} sign are meant to be templates. Also, if a template unit is called without an instance identifier, it will just fail, since the {{ic|%i}} specifier cannot be substituted.<br />
}}<br />
<br />
{{Tip|<br />
* Most of the following commands also work if multiple units are specified, see {{man|1|systemctl}} for more information.<br />
* The {{ic|--now}} switch can be used in conjunction with {{ic|enable}}, {{ic|disable}}, and {{ic|mask}} to respectively start, stop, or mask the unit ''immediately'' rather than after rebooting.<br />
* A package may offer units for different purposes. If you just installed a package, {{ic|pacman -Qql ''package'' <nowiki>|</nowiki> grep -Fe .service -e .socket}} can be used to check and find them.}}<br />
<br />
'''Start''' a unit immediately:<br />
<br />
# systemctl start ''unit''<br />
<br />
'''Stop''' a unit immediately:<br />
<br />
# systemctl stop ''unit''<br />
<br />
'''Restart''' a unit:<br />
<br />
# systemctl restart ''unit''<br />
<br />
Ask a unit to '''reload''' its configuration:<br />
<br />
# systemctl reload ''unit''<br />
<br />
Show the '''status''' of a unit, including whether it is running or not:<br />
<br />
$ systemctl status ''unit''<br />
<br />
'''Check''' whether a unit is already enabled or not:<br />
<br />
$ systemctl is-enabled ''unit''<br />
<br />
'''Enable''' a unit to be started on '''bootup''':<br />
<br />
# systemctl enable ''unit''<br />
<br />
'''Enable''' a unit to be started on '''bootup''' and '''Start''' immediately:<br />
<br />
# systemctl enable --now ''unit''<br />
<br />
'''Disable''' a unit to not start during bootup:<br />
<br />
# systemctl disable ''unit''<br />
<br />
'''Mask''' a unit to make it impossible to start it (both manually and as a dependency, which makes masking dangerous):<br />
<br />
# systemctl mask ''unit''<br />
<br />
'''Unmask''' a unit:<br />
<br />
# systemctl unmask ''unit''<br />
<br />
Show the '''manual page''' associated with a unit (this has to be supported by the unit file):<br />
<br />
$ systemctl help ''unit''<br />
<br />
'''Reload ''systemd'' ''' manager configuration, scanning for '''new or changed units''':<br />
{{Note|This does not ask the changed units to reload their own configurations. See {{ic|reload}} example above.}}<br />
<br />
# systemctl daemon-reload<br />
<br />
=== Power management ===<br />
<br />
[[polkit]] is necessary for power management as an unprivileged user. If you are in a local ''systemd-logind'' user session and no other session is active, the following commands will work without root privileges. If not (for example, because another user is logged into a tty), ''systemd'' will automatically ask you for the root password.<br />
<br />
Shut down and reboot the system:<br />
<br />
$ systemctl reboot<br />
<br />
Shut down and power-off the system:<br />
<br />
$ systemctl poweroff<br />
<br />
Suspend the system:<br />
<br />
$ systemctl suspend<br />
<br />
Put the system into hibernation:<br />
<br />
$ systemctl hibernate<br />
<br />
Put the system into hybrid-sleep state (or suspend-to-both):<br />
<br />
$ systemctl hybrid-sleep<br />
<br />
== Writing unit files ==<br />
<br />
The syntax of ''systemd'''s [https://www.freedesktop.org/software/systemd/man/systemd.unit.html unit files] is inspired by XDG Desktop Entry Specification ''.desktop'' files, which are in turn inspired by Microsoft Windows ''.ini'' files. Unit files are loaded from multiple locations (to see the full list, run {{ic|1=systemctl show --property=UnitPath}}), but the main ones are (listed from lowest to highest precedence):<br />
<br />
* {{ic|/usr/lib/systemd/system/}}: units provided by installed packages<br />
* {{ic|/etc/systemd/system/}}: units installed by the system administrator<br />
<br />
{{Note|<br />
* The load paths are completely different when running ''systemd'' in [[systemd/User#How it works|user mode]].<br />
* systemd unit names may only contain ASCII alphanumeric characters, underscores and periods. All other characters must be replaced by C-style "\x2d" escapes, or employ their predefined semantics ('@', '-'). See {{man|5|systemd.unit}} and {{man|1|systemd-escape}} for more information.}}<br />
<br />
Look at the units installed by your packages for examples, as well as the [https://www.freedesktop.org/software/systemd/man/systemd.service.html#Examples annotated example section] of {{man|5|systemd.service}}.<br />
<br />
{{Tip|Comments prepended with {{ic|#}} may be used in unit-files as well, but only in new lines. Do not use end-line comments after ''systemd'' parameters or the unit will fail to activate.}}<br />
<br />
=== Handling dependencies ===<br />
<br />
With ''systemd'', dependencies can be resolved by designing the unit files correctly. The most typical case is that the unit ''A'' requires the unit ''B'' to be running before ''A'' is started. In that case add {{ic|1=Requires=''B''}} and {{ic|1=After=''B''}} to the {{ic|[Unit]}} section of ''A''. If the dependency is optional, add {{ic|1=Wants=''B''}} and {{ic|1=After=''B''}} instead. Note that {{ic|1=Wants=}} and {{ic|1=Requires=}} do not imply {{ic|1=After=}}, meaning that if {{ic|1=After=}} is not specified, the two units will be started in parallel.<br />
<br />
Dependencies are typically placed on services and not on [[#Targets]]. For example, {{ic|network.target}} is pulled in by whatever service configures your network interfaces, therefore ordering your custom unit after it is sufficient since {{ic|network.target}} is started anyway.<br />
<br />
=== Service types ===<br />
<br />
There are several different start-up types to consider when writing a custom service file. This is set with the {{ic|1=Type=}} parameter in the {{ic|[Service]}} section:<br />
<br />
* {{ic|1=Type=simple}} (default): ''systemd'' considers the service to be started up immediately. The process must not fork. Do not use this type if other services need to be ordered on this service, unless it is socket activated.<br />
* {{ic|1=Type=forking}}: ''systemd'' considers the service started up once the process forks and the parent has exited. For classic daemons use this type unless you know that it is not necessary. You should specify {{ic|1=PIDFile=}} as well so ''systemd'' can keep track of the main process.<br />
* {{ic|1=Type=oneshot}}: this is useful for scripts that do a single job and then exit. You may want to set {{ic|1=RemainAfterExit=yes}} as well so that ''systemd'' still considers the service as active after the process has exited.<br />
* {{ic|1=Type=notify}}: identical to {{ic|1=Type=simple}}, but with the stipulation that the daemon will send a signal to ''systemd'' when it is ready. The reference implementation for this notification is provided by ''libsystemd-daemon.so''.<br />
* {{ic|1=Type=dbus}}: the service is considered ready when the specified {{ic|BusName}} appears on DBus's system bus.<br />
* {{ic|1=Type=idle}}: ''systemd'' will delay execution of the service binary until all jobs are dispatched. Other than that behavior is very similar to {{ic|1=Type=simple}}. <br />
<br />
See the [https://www.freedesktop.org/software/systemd/man/systemd.service.html#Type= systemd.service(5)] man page for a more detailed explanation of the {{ic|Type}} values.<br />
<br />
=== Editing provided units ===<br />
<br />
{{Style|Should be renamed to more descriptive ''Modifying provided units''.|talk=Talk:Edit#Deprecation}}<br />
<br />
To avoid conflicts with pacman, unit files provided by packages should not be directly edited. There are two safe ways to modify a unit without touching the original file: create a new unit file which [[#Replacement unit files|overrides the original unit]] or create [[#Drop-in files|drop-in snippets]] which are applied on top of the original unit. For both methods, you must reload the unit afterwards to apply your changes. This can be done either by editing the unit with {{ic|systemctl edit}} (which reloads the unit automatically) or by reloading all units with:<br />
<br />
# systemctl daemon-reload<br />
<br />
{{Tip|<br />
* You can use ''systemd-delta'' to see which unit files have been overridden or extended and what exactly has been changed.<br />
* Use {{ic|systemctl cat ''unit''}} to view the content of a unit file and all associated drop-in snippets.<br />
}}<br />
<br />
==== Replacement unit files ====<br />
<br />
To replace the unit file {{ic|/usr/lib/systemd/system/''unit''}}, create the file {{ic|/etc/systemd/system/''unit''}} and ''reenable'' the unit to update the symlinks:<br />
<br />
# systemctl reenable ''unit''<br />
<br />
Alternatively, run:<br />
<br />
# systemctl edit --full ''unit''<br />
<br />
This opens {{ic|/etc/systemd/system/''unit''}} in your editor (copying the installed version if it does not exist yet) and automatically reloads it when you finish editing.<br />
<br />
{{Note|The replacement units will keep on being used even if Pacman updates the original units in the future. This method makes system maintenance more difficult and therefore the next approach is preferred.}}<br />
<br />
==== Drop-in files ====<br />
<br />
To create drop-in files for the unit file {{ic|/usr/lib/systemd/system/''unit''}}, create the directory {{ic|/etc/systemd/system/''unit''.d/}} and place ''.conf'' files there to override or add new options. ''systemd'' will parse and apply these files on top of the original unit.<br />
<br />
The easiest way to do this is to run:<br />
<br />
# systemctl edit ''unit''<br />
<br />
This opens the file {{ic|/etc/systemd/system/''unit''.d/override.conf}} in your text editor (creating it if necessary) and automatically reloads the unit when you are done editing.<br />
<br />
{{Note|Not all keys can be overridden with drop-in files. For example, for changing {{ic|1=Conflicts=}} a replacement file [https://lists.freedesktop.org/archives/systemd-devel/2017-June/038976.html is necessary].}}<br />
<br />
==== Revert to vendor version ====<br />
<br />
To revert any changes to a unit made using {{ic|systemctl edit}} do:<br />
<br />
# systemctl revert ''unit''<br />
<br />
==== Examples ====<br />
<br />
For example, if you simply want to add an additional dependency to a unit, you may create the following file:<br />
<br />
{{hc|/etc/systemd/system/''unit''.d/customdependency.conf|2=<br />
[Unit]<br />
Requires=''new dependency''<br />
After=''new dependency''<br />
}}<br />
<br />
As another example, in order to replace the {{ic|ExecStart}} directive for a unit that is not of type {{ic|oneshot}}, create the following file:<br />
<br />
{{hc|/etc/systemd/system/''unit''.d/customexec.conf|2=<br />
[Service]<br />
ExecStart=<br />
ExecStart=''new command''<br />
}}<br />
<br />
Note how {{ic|ExecStart}} must be cleared before being re-assigned [https://bugzilla.redhat.com/show_bug.cgi?id=756787#c9]. The same holds for every item that can be specified multiple times, e.g. {{ic|OnCalendar}} for timers.<br />
<br />
One more example to automatically restart a service:<br />
<br />
{{hc|/etc/systemd/system/''unit''.d/restart.conf|2=<br />
[Service]<br />
Restart=always<br />
RestartSec=30<br />
}}<br />
<br />
== Targets ==<br />
<br />
{{Style|Unclear description, copy-pasted content (explicitly mentions "Fedora").|section=Make section "Targets" more clearly}}<br />
<br />
''systemd'' uses ''targets'' which serve a similar purpose as [[wikipedia:Runlevel|runlevels]] but act a little different. Each ''target'' is named instead of numbered and is intended to serve a specific purpose with the possibility of having multiple ones active at the same time. Some ''target''s are implemented by inheriting all of the services of another ''target'' and adding additional services to it. There are ''systemd'' ''target''s that mimic the common SystemVinit runlevels so you can still switch ''target''s using the familiar {{ic|telinit RUNLEVEL}} command.<br />
<br />
=== Get current targets ===<br />
<br />
The following should be used under ''systemd'' instead of running {{ic|runlevel}}:<br />
<br />
$ systemctl list-units --type=target<br />
<br />
=== Create custom target ===<br />
<br />
The runlevels that held a defined meaning under sysvinit (i.e., 0, 1, 3, 5, and 6); have a 1:1 mapping with a specific ''systemd'' ''target''. Unfortunately, there is no good way to do the same for the user-defined runlevels like 2 and 4. If you make use of those it is suggested that you make a new named ''systemd'' ''target'' as {{ic|/etc/systemd/system/''your target''}} that takes one of the existing runlevels as a base (you can look at {{ic|/usr/lib/systemd/system/graphical.target}} as an example), make a directory {{ic|/etc/systemd/system/''your target''.wants}}, and then symlink the additional services from {{ic|/usr/lib/systemd/system/}} that you wish to enable.<br />
<br />
=== Mapping between SysV runlevels and systemd targets ===<br />
<br />
{| class="wikitable"<br />
! SysV Runlevel !! systemd Target !! Notes<br />
|-<br />
| 0 || runlevel0.target, poweroff.target || Halt the system.<br />
|-<br />
| 1, s, single || runlevel1.target, rescue.target || Single user mode.<br />
|-<br />
| 2, 4 || runlevel2.target, runlevel4.target, multi-user.target || User-defined/Site-specific runlevels. By default, identical to 3.<br />
|-<br />
| 3 || runlevel3.target, multi-user.target || Multi-user, non-graphical. Users can usually login via multiple consoles or via the network.<br />
|-<br />
| 5 || runlevel5.target, graphical.target || Multi-user, graphical. Usually has all the services of runlevel 3 plus a graphical login.<br />
|-<br />
| 6 || runlevel6.target, reboot.target || Reboot<br />
|-<br />
| emergency || emergency.target || Emergency shell<br />
|-<br />
|}<br />
<br />
=== Change current target ===<br />
<br />
In ''systemd'' targets are exposed via ''target units''. You can change them like this:<br />
<br />
# systemctl isolate graphical.target<br />
<br />
This will only change the current target, and has no effect on the next boot. This is equivalent to commands such as {{ic|telinit 3}} or {{ic|telinit 5}} in Sysvinit.<br />
<br />
=== Change default target to boot into ===<br />
<br />
The standard target is {{ic|default.target}}, which is a symlink to {{ic|graphical.target}}. This roughly corresponds to the old runlevel 5.<br />
<br />
To verify the current target with ''systemctl'':<br />
<br />
$ systemctl get-default<br />
<br />
To change the default target to boot into, change the {{ic|default.target}} symlink. With ''systemctl'':<br />
<br />
{{hc|1=# systemctl set-default multi-user.target|2=<br />
Removed /etc/systemd/system/default.target.<br />
Created symlink /etc/systemd/system/default.target -> /usr/lib/systemd/system/multi-user.target.}}<br />
<br />
Alternatively, append one of the following [[kernel parameters]] to your bootloader:<br />
<br />
* {{ic|1=systemd.unit=multi-user.target}} (which roughly corresponds to the old runlevel 3),<br />
* {{ic|1=systemd.unit=rescue.target}} (which roughly corresponds to the old runlevel 1).<br />
<br />
=== Default target order ===<br />
<br />
Systemd chooses the {{ic|default.target}} according to the following order:<br />
<br />
# Kernel parameter shown above<br />
# Symlink of {{ic|/etc/systemd/system/default.target}}<br />
# Symlink of {{ic|/usr/lib/systemd/system/default.target}}<br />
<br />
== Temporary files ==<br />
<br />
"''systemd-tmpfiles'' creates, deletes and cleans up volatile and temporary files and directories." It reads configuration files in {{ic|/etc/tmpfiles.d/}} and {{ic|/usr/lib/tmpfiles.d/}} to discover which actions to perform. Configuration files in the former directory take precedence over those in the latter directory.<br />
<br />
Configuration files are usually provided together with service files, and they are named in the style of {{ic|/usr/lib/tmpfiles.d/''program''.conf}}. For example, the [[Samba]] daemon expects the directory {{ic|/run/samba}} to exist and to have the correct permissions. Therefore, the {{Pkg|samba}} package ships with this configuration:<br />
<br />
{{hc|/usr/lib/tmpfiles.d/samba.conf|<br />
D /run/samba 0755 root root}}<br />
<br />
Configuration files may also be used to write values into certain files on boot. For example, if you used {{ic|/etc/rc.local}} to disable wakeup from USB devices with {{ic|echo USBE > /proc/acpi/wakeup}}, you may use the following tmpfile instead:<br />
<br />
{{hc|/etc/tmpfiles.d/disable-usb-wake.conf|<br />
# Path Mode UID GID Age Argument<br />
w /proc/acpi/wakeup - - - - USBE}}<br />
<br />
See the {{man|8|systemd-tmpfiles}} and {{man|5|tmpfiles.d}} man pages for details.<br />
<br />
{{Note|This method may not work to set options in {{ic|/sys}} since the ''systemd-tmpfiles-setup'' service may run before the appropriate device modules is loaded. In this case you could check whether the module has a parameter for the option you want to set with {{ic|modinfo ''module''}} and set this option with a [[Kernel modules#Setting module options|config file in /etc/modprobe.d]]. Otherwise you will have to write a [[Udev#About_udev_rules|udev rule]] to set the appropriate attribute as soon as the device appears.}}<br />
<br />
== Timers ==<br />
<br />
A timer is a unit configuration file whose name ends with ''.timer'' and encodes information about a timer controlled and supervised by ''systemd'', for timer-based activation. See [[systemd/Timers]].<br />
<br />
{{Note|Timers can replace [[cron]] functionality to a great extent. See [[systemd/Timers#As a cron replacement]].}}<br />
<br />
== Mounting ==<br />
<br />
''systemd'' is in charge of mounting the partitions and filesystems specified in {{ic|/etc/fstab}}. The {{man|8|systemd-fstab-generator}} translates all the entries in {{ic|/etc/fstab}} into systemd units, this is performed at boot time and whenever the configuration of the system manager is reloaded.<br />
<br />
''systemd'' extends the usual [[fstab]] capabilities and offers additional mount options. These affect the dependencies of the mount unit, they can for example ensure that a mount is performed only once the network is up or only once another partition is mounted. The full list of specific ''systemd'' mount options, typically prefixed with {{ic|x-systemd.}}, is detailed in {{man|5|systemd.mount|FSTAB}}.<br />
<br />
An example of these mount options in the context of ''automounting'', which means mounting only when the resource is required rather than automatically at boot time, is provided in [[fstab#Automount with systemd]].<br />
<br />
=== GPT partition automounting ===<br />
<br />
On a [[GPT]] partitioned disk {{man|8|systemd-gpt-auto-generator}} will mount partitions following the [https://www.freedesktop.org/wiki/Specifications/DiscoverablePartitionsSpec/ Discoverable Partitions Specification], thus they can be omitted from {{ic|fstab}}.<br />
<br />
The automounting for a partition can be disabled by changing the partition's [[Wikipedia:GUID Partition Table#Partition type GUIDs|type GUID]] or setting the partition attribute bit 63 "do not automount", see [[gdisk#Prevent GPT partition automounting]].<br />
<br />
== Tips and tricks ==<br />
<br />
=== Running services after the network is up ===<br />
<br />
To delay a service after the network is up, include the following dependencies in the ''.service'' file:<br />
<br />
{{hc|/etc/systemd/system/''foo''.service|2=<br />
[Unit]<br />
...<br />
'''Wants=network-online.target'''<br />
'''After=network-online.target'''<br />
...<br />
}}<br />
<br />
The network wait service of the particular application that manages the network, must also be enabled so that {{ic|network-online.target}} properly reflects the network status.<br />
* For the ones using [[NetworkManager]], [[enable]] {{ic|NetworkManager-wait-online.service}}.<br />
* In the case of [[netctl]] (and netctl-auto), enable the {{ic|netctl-wait-online.service}}.<br />
* If using [[systemd-networkd]], {{ic|systemd-networkd-wait-online.service}} is by default enabled automatically whenever {{ic|systemd-networkd.service}} has been enabled; check this is the case with {{ic|systemctl is-enabled systemd-networkd-wait-online.service}}, there is no other action needed.<br />
<br />
For more detailed explanations see [https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/ Running services after the network is up] in the systemd wiki.<br />
<br />
=== Enable installed units by default ===<br />
<br />
{{Expansion|How does it work with instantiated units?}}<br />
<br />
Arch Linux ships with {{ic|/usr/lib/systemd/system-preset/99-default.preset}} containing {{ic|disable *}}. This causes ''systemctl preset'' to disable all units by default, such that when a new package is installed, the user must manually enable the unit.<br />
<br />
If this behavior is not desired, simply create a symlink from {{ic|/etc/systemd/system-preset/99-default.preset}} to {{ic|/dev/null}} in order to override the configuration file. This will cause ''systemctl preset'' to enable all units that get installed—regardless of unit type—unless specified in another file in one ''systemctl preset'''s configuration directories. User units are not affected. See {{man|5|systemd.preset}} for more information.<br />
<br />
{{Note|Enabling all units by default may cause problems with packages that contain two or more mutually exclusive units. ''systemctl preset'' is designed to be used by distributions and spins or system administrators. In the case where two conflicting units would be enabled, you should explicitly specify which one is to be disabled in a preset configuration file as specified in the manpage for {{ic|systemd.preset}}.}}<br />
<br />
=== Sandboxing application environments ===<br />
A unit file can be created as a sandbox to isolate applications and their processes within a hardened virtual environment. systemd leverages [[wikipedia:Linux_namespaces|namespaces]], white-/blacklisting of [[Capabilities]], and [[control groups]] to container processes through an extensive [https://www.freedesktop.org/software/systemd/man/systemd.exec.html execution environment configuration].<br />
<br />
The enhancement of an existing systemd unit file with application sandboxing typically requires trial-and-error tests accompanied by the generous use of {{Pkg|strace}}, [[wikipedia:Standard_streams#Standard_error_.28stderr.29|stderr]] and [https://www.freedesktop.org/software/systemd/man/journalctl.html journalctl] error logging and output facilities. You may want to first search upstream documentation for already done tests to base trials on.<br />
<br />
Some examples on how sandboxing with systemd can be deployed:<br />
* {{Ic|CapabilityBoundingSet}} defines a whitelisted set of allowed capabilities, but may also be used to blacklist a specific capability for a unit.<br />
** The {{Ic|CAP_SYS_ADM}} capability, for example, which should be one of the [https://lwn.net/Articles/486306/ goals of a secure sandbox]: {{ic|1=CapabilityBoundingSet=~ CAP_SYS_ADM}}<br />
<br />
== Troubleshooting ==<br />
<br />
=== Investigating systemd errors ===<br />
<br />
As an example, we will investigate an error with {{ic|systemd-modules-load}} service:<br />
<br />
'''1.''' Lets find the ''systemd'' services which fail to start at boot time:<br />
<br />
{{hc|1=$ systemctl --state=failed|2=<br />
systemd-modules-load.service loaded '''failed failed''' Load Kernel Modules}}<br />
<br />
Another way is to live log ''systemd'' messages:<br />
<br />
$ journalctl -fp err<br />
<br />
'''2.''' Ok, we found a problem with {{ic|systemd-modules-load}} service. We want to know more:<br />
{{hc|$ systemctl status systemd-modules-load|2=<br />
systemd-modules-load.service - Load Kernel Modules<br />
Loaded: loaded (/usr/lib/systemd/system/systemd-modules-load.service; static)<br />
Active: '''failed''' (Result: exit-code) since So 2013-08-25 11:48:13 CEST; 32s ago<br />
Docs: man:systemd-modules-load.service(8).<br />
man:modules-load.d(5)<br />
Process: '''15630''' ExecStart=/usr/lib/systemd/systemd-modules-load ('''code=exited, status=1/FAILURE''')<br />
}}<br />
If the {{ic|Process ID}} is not listed, just restart the failed service with {{ic|systemctl restart systemd-modules-load}}<br />
<br />
'''3.''' Now we have the process id (PID) to investigate this error in depth. Enter the following command with the current {{ic|Process ID}} (here: 15630):<br />
{{hc|1=$ journalctl _PID=15630|2=<br />
-- Logs begin at Sa 2013-05-25 10:31:12 CEST, end at So 2013-08-25 11:51:17 CEST. --<br />
Aug 25 11:48:13 mypc systemd-modules-load[15630]: '''Failed to find module 'blacklist usblp''''<br />
Aug 25 11:48:13 mypc systemd-modules-load[15630]: '''Failed to find module 'install usblp /bin/false'''' <br />
}}<br />
<br />
'''4.''' We see that some of the kernel module configs have wrong settings. Therefore we have a look at these settings in {{ic|/etc/modules-load.d/}}:<br />
{{hc|$ ls -Al /etc/modules-load.d/|<br />
...<br />
-rw-r--r-- 1 root root 79 1. Dez 2012 blacklist.conf<br />
-rw-r--r-- 1 root root 1 2. Mär 14:30 encrypt.conf<br />
-rw-r--r-- 1 root root 3 5. Dez 2012 printing.conf<br />
-rw-r--r-- 1 root root 6 14. Jul 11:01 realtek.conf<br />
-rw-r--r-- 1 root root 65 2. Jun 23:01 virtualbox.conf<br />
...<br />
}}<br />
<br />
'''5.''' The {{ic|Failed to find module 'blacklist usblp'}} error message might be related to a wrong setting inside of {{ic|blacklist.conf}}. Lets deactivate it with inserting a trailing '''#''' before each option we found via step 3:<br />
{{hc|/etc/modules-load.d/blacklist.conf|<br />
'''#''' blacklist usblp<br />
'''#''' install usblp /bin/false<br />
}}<br />
<br />
'''6.''' Now, try to start {{ic|systemd-modules-load}}:<br />
# systemctl start systemd-modules-load<br />
If it was successful, this should not prompt anything. If you see any error, go back to step 3 and use the new PID for solving the errors left.<br />
<br />
If everything is ok, you can verify that the service was started successfully with:<br />
{{hc|$ systemctl status systemd-modules-load|2=<br />
systemd-modules-load.service - Load Kernel Modules<br />
Loaded: '''loaded''' (/usr/lib/systemd/system/systemd-modules-load.service; static)<br />
Active: '''active (exited)''' since So 2013-08-25 12:22:31 CEST; 34s ago<br />
Docs: man:systemd-modules-load.service(8)<br />
man:modules-load.d(5)<br />
Process: 19005 ExecStart=/usr/lib/systemd/systemd-modules-load (code=exited, status=0/SUCCESS)<br />
Aug 25 12:22:31 mypc systemd[1]: '''Started Load Kernel Modules'''.<br />
}}<br />
<br />
=== Diagnosing boot problems ===<br />
<br />
''systemd'' has several options for diagnosing problems with the boot process. See [[boot debugging]] for more general instructions and options to capture boot messages before ''systemd'' takes over the [[boot process]]. Also see the [https://freedesktop.org/wiki/Software/systemd/Debugging/ systemd debugging documentation].<br />
<br />
=== Diagnosing a service ===<br />
<br />
If some ''systemd'' service misbehaves or you want to get more information about what is happening, set the {{ic|SYSTEMD_LOG_LEVEL}} [[environment variable]] to {{ic|debug}}. For example, to run the ''systemd-networkd'' daemon in debug mode:<br />
<br />
Add a [[#Drop-in files|drop-in file]] for the service adding the two lines:<br />
<br />
[Service]<br />
Environment=SYSTEMD_LOG_LEVEL=debug<br />
<br />
Or equivalently, set the environment variable manually:<br />
<br />
# SYSTEMD_LOG_LEVEL=debug /lib/systemd/systemd-networkd<br />
<br />
then [[restart]] ''systemd-networkd'' and watch the journal for the service with the {{ic|-f}}/{{ic|--follow}} option.<br />
<br />
=== Shutdown/reboot takes terribly long ===<br />
<br />
If the shutdown process takes a very long time (or seems to freeze) most likely a service not exiting is to blame. ''systemd'' waits some time for each service to exit before trying to kill it. To find out if you are affected, see [https://freedesktop.org/wiki/Software/systemd/Debugging/#shutdowncompleteseventually this article].<br />
<br />
=== Short lived processes do not seem to log any output ===<br />
<br />
If {{ic|journalctl -u foounit}} does not show any output for a short lived service, look at the PID instead. For example, if {{ic|systemd-modules-load.service}} fails, and {{ic|systemctl status systemd-modules-load}} shows that it ran as PID 123, then you might be able to see output in the journal for that PID, i.e. {{ic|journalctl -b _PID&#61;123}}. Metadata fields for the journal such as {{ic|_SYSTEMD_UNIT}} and {{ic|_COMM}} are collected asynchronously and rely on the {{ic|/proc}} directory for the process existing. Fixing this requires fixing the kernel to provide this data via a socket connection, similar to {{ic|SCM_CREDENTIALS}}. In short, it is a [https://github.com/systemd/systemd/issues/2913 bug]. Keep in mind that immediately failed services might not print anything to the journal as per design of systemd.<br />
<br />
=== Boot time increasing over time ===<br />
<br />
After using {{ic|systemd-analyze}} a number of users have noticed that their boot time has increased significantly in comparison with what it used to be. After using {{ic|systemd-analyze blame}} [[NetworkManager]] is being reported as taking an unusually large amount of time to start. <br />
<br />
The problem for some users has been due to {{ic|/var/log/journal}} becoming too large. This may have other impacts on performance, such as for {{ic|systemctl status}} or {{ic|journalctl}}. As such the solution is to remove every file within the folder (ideally making a backup of it somewhere, at least temporarily) and then setting a journal file size limit as described in [[Systemd/Journal#Journal size limit]].<br />
<br />
=== systemd-tmpfiles-setup.service fails to start at boot ===<br />
<br />
Starting with systemd 219, {{ic|/usr/lib/tmpfiles.d/systemd.conf}} specifies ACL attributes for directories under {{ic|/var/log/journal}} and, therefore, requires ACL support to be enabled for the filesystem the journal resides on.<br />
<br />
See [[Access Control Lists#Enabling ACL]] for instructions on how to enable ACL on the filesystem that houses {{ic|/var/log/journal}}.<br />
<br />
=== systemd version printed on boot is not the same as installed package version ===<br />
<br />
You need to [[Mkinitcpio#Image_creation_and_activation|regenerate your initramfs]] and the versions should match. <br />
<br />
{{Tip|1=A pacman hook can be used to automatically regenerate the initramfs every time {{pkg|systemd}} is upgraded. See [https://bbs.archlinux.org/viewtopic.php?id=215411 this forum thread] and [[Pacman#Hooks]].}}<br />
<br />
=== Disable emergency mode on remote machine ===<br />
<br />
You may want to disable emergency mode on a remote machine, for example, a virtual machine hosted at Azure or Google Cloud. It is because if emergency mode is triggered, the machine will be blocked from connecting to network.<br />
<br />
# systemctl mask emergency.service<br />
# systemctl mask emergency.target<br />
<br />
== See also ==<br />
<br />
*[[Wikipedia:systemd|Wikipedia article]]<br />
*[https://www.freedesktop.org/wiki/Software/systemd systemd Official web site]<br />
**[https://www.freedesktop.org/wiki/Software/systemd/Optimizations systemd optimizations]<br />
**[https://www.freedesktop.org/wiki/Software/systemd/FrequentlyAskedQuestions systemd FAQ]<br />
**[https://www.freedesktop.org/wiki/Software/systemd/TipsAndTricks systemd Tips and tricks]<br />
*[https://www.freedesktop.org/software/systemd/man/ Manual pages]<br />
*Other distributions<br />
**[https://wiki.gentoo.org/wiki/Systemd Gentoo Wiki systemd page]<br />
**[https://fedoraproject.org/wiki/Systemd Fedora Project - About systemd]<br />
**[https://fedoraproject.org/wiki/How_to_debug_Systemd_problems Fedora Project - How to debug systemd problems]<br />
**[https://fedoraproject.org/wiki/SysVinit_to_Systemd_Cheatsheet Fedora Project - SysVinit to systemd cheatsheet]<br />
**[[debian:systemd|Debian Wiki systemd page]]<br />
*[http://0pointer.de/blog/projects/systemd.html Lennart's blog story], [http://0pointer.de/blog/projects/systemd-update.html update 1], [http://0pointer.de/blog/projects/systemd-update-2.html update 2], [http://0pointer.de/blog/projects/systemd-update-3.html update 3], [http://0pointer.de/blog/projects/why.html summary]<br />
*[http://0pointer.de/public/systemd-ebook-psankar.pdf systemd for Administrators (PDF)]<br />
*[https://www.digitalocean.com/community/tutorials/how-to-use-systemctl-to-manage-systemd-services-and-units How To Use Systemctl to Manage Systemd Services and Units ]<br />
*[https://dvdhrm.wordpress.com/2013/08/24/session-management-on-linux/ Session management with systemd-logind]<br />
*[[Emacs#Syntax highlighting for systemd Files|Emacs Syntax highlighting for Systemd files]]<br />
*[http://www.h-online.com/open/features/Control-Centre-The-systemd-Linux-init-system-1565543.html Two] [http://www.h-online.com/open/features/Booting-up-Tools-and-tips-for-systemd-1570630.html part] introductory article in ''The H Open'' magazine.</div>
Sangy
https://wiki.archlinux.org/index.php?title=Package_Maintainers&diff=532606
Package Maintainers
2018-08-06T20:48:32Z
<p>Sangy: Added sangy (myself) to the Trusted User table</p>
<hr />
<div>[[Category:Arch development]]<br />
[[fr:TU]]<br />
[[ja:Trusted Users]]<br />
[[pt:Trusted Users]]<br />
The [https://www.archlinux.org/people/trusted-users/ Trusted Users] serve the following purposes:<br />
# Maintain the ''community'' repository as an intermediary between Arch Linux's [[official repositories]] and the unsupported package collection in the [[AUR]].<br />
# Maintain, manage, and watch over the operation of the [[AUR]].<br />
<br />
== How do I become a TU? ==<br />
The ''minimum'' requirements to becoming a TU are as follows:<br />
* know basic shell scripting<br />
* maintain a few packages in AUR with clean, high-quality PKGBUILDs<br />
* basic community involvement (mailing list, forums, IRC)<br />
* know Google-Fu<br />
* a general idea of the kind of packages you want to maintain (basically, why do you want to become TU?)<br />
<br />
Even though you could become a TU by merely fulfilling those minimum requirements, the people judging you during the [https://aur.archlinux.org/trusted-user/TUbylaws.html#_standard_voting_procedure standard voting procedure] might expect more from you. Such as:<br />
* involvement in the bug tracker (reporting, research, info)<br />
* patches for Arch projects<br />
* involvement in a few open-source projects (even if they are your own)<br />
<br />
If you still feel up to becoming a TU after reading these lines, the first step is to find a TU who agrees to sponsor you. Once sponsored, you should write a witty application signed with your GPG key to the aur-general mailing list.<br />
<br />
{{Note|Should the TU you contact decline to sponsor your application, you should make this fact known if you seek sponsorship from another TU.}}<br />
<br />
For more information, see the [https://aur.archlinux.org/trusted-user/TUbylaws.html Trusted User Bylaws] and [[AUR Trusted User Guidelines]].<br />
<br />
== Active Trusted Users ==<br />
{| class="wikitable"<br />
|- style="border-bottom:solid 2px"<br />
|style="font-weight: bold;padding-right:120px"|Nick<br />
|style="font-weight: bold;padding-right:200px"|Name<br />
|style="font-weight: bold;"|E-Mail<br />
|-<br />
|[https://aur.archlinux.org/packages/?K=Alad&SeB=m alad]||[[User:Alad|Alad Wenter]]||alad@archlinux.org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=alucryd&SeB=m alucryd]||Maxime Gauduin||alucryd@archlinux.org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Ambrevar&SeB=m Ambrevar]||[[User:Ambrevar|Pierre Neidhardt]]||ambrevar@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=anatolik&SeB=m anatolik]||Anatol Pomozov||anatol dot pomozov + arch at gmail<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=andrewSC&SeB=m andrewSC]||Andrew Crerar||andrew (at) crerar (dot) io<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=anthraxx&SeB=m anthraxx]||[[User:anthraxx|Levente Polyak]]||anthraxx [at] archlinux [dot] org<br />
|-<br />
|[https://aur.archlinux.org/packages/?SeB=m&K=arcanis arcanis]||Evgeniy Alekseev||arcanis DOT arch AT gmail DOT com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=ArchangeGabriel&SeB=m ArchangeGabriel]||Bruno Pagani||bruno.n.pagani@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages/?SeB=m&K=arojas arojas]||Antonio Rojas||arojas@archlinux.org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Barthalion&SeB=m Barthalion]||Bartłomiej Piotrowski||spam@bpiotrowski.pl<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=BlackIkeEagle&SeB=m BlackIkeEagle]||[[User:BlackEagle|Ike Devolder]]||ike DOT devolder AT gmail DOT com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=bluewind&SeB=m Bluewind]||Florian Pritz|| bluewind@xinu.at<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=City-busz&SeB=m City-busz]||Balló György||ballogyor+arch at gmail dot com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=coderobe&SeB=m coderobe]||Robin Broda||ebova ng oebqn qbg zr (rot13)<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=ConnorBehan&SeB=m ConnorBehan]||Connor Behan||connor.behan@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=lfleischer&SeB=m lfleischer]||Lukas Fleischer||lfleischer at archlinux dot org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=eworm&SeB=m eworm]||Christian Hesse||mail@eworm.de<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Dragonlord&SeB=m Dragonlord]||[[User:Drag0nl0rd|Jaroslav Lichtblau]]||dragonlord @ aur archlinux org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=dvzrv&SeB=m dvzrv]||[[User:Davezerave|David Runge]]|| dave@sleepmap.de<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=eschwartz&SeB=m eschwartz]||Eli Schwartz|| eschwartz@archlinux.org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=escondida&SeB=m escondida]||Ivy Foster||code @ escondida dot tk<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=farseerfc&SeB=m farseerfc]||Jiachen Yang||farseerfc[at]gmail[dot]com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=felixonmars&SeB=m felixonmars]||Felix Yan||felixonmars@archlinux.org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=FFY00&SeB=m FFY00]||Filipe Laíns||[mailto:lains@archlinux.org lains@archlinux.org]<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Foxboron&SeB=m Foxboron]||Morten Linderud||foxboron@archlinux.org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=foxxx0&SeB=m foxxx0]||Thore Bödecker||me [at] foxxx0 [dot] de<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=giniu&SeB=m giniu]||[[User:giniu|Andrzej Giniewicz]]||gginiu@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages/?SeB=m&K=grazzolini grazzolini]||Giancarlo Razzolini||grazzolini [at] gmail [dot] com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=heftig&SeB=m heftig]||Jan Alexander Steffens||jan.steffens@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=jelly&SeB=m jelly]||Jelle van der Waa|| jelle vdwaa nl<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=jleclanche&SeB=m jleclanche]||[[User:jleclanche|Jerome Leclanche]]||jerome''@''leclan''.''ch<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=jsteel&SeB=m jsteel]||Jonathan Steel||jsteel at aur.archlinux.org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=keenerd&SeB=m keenerd]||Kyle Keen||keenerd@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Kyrias&SeB=m Kyrias]||[[User:Kyrias|Johannes Löthberg]]||johannes@kyriasis.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=lordheavy&SeB=m Lordheavy]||[[User:Lordheavy|Laurent Carlier]]||lordheavym at gmail com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=mtorromeo&SeB=m mtorromeo]||Massimiliano Torromeo||massimiliano.torromeo@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Muflone&SeB=m Muflone]||Fabio Castelli||webreg (at) vbsimple.net<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=NicoHood&SeB=m NicoHood]||NicoHood||archlinux (cat) nicohood (dog) de<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=sangy&SeB=m sangy]||Santiago Torres-Arias|| santiago @ archlinux ⇶ org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=schivmeister&SeB=m schivmeister]||[[User:Schivmeister|Ray Rashif]]||schiv archlinux org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=schuay&SeB=m schuay]||Jakob Gruber||jakob.gruber@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=seblu&SeB=m seblu]||Sébastien Luttringer||s е b l u ''at'' a r c h l і n ux ''dot'' o r g<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=sergej&SeB=m sergej]||[[User:Sergej|Sergej Pupykin]]||pupykin.s+arch@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=shibumi&SeB=m shibumi]||[[User:shibumi|Christian Rebischke]]||Chris.Rebischke [at] archlinux [dot] org<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=stativ&SeB=m stativ]||Lukas Jirkovsky||l.jirkovsky strange_curved_character gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=svenstaro&SeB=m svenstaro]||[[User:svenstaro|Sven-Hendrik Haase]]||sh@lutzhaase.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=tensor5&SeB=m tensor5]||Nicola Squartini||tensor5@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=wild&SeB=m wild]||[[User:vild|Dan Printzell]]||[mailto:arch@vild.io arch@vild.io]<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Xyne&SeB=m Xyne]||Xyne||ca . archlinux @ xyne, in reverse order<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=xyproto&SeB=m xyproto]||Alexander Rødseth||rodseth@gmail.com<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=zorun&SeB=m zorun]||Baptiste Jonglez||archlinux bitsofnetworks org<br />
|}<br />
<br />
== Inactive Trusted Users ==<br />
{| class="wikitable"<br />
|- style="border-bottom:solid 2px"<br />
|style="font-weight: bold;padding-right:120px"|Nick<br />
|style="font-weight: bold;padding-right:200px"|Name<br />
|style="font-weight: bold;"|E-Mail<br />
|style="font-weight: bold;"|Comments/Reference<br />
|-<br />
|}<br />
<br />
== Some Past Trusted Users ==<br />
{| class="wikitable"<br />
|- style="border-bottom:solid 2px"<br />
|style="font-weight: bold;padding-right:120px"|Nick<br />
|style="font-weight: bold;padding-right:200px"|Name<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=abhidg&SeB=m abhidg]||Abhishek Dasgupta<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Allan&SeB=m Allan]||Allan McRae<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=anders&SeB=m anders]||Anders Bergh<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=angvp&SeB=m angvp]||[[User:Angvp|Angel Velásquez]]<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Atsutane&SeB=m Atsutane]||Thorsten Töpper<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=bardo&SeB=m bardo]||Corrado Primier<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=ndr&SeB=m ndr]||Andrea Scarpino<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=bfinch&SeB=m bfinch]||Bob Finch<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=brain0&SeB=m brain0]||Thomas Bächler<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=bjorn&SeB=m bjorn]||[[User:Bjørn|Bjørn Lindeijer]]<br />
|- <br />
|[https://aur.archlinux.org/packages/?K=Cinelli&SeB=m cinelli] ||Federico Cinelli<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=codemac&SeB=m codemac]||Jeff Mickey<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=cmb&SeB=m cmb]||Chris Brannon<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Daenyth&SeB=m Daenyth]||Daenyth Blank<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=DaNiMoTh&SeB=m DaNiMoTh]||JJ. DaNiMoTh<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=dejari&SeB=m dejari]||Leslie P. Polzer<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=dsa&SeB=m dsa]||Douglas Soares de Andrade<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=dtw&SeB=m dtw]||Phil Dillon-Thiselton<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=elasticdog&SeB=m elasticdog]||Aaron Bull Schaefer<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=encelo&SeB=m encelo]||Angelo Theodorou<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=even&SeB=m even] ||Kessia Pinheiro<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=faidoc&SeB=m Faidoc]||Alexandre Filgueira<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=falconindy&SeB=m falconindy]||Dave Reisner<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=foutrelis&SeB=m foutrelis]||Evangelos Foutras<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=filoktetes&SeB=m filoktetes]||Robert Emil Berge<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=firmicus&SeB=m firmicus]||François Charette<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=flexiondotorg&SeB=m flexiondotorg]||Martin Wimpress<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=ganja_guru&SeB=m ganja_guru]||Varun Acharya<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=gcarrier&SeB=m gcarrier]||Geoffroy Carrier<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Ghost1227&SeB=m Ghost1227]||Dan Griffiths<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=gtmanfred&SeB=m gtmanfred]||Daniel Wallace<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=gummibaerchen&SeB=m gummibaerchen]||Timm Preetz<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=hdoria&SeB=m hdoria]||Hugo Doria<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=iphitus&SeB=m iphitus]||James Rayner<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=itsbrad212&SeB=m itsbrad212]||Brad Fanella<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=kaitocracy&SeB=m kaitocracy]||Kaiting Chen<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=louipc&SeB=m louipc]||Loui Chang<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=mOLOk&SeB=m mOLOk]||Alessio Bolognino<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=nesl247&SeB=m nesl247]||Alex Heck<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Neverth&SeB=m Neverth]||Mikko Seppälä<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Partition&SeB=m Partition]||Mateusz Herych<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=petelewis&SeB=m petelewis]||Peter Lewis<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=PirateJonno&SeB=m PirateJonno]||Jonathan Conder<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=phrakture&SeB=m phrakture]||Aaron Griffin<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Pierre&SeB=m Pierre]||Pierre Schmitz<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=pizzapunk&SeB=m pizzapunk]||Alexander Fehr<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=pjmattal&SeB=m pjmattal]||Paul Mattal<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=pressh&SeB=m pressh]||Ronald van Haren<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Ranguvar&SeB=m Ranguvar]||Devin Cofer<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Romashka&SeB=m Romashka]||Roman Kyrylych<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=shastry&SeB=m shastry]||Vinay S Shastry<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Snowman&SeB=m Snowman]||Eric Bélanger<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=shinlun&SeB=m shinlun]||Shinlun Hsieh<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=speps&SeB=m speps]||SpepS<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=StefanHusmann&SeB=m StefanHusmann]||Stefan Husmann<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=STiAT&SeB=m STiAT]||Georg Grabler<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=swiergot&SeB=m swiergot]||Jaroslaw Swierczynski<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=tardo&SeB=m tardo]||Shehzad Qureshi<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=td123&SeB=m td123]||Thomas Dziedzic<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=thatch45&SeB=m thatch45]||Thomas S Hatch<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=thotypous&SeB=m thotypous]||Paulo Matias<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=tredaelli&SeB=m tredaelli]||Timothy Redaelli<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=vegai&SeB=m vegai]||Vesa Kaihlavirta<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=voidnull&SeB=m voidnull]||Giovanni Scafora<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=wizzomafizzo&SeB=m wizzomafizzo]||Callan Barrett<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=wonder&SeB=m wonder]|| Ionut Biru<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Xilon&SeB=m Xilon]||Sebastian Nowicki<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=xterminus&SeB=m xterminus]||Charles Mauch<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=zeus&SeB=m zeus]||Zhukov Pavel<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=Dicebot&SeB=m Dicebot]||Mihails Strasuns<br />
|-<br />
|[https://aur.archlinux.org/packages.php?K=thestinger&SeB=m thestinger]||Daniel Micay<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Talk:Arch_Security_Team&diff=513462
Talk:Arch Security Team
2018-03-12T17:57:06Z
<p>Sangy: /* Sections */ proposed drafting outline</p>
<hr />
<div>== Sections ==<br />
The plan followed in the page is not very clear to me, I would rather start with a section like mission / objectives before the how to contribute. What do you think? -- [[User:Kewl|Kewl]] ([[User talk:Kewl|talk]]) 10:00, 12 March 2018 (UTC)<br />
<br />
: I think it's a good idea, mind sharing an outline here that we can comment/brainstorm on? [[User:Sangy|Sangy]] ([[User talk:Sangy|talk]]) 17:57, 12 March 2018 (UTC)</div>
Sangy
https://wiki.archlinux.org/index.php?title=DeveloperWiki:ReproducibleBuilds&diff=506842
DeveloperWiki:ReproducibleBuilds
2018-01-10T21:33:08Z
<p>Sangy: /* Agenda Meeting 10-01-2018 */ Add meeting minute</p>
<hr />
<div>[[Category:DeveloperWiki]]<br />
==Reproducible Builds==<br />
<br />
A list of reproducible build meetings and work in progress documentation.<br />
<br />
[https://tests.reproducible-builds.org/archlinux/archlinux.html Reproducible build results]<br />
<br />
===To-Do List===<br />
<br />
* Arch Linux Archive cleanup script<br />
*: A script to remove only packages from the Archive which are not required to create a reproducible build of the current repository. There is currently no Archive cleanup script in place at all. It's not determined yet how long Arch Linux wants to keep Archive packages around, so this should be configurable. Sangy already made a [https://git.archlinux.org/users/seblu/archivetools.git/ script] to determine packages which can be removed or not according to BUILDINFO files<br />
* Arch Linux Reproducible script<br />
:* A script to locally reproduce an installed package<br />
* Resolve reproducible build issues<br />
* Documentation about reproducing a build<br />
<br />
===Agenda Meeting 10-01-2018===<br />
<br />
* UTF-8 failures with Python.<br />
*: There are a lot of reproducible build issues due to the lack of LANG=$lang-UTF-8. Do we need to explicitly set the LANG in the PKGBUILD<br />
*: See for example https://tests.reproducible-builds.org/archlinux/community/python-cssselect2/build1.log<br />
* Package disorderfs<br />
*: Not high important right now, I've added it on my todolist. This could be used later in combination with the reproducible build script<br />
* Pacman release<br />
*: How do we convince the Pacman team to create a new release, are there any known blockers they waiting on? <br />
* Reproducible build script progress<br />
*: Discuss what the script exactly should do, create an RFC? To describe it's functionality.<br />
*: FIXME: add issues I encountered.<br />
* Arch Linux Archive: Don't remove packages mentioned in BUILDINFO file<br />
*: There is currently no script to remove old packages from the archive, it is not sure how long we want to keep old packges<br />
*: Sangy was working on this if I recall correctly, what is the status? [https://github.com/SantiagoTorres/reproarch-dependency-crawler poc script]<br />
<br />
*: Write documentation what this script should do. (Specification)<br />
* Killed builds<br />
*: Someone should investigate this, how do we reproduce this locally? Hints?<br />
* SSL verification issues<br />
*: How do we circumvent SSL issues from reproducing a package locally which was build earlier, when the SSL certificate was valid. HG and SVN are still left to be fixed.<br />
* Create a public to-do list<br />
*: We should get more people in to work on reproducible builds, how can we guide them and where do we keep track of the progress made and issues which require attention.<br />
<br />
The meeting minute can be seen [https://arch.nyu.wtf/logs/archlinux-reproducible/2018/archlinux-reproducible.2018-01-10-19.04.html here].</div>
Sangy
https://wiki.archlinux.org/index.php?title=Getting_involved&diff=497895
Getting involved
2017-11-22T20:45:06Z
<p>Sangy: /* add "help test packages" section */ This will help users willing to help with testing find the ATT article.</p>
<hr />
<div>[[Category:About Arch]]<br />
[[ar:Getting involved]]<br />
[[bg:Getting involved]]<br />
[[da:Getting involved]]<br />
[[el:Getting involved]]<br />
[[es:Getting involved]]<br />
[[fa:مشارکت]]<br />
[[fr:Aider]]<br />
[[hr:Getting involved]]<br />
[[id:Getting involved]]<br />
[[it:Getting involved]]<br />
[[ja:コミュニティに貢献]]<br />
[[ko:Getting involved]]<br />
[[lt:Getting involved]]<br />
[[nl:Getting involved]]<br />
[[pl:Getting involved]]<br />
[[pt:Getting involved]]<br />
[[ro:Cum vă puteți implica]]<br />
[[ru:Getting involved]]<br />
[[uk:Getting involved]]<br />
[[zh-hans:Getting involved]]<br />
[[zh-hant:Getting involved]]<br />
In evolutionary biology, [[Wikipedia:Co-operation (evolution)|cooperation]] describes interactions where an individual pays a small cost to yield a larger benefit to one or more others. If this costly contribution is reciprocated, everyone involved can benefit tremendously. This principle also applies to proactive members of the Arch community wanting to get involved and contribute to their favorite Linux distribution. Their participation benefits not only the community member and their fellow Archers, but all users of [[Wikipedia:Free and open source software|free and open source software]].<br />
<br />
This article describes how both new and experienced Arch users can contribute to the community. Note that this is not an exhaustive list.<br />
<br />
== Official Arch Linux projects ==<br />
<br />
Please get accustomed with the [[Code of conduct]].<br />
<br />
=== Post on the forums ===<br />
<br />
One of the easiest ways to get involved is participating in the [https://bbs.archlinux.org/ Arch Linux Forums], which allow getting to know the community and help new users.<br />
<br />
=== Improve this wiki ===<br />
<br />
[[ArchWiki:About|ArchWiki]] is a collaboratively maintained Arch Linux documentation. All users are encouraged to [[ArchWiki:Contributing|contribute]].<br />
<br />
=== Join the chatroom ===<br />
<br />
You can help other users solve problems on the [[IRC channel]]. It is of vital importance however, that you read the [[Code_of_conduct#IRC|channel rules]] before participating. [[IRC channel#Other channels|Further channels]] are available for specific topics.<br />
<br />
=== Report installed packages ===<br />
[[pkgstats]] provides a [[systemd/Timers|systemd timer]] that sends a list of the packages installed on your system, along with the architecture and the mirrors you use, to the Arch Linux developers in order to help them prioritize their efforts and make the distribution even better. The information is sent anonymously and cannot be used to identify you. You can view the collected data at the [https://www.archlinux.de/?page=Statistics Statistics page]. More information is available in [https://bbs.archlinux.org/viewtopic.php?id=105431 this forum thread].<br />
<br />
=== Fix and report bugs ===<br />
<br />
Reporting and fixing bugs on the [https://bugs.archlinux.org/ bug tracker] is one of the possible ways to help the community.<br />
<br />
However, ineffective use can be counter-productive. Please read the [[Reporting bug guidelines]].<br />
<br />
=== Inform about security issues ===<br />
<br />
New vulnerabilites are found all the time. Help the [[Arch Security Team]] keep track of new vulnerabilities.<br />
<br />
=== Help test packages ===<br />
<br />
Packages on the testing repositories need to be tried out and signed off before they are promoted to the main repositories. Help the [[Arch Testing Team]] test new packages.<br />
<br />
=== Create and adopt AUR packages ===<br />
<br />
The [[Arch User Repository]] contains community-made package scripts so that users can easily install software that is not in the official repositories. Popular packages get included into the [[Official repositories#community|official community repository]].<br />
<br />
You can help by creating and adopting packages.<br />
<br />
{{Pkg|aurphan}} can help you identify orphaned packages you use, so that you can adopt them.<br />
<br />
=== Official software projects ===<br />
<br />
You can get involved in the development of [https://git.archlinux.org/ official Arch Linux software projects].<br />
<br />
=== Donate money ===<br />
<br />
You can find out how to help sustaining server costs on the [https://www.archlinux.org/donate/ official Arch Linux donate page].<br />
<br />
== Community projects ==<br />
<br />
{{Note|All projects listed here are community projects. None of these projects are considered ''official'' Arch projects.}}<br />
<br />
Arch's community maintains many projects. Feel free to include yours!<br />
<br />
<!--<br />
#############################################<br />
<br />
1. Please sort projects alphabetically, breaking-out into additional category pages when needed<br />
2. Categories should be alphabetically listed<br />
3. When adding your project, include a link, start date and one or two sentences of description<br />
<br />
#############################################<br />
--><br />
=== Groups ===<br />
<br />
Arch-specific groups that you can engage in.<br />
; [[ArchMap]]<br />
: The ArchMap project creates a map of Arch Linux users all over the world.<br />
<br />
; [http://archaudio.org ArchAudio]<br />
: A third-party package repository and online discussion board for Arch Linux pro-audio users.<br />
<br />
; [http://www.reddit.com/r/archlinux/ Arch Linux Subreddit]<br />
: Place for reddit users to discuss Arch related issues.<br />
<br />
; [https://plus.google.com/communities/113935870359973712582 Arch Linux Google Plus Community]<br />
: A Google Plus community for Arch Linux users to interact, post questions, or general Arch Linux news conversations.<br />
<br />
; [[Arch Linux User Group]]<br />
: Local meet-up for users.<br />
<br />
; [http://archwomen.org/ Arch Women]<br />
: Group with the intention of resolving possible hurdles for female Arch users ([https://bbs.archlinux.org/viewtopic.php?id=136184 forum thread]).<br />
<br />
; [http://www.linkedin.com/groups?gid=1399787 LinkedIn Group]<br />
: Arch Linux group for users and professionals.<br />
<br />
=== Software ===<br />
<br />
Community-developed software that focuses on Arch Linux.<br />
<br />
; [[Arch User Repository]]<br />
: A large community-driven repository for Arch users.<br />
<br />
; [[Unofficial user repositories]]<br />
: Unofficial binary repositories maintained by community members.<br />
<br />
; [[AUR helpers]]<br />
: Utilities to aid end users in using the [[Arch User Repository]].<br />
<br />
; [[Pacman GUI Frontends]]<br />
: Graphical front-ends for [[pacman]].<br />
<br />
=== ArchWiki browsing ===<br />
<br />
They offer you some different methods to visit ArchWiki.<br />
<br />
; [https://github.com/lahwaacz/arch-wiki-docs arch-wiki-docs]<br />
: Pages from Arch Wiki optimized for offline browsing. Package: {{Pkg|arch-wiki-docs}}.<br />
<br />
; [http://kmkeen.com/arch-wiki-lite/ arch-wiki-lite]<br />
: Arch-wiki-lite is designed to offer the smoothest possible experience for the poor person stuck without internet access or any way of starting a graphical web browser. Package: {{Pkg|arch-wiki-lite}}.<br />
<br />
; [https://github.com/greg-js/arch-wiki-man arch-wiki-man]<br />
: The Arch Wiki easily accessible and searchable as man pages. Works offline. Package: {{AUR|arch-wiki-man}}.<br />
<br />
; [https://bbs.archlinux.org/viewtopic.php?id=150538 ArchWiki Viewer for Android]<br />
: A simple viewer for the ArchLinux Wiki online. Page content is formatted for optimal mobile viewing.<br />
<br />
; [https://bbs.archlinux.org/viewtopic.php?id=187864 Wikicurses]<br />
: A simple curses interface for MediaWiki sites such as ArchWiki or Wikipedia. Packages: {{AUR|wikicurses}}, {{AUR|wikicurses-git}}.<br />
<br />
=== Other ===<br />
<br />
; [http://xyne.archlinux.ca/projects/ Xyne's Arch Linux Projects]<br />
: A trusted user's arch-related projects.<br />
<br />
== FAQ ==<br />
<br />
=== How can I become an Arch Developer? ===<br />
<br />
The main motivation for your work on Arch should be helping the whole community, and not simply trying to become an ''Arch developer'' by any means.<br />
<br />
Usually, new developers are picked by the existing developers as the workload increases. Sometimes they post a position and you can apply to fill it, but more often, they just invite somebody they know would be good at it and would fit in well with the rest of the team. Having a portfolio of Arch contributions is the best way to make it on the team.<br />
<br />
Here is a list of things that you may do in order to gain some "popularity" towards Arch's developers:<br />
<br />
* Establish a reputation as being helpful by offering assistance whenever possible.<br />
* Answer questions on the forum, IRC, and mailing lists.<br />
* Join the [[Trusted Users]] to gain packaging experience to show your skills.<br />
* Submit packages to the AUR.<br />
* Join one of the offshoot projects that may be incorporated into Arch mainstream someday, or start your own.<br />
* Work on ''pacman'', ''makepkg'' or other [https://git.archlinux.org/ Arch projects] and submit patches to the bug tracker.<br />
* Traverse the [https://bugs.archlinux.org/ bug tracker] and fix existing bugs.<br />
* Find and submit new bugs.<br />
* Fix wiki errors, add new pages, clean up existing pages, and make sure the procedures are up-to-date.<br />
* Submit translations.<br />
<br />
=== How can I become a Trusted User? ===<br />
<br />
Please read [[Trusted Users#How do I become a TU?]].<br />
<br />
=== What can I do as an artist? ===<br />
<br />
Feel free to share wallpapers, splash screens, color palettes, widgets, themes, etc. with the community on the [https://bbs.archlinux.org/viewforum.php?id=47 art subforum].<br />
<br />
See also [https://www.archlinux.org/art/ Arch Linux Art].</div>
Sangy
https://wiki.archlinux.org/index.php?title=Arch_Testing_Team&diff=497531
Arch Testing Team
2017-11-20T04:30:41Z
<p>Sangy: /* first draft */</p>
<hr />
<div>[[Category:Arch development]]<br />
The Arch Testing Team is a group within the Arch community in charge of making sure that packages submitted to the testing repositories are functional. This includes, making sure that the package installs correctly, that it doesn't cause breakage with packages of which it depends on, among others.<br />
<br />
Arch Testers sign off packages after vouching for their correctness so that they can be moved from the testing repositories into the core, community, or extra repositories.<br />
<br />
==Contributing==<br />
You can apply to be an official Arch tester by contacting [https://www.archlinux.org/people/developers/#bluewind Florian Pritz] via [mailto:bluewind@xinu.at email] and requesting a tester account. <br />
<br />
If you're given a tester account, you should be able to log in into archweb and see a ''signoffs'' tab on it. The ''signoffs'' tab will contain a list of packages that are currently in the testing repositories and need at least two ''signoffs'' (i.e., a rubber-stamp vouching for the correctness of a package). <br />
<br />
You may then test the listed packages locally and signing them off if they are correct by clicking on the ''signoff'' button for each package.<br />
<br />
==Guidelines==<br />
<br />
In order to test an arch package, keep the following aspects in mind:<br />
<br />
* If you're testing a kernel or a package that relies on kernel modules, you '''should restart the machine and ensure that it boots correctly'''<br />
* Although testing on virtualization software is not prohibited, it may not be as useful as testing a package in a bare-metal installation. This applies specially to packages that are susceptible to different types of hardware, such as kernel packages.<br />
* Is you're testing a library, you may want to execute a binary that uses such library. Make sure the shared object file is loaded using ldd.<br />
* Likewise, if there is a package that ships executable packages, testing their basic functionality is encouraged.<br />
* If you notice an error when testing a package, contact the maintainer listed for that package with a detailed bug report including information such as:<br />
** Package name, version and pkgrel<br />
** Which component of the package was the one to error (e.g., one of the binaries, or a config file)<br />
** Root of the error (e.g., during installation, or usage, etc.)<br />
** Any relevant error messages/logs<br />
<br />
<br />
==Coordination==<br />
<br />
You can coordinate with other testers on the [irc://irc.freenode.net/archlinux-testing #archlinux-testing] IRC channel.<br />
<br />
You can follow updates by packager activity on the [https://list.archlinux.org/pipermail/arch-commits arch-commits] mailing list (high traffic).</div>
Sangy
https://wiki.archlinux.org/index.php?title=User:Sangy/Arch_Testing_Team&diff=494140
User:Sangy/Arch Testing Team
2017-10-27T02:56:57Z
<p>Sangy: First stab at the team page.</p>
<hr />
<div>[[Category:Arch development]]<br />
<br />
The Arch Testing Team is a group within the Arch community in charge of making sure that packages submitted to the testing repositories are functional. This includes, making sure that the package installs correctly, that it doesn't cause breakage with packages of which it depends on, among others.<br />
<br />
Arch Testers sign off packages after vouching for their correctness so that they can be moved from the testing repositories into the core, community, multilib or extra repositories.<br />
<br />
==Contributing==<br />
You can apply to be an official Arch tester by contacting [[User:bluewind]] via email and requesting a tester account. If you're given a tester account, you should be able to log in into archweb and see a ''signoffs'' tab on it. The ''signoffs'' tab will present the packages that are currently in the testing repositories and need a ''signoff''. A ''signoff'' is essentially a rubber-stamp made on your name vouching for the correctness of a package.<br />
<br />
You may then test the listed packages locally and signing them off if they are correct.<br />
<br />
==Guidelines==<br />
<br />
In order to test an arch package, keep the following aspects in mind:<br />
<br />
* If you're testing a kernel or a package that relies on kernel modules, you '''should restart the machine and ensure that it boots correctly'''<br />
* Although testing on virtualization software is not prohibited, it may not be as useful as testing a package in a bare-metal installation. This applies specially to packages that are susceptible to different types of hardware, such as kernel packages.<br />
* Is you're testing a library, you may want to execute a binary that uses such library. Make sure the shared object file is loaded using ldd.<br />
* Likewise, if there is a package that ships executable packages, testing their basic functionality is encouraged.<br />
* If you notice an error when testing a package, contact the maintainer listed for that package with a detailed bug report including information such as:<br />
** Package name, version and pkgrel<br />
** Which component of the package was the one to error (e.g., one of the binaries, or a config file)<br />
** Root of the error (e.g., during installation, or usage, etc.)<br />
** Any relevant error messages/logs<br />
<br />
<br />
==Coordination==<br />
<br />
You can coordinate with other testers on the [irc://irc.freenode.net/archlinux-testing #archlinux-testing] IRC channel.<br />
<br />
You can follow updates by packager activity on the [https://list.archlinux.org/pipermail/arch-commits arch-commits] mailing list (high traffic). <br />
<br />
== Team Members ==<br />
<br />
<br />
TODO</div>
Sangy
https://wiki.archlinux.org/index.php?title=Arch_Security_Team&diff=494139
Arch Security Team
2017-10-27T02:56:49Z
<p>Sangy: Spelling: hilight -> highlight</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
The Arch Security Team is a group of volunteers whose goal is to track security issues with Arch Linux packages. All issues are tracked on the [https://security.archlinux.org/ Arch Linux security tracker].<br />
<br />
It was formerly known as the Arch CVE Monitoring Team.<br />
<br />
==Contribute==<br />
Anyone can contribute to the Security Team and improve the security of Arch Linux. The most important job is to find and track issues assigned a [[wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilites and Exposure]] (CVE) number. Following the recommended mailing lists for new CVEs, along with other sources if required, is a good idea to stay updated on new issues.<br />
<br />
Advisories are published on the IRC channel for peer-review, and needs two acknowledgments from team members before being published. We encourage volunteers in the channel to look over the advisories for mistakes, questions, or comments about the advisory.<br />
<br />
The Arch Linux security tracker is a platform used by the Security Team to track packages, add CVEs and generate advisory text. Contributing code to the [https://github.com/archlinux/arch-security-tracker project] is a great way to contribute to the team.<br />
<br />
Derivative distributions that rely on Arch Linux package repositories are encouraged to contribute. This helps the security of all the users.<br />
<br />
==Guidelines==<br />
Follow the [irc://irc.freenode.net/archlinux-security #archlinux-security] IRC channel.<br />
<br />
Subscribe to the following mailing lists:<br />
* [https://lists.archlinux.org/listinfo/arch-security arch-security]<br />
* [http://oss-security.openwall.org/wiki/mailing-lists/oss-security oss-security]<br />
<br />
Packages qualified for an advisory has to be part of the following repositories:<br />
* ''core''<br />
* ''extra''<br />
* ''community''<br />
* ''multilib''<br />
<br />
==Procedure==<br />
<br />
A security vulnerability has been found in a software package within the Arch Linux official repositories. A Security Team member picks up this information.<br />
<br />
* In order to assure vulnerability, verify the report against the current package version (including possible patches), and collect as much information (also via search engines) as possible.<br />
** Enter the IRC channel if you need help verifying the security issue.<br />
* If upstream released a new version that corrects the issue, the Security Team member should flag the package out-of-date.<br />
** If the package has not been updated after a long delay, a bug report should be filed about the vulnerability.<br />
** If this is an important (critical) security issue, a bug report must be filed immediately after flagging the package out-of-date.<br />
** If there is no upstream release available, a bug report must be filed including the patches for mitigation.<br />
* If a bug report has been created, the following information is mandatory:<br />
** Description about the security issue and its impact<br />
** Links to the CVE-IDs and (upstream) report<br />
** If no release is available, links to the upstream patches (or attachments) that mitigate the issue<br />
* A team member will create an advisory on the [https://security.archlinux.org/ security tracker] and add the CVEs for tracking.<br />
* A team member with access to [https://lists.archlinux.org/listinfo/arch-security arch-security] will generate an ASA from the tracker and publish it.<br />
<br />
If you have a private bug to report, contact [https://mailman.archlinux.org/pipermail/arch-security/2014-June/000088.html security@archlinux.org]. Please note that the address for private bug reporting is ''security'', not ''arch-security''. A private bug is one that is too sensitive to post where anyone can read and exploit it, e.g. vulnerabilities in the Arch Linux infrastructure.<br />
<br />
==Resources==<br />
===RSS===<br />
;National Vulnerability Database (NVD)<br />
: All CVE vulnerabilites: https://nvd.nist.gov/download/nvd-rss.xml<br />
: All fully analyzed CVE vulnerabilities: https://nvd.nist.gov/download/nvd-rss-analyzed.xml<br />
<br />
===Mailing Lists===<br />
;oss-sec: Main list dealing with security of free software, a lot of CVE attributions happen here, required if you wish to follow security news.<br><br />
:Info: http://oss-security.openwall.org/wiki/mailing-lists/oss-security<br />
:Subscribe: oss-security-subscribe(at)lists.openwall.com<br />
:Archive: http://www.openwall.com/lists/oss-security/<br />
<br />
;BugTraq: A full disclosure moderated mailing list (noisy).<br />
:Info: http://www.securityfocus.com/archive/1/description<br />
:Subscribe: bugtraq-subscribe(at)securityfocus.com<br />
<br />
;Full-disclosure: Another full-disclosure mailing-list (noisy).<br />
:Info: http://lists.grok.org.uk/full-disclosure-charter.html<br />
:Subscribe: full-disclosure-request(at)lists.grok.org.uk<br />
<br />
Also consider following the mailing lists for specific packages, such as LibreOffice, X.org, Puppetlabs, ISC, etc.<br />
<br />
===Other Distributions===<br />
Resources of other distributions (to look for CVE, patch, comments etc.):<br />
;RedHat and Fedora:<br />
:Advisories feed: https://bodhi.fedoraproject.org/rss/updates/?type=security<br />
:CVE tracker: https://access.redhat.com/security/cve/<CVE-ID><br />
:Bug tracker: https://bugzilla.redhat.com/show_bug.cgi?id=<CVE-ID><br />
<br />
;Ubuntu:<br />
:Advisories feed: https://www.ubuntu.com/usn/atom.xml<br />
:CVE tracker: https://people.canonical.com/~ubuntu-security/cve/?cve=<CVE-ID><br />
:Database: https://code.launchpad.net/~ubuntu-security/ubuntu-cve-tracker/master<br />
<br />
;Debian:<br />
:CVE tracker: https://security-tracker.debian.org/tracker/<CVE-ID>/<br />
:Patch tracker: https://tracker.debian.org/pkg/patch<br />
:Database: https://anonscm.debian.org/viewvc/secure-testing/data/<br />
<br />
;OpenSUSE:<br />
:CVE tracker: https://www.suse.com/security/cve/<CVE-ID>/<br />
<br />
===Other===<br />
;Mitre and NVD links for CVE's:<br />
:https://cve.mitre.org/cgi-bin/cvename.cgi?name=<CVE-ID><br />
:https://web.nvd.nist.gov/view/vuln/detail?vulnId=<CVE-ID><br />
<br />
NVD and Mitre do not necessarily fill their CVE entry immediately after attribution, so it is not always relevant for Arch. The CVE-ID and the "Date Entry Created" fields do not have particular meaning. CVE are attributed by CVE Numbering Authorities (CNA), and each CNA obtain CVE blocks from Mitre when needed/asked, so the CVE ID is not linked to the attribution date. The "Date Entry Created" field often only indicates when the CVE block was given to the CNA, nothing more.<br />
<br />
;Linux Weekly News: LWN provides a daily notice of security updates for various distributions.<br />
:https://lwn.net/headlines/newrss<br />
<br />
===More===<br />
For more resources, please see the OpenWall's [http://oss-security.openwall.org/wiki/ Open Source Software Security Wiki].<br />
<br />
== Team Members ==<br />
<br />
{{Note|Run {{ic|!pingsec <msg>}} in [[IRC channels]] to highlight all current security team members.}}<br />
<br />
* [[User:anthraxx|Levente Polyak]]<br />
* [[User:rgacogne|Remi Gacogne]]<br />
* [[User:Shibumi|Christian Rebischke]]<br />
* [[User:Jelly|Jelle van der Waa]]<br />
* [[User:Sangy|Santiago Torres-Arias]]<br />
* [[User:pid1|Jonathan Roemer]]<br />
* [[User:Foxboron|Morten Linderud]]</div>
Sangy
https://wiki.archlinux.org/index.php?title=User:Sangy&diff=494137
User:Sangy
2017-10-27T02:31:04Z
<p>Sangy: /* Involvement */</p>
<hr />
<div>__NOTOC__<br />
===Involvement===<br />
Member of the [[Arch_Security_Team|Arch Security Team]].<br />
<br />
===Profession===<br />
Computer Scientist/Security Researcher<br />
<br />
===Location===<br />
Mexico<br />
<br />
===Contacts===<br />
torresariass ~et~ gmail.com<br><br />
irc://irc.freenode.net:sangy<br><br />
<br />
===PGP Key===<br />
[https://pgp.mit.edu/pks/lookup?op=get&search=0x468F122CE8162295 0x468F122CE8162295] <br><br />
(fingerprint 903B AB73 640E B6D6 5533 EFF3 468F 122C E816 2295)</div>
Sangy
https://wiki.archlinux.org/index.php?title=User:Sangy&diff=494136
User:Sangy
2017-10-27T02:30:37Z
<p>Sangy: /* Involvement */</p>
<hr />
<div>__NOTOC__<br />
===Involvement===<br />
Member of the [[Arch_security_team|Arch Security Team]].<br />
<br />
===Profession===<br />
Computer Scientist/Security Researcher<br />
<br />
===Location===<br />
Mexico<br />
<br />
===Contacts===<br />
torresariass ~et~ gmail.com<br><br />
irc://irc.freenode.net:sangy<br><br />
<br />
===PGP Key===<br />
[https://pgp.mit.edu/pks/lookup?op=get&search=0x468F122CE8162295 0x468F122CE8162295] <br><br />
(fingerprint 903B AB73 640E B6D6 5533 EFF3 468F 122C E816 2295)</div>
Sangy
https://wiki.archlinux.org/index.php?title=User:Foxboron/AST&diff=491684
User:Foxboron/AST
2017-09-28T19:53:50Z
<p>Sangy: /* Procedure */ stray "then"</p>
<hr />
<div>The Arch Security Team is a group of volunteers whose goal is to track security issues with Arch Linux packages. All issues are tracked on the [https://security.archlinux.org/ Arch Linux security tracker].<br />
<br />
It was formerly known as the Arch CVE Monitoring Team.<br />
<br />
==Contribute==<br />
Anyone can contribute to the Security Team and improve the security of Arch Linux. The most important job is to find and track issues assigned a [https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures Common Vulnerabilites and Exposure] (CVE) number. Following the recommended mailing lists for new CVEs, along with other sources if required, is a good idea to stay updated on new issues.<br />
<br />
Advisories are published on the IRC channel for peer-review, and needs two acknowledgments from team members before being published. We encourage volunteers in the channel to look over the advisories for mistakes, questions, or comments about the advisory.<br />
<br />
The Arch Linux security tracker is a platform used by the Security Team to track packages, add CVEs and generate advisory text. Contributing code to the [https://github.com/archlinux/arch-security-tracker project] is a great way to contribute to the team.<br />
<br />
Derivative distributions that rely on Arch Linux package repositories are encouraged to contribute. This helps the security of all the users.<br />
<br />
==Guidelines==<br />
Follow the [irc://irc.freenode.net/archlinux-security #archlinux-security] IRC channel.<br />
<br />
Subscribe to the following mailing lists:<br />
* [https://lists.archlinux.org/listinfo/arch-security arch-security]<br />
* [http://oss-security.openwall.org/wiki/mailing-lists/oss-security oss-security]<br />
<br />
Packages qualified for an advisory has to be part of the following repositories:<br />
* ''core''<br />
* ''extra''<br />
* ''community''<br />
* ''multilib''<br />
<br />
==Procedure==<br />
<br />
A security vulnerability has been found in a software package within the Arch Linux official repositories. A Security Team member picks up this information.<br />
<br />
* In order to assure vulnerability, verify the report against the current package version (including possible patches), and collect as much information (also via search engines) as possible.<br />
** Enter the IRC channel if you need help verifying the security issue.<br />
* If upstream released a new version that corrects the issue, the Security Team member should flag the package out-of-date.<br />
** If the package has not been updated after a long delay, a bug report should be filed about the vulnerability.<br />
** If this is an important (critical) security issue, a bug report must be filed immediately after flagging the package out-of-date.<br />
** If there is no upstream release available, a bug report must be filed including the patches for mitigation.<br />
* If a bug report has been created, the following information is mandatory:<br />
** Description about the security issue and its impact<br />
** Links to the CVE-IDs and (upstream) report<br />
** If no release is available, links to the upstream patches (or attachments) that mitigate the issue<br />
* A team member will create an advisory on the [https://security.archlinux.org/ security tracker] and add the CVEs for tracking.<br />
* A team member with access to [https://lists.archlinux.org/listinfo/arch-security arch-security] will generate an ASA from the tracker and publish it.<br />
<br />
If you have a private bug to report, contact [https://mailman.archlinux.org/pipermail/arch-security/2014-June/000088.html security@archlinux.org]. Please note that the address for private bug reporting is ''security'', not ''arch-security''. A private bug is one that is too sensitive to post where anyone can read and exploit it, e.g. vulnerabilities in the Arch Linux infrastructure.<br />
<br />
==Resources==<br />
===RSS===<br />
;National Vulnerability Database (NVD)<br />
: All CVE vulnerabilites: https://nvd.nist.gov/download/nvd-rss.xml<br />
: All fully analyzed CVE vulnerabilities: https://nvd.nist.gov/download/nvd-rss-analyzed.xml<br />
<br />
===Mailing Lists===<br />
;oss-sec: Main list dealing with security of free software, a lot of CVE attributions happen here, required if you wish to follow security news.<br><br />
:Info: http://oss-security.openwall.org/wiki/mailing-lists/oss-security<br />
:Subscribe: oss-security-subscribe(at)lists.openwall.com<br />
:Archive: http://www.openwall.com/lists/oss-security/<br />
<br />
;BugTraq: A full disclosure moderated mailing list (noisy).<br />
:Info: http://www.securityfocus.com/archive/1/description<br />
:Subscribe: bugtraq-subscribe(at)securityfocus.com<br />
<br />
;Full-disclosure: Another full-disclosure mailing-list (noisy).<br />
:Info: http://lists.grok.org.uk/full-disclosure-charter.html<br />
:Subscribe: full-disclosure-request(at)lists.grok.org.uk<br />
<br />
Also consider following the mailing lists for specific packages, such as LibreOffice, X.org, Puppetlabs, ISC, etc.<br />
<br />
===Other Distributions===<br />
Resources of other distributions (to look for CVE, patch, comments etc.):<br />
;RedHat and Fedora:<br />
:Advisories feed: https://bodhi.fedoraproject.org/rss/updates/?type=security<br />
:CVE tracker: https://access.redhat.com/security/cve/<CVE-ID><br />
:Bug tracker: https://bugzilla.redhat.com/show_bug.cgi?id=<CVE-ID><br />
<br />
;Ubuntu:<br />
:Advisories feed: https://www.ubuntu.com/usn/atom.xml<br />
:CVE tracker: https://people.canonical.com/~ubuntu-security/cve/?cve=<CVE-ID><br />
:Database: https://code.launchpad.net/~ubuntu-security/ubuntu-cve-tracker/master<br />
<br />
;Debian:<br />
:CVE tracker: https://security-tracker.debian.org/tracker/<CVE-ID>/<br />
:Patch tracker: https://tracker.debian.org/pkg/patch<br />
:Database: https://anonscm.debian.org/viewvc/secure-testing/data/<br />
<br />
;OpenSUSE:<br />
:CVE tracker: https://www.suse.com/security/cve/<CVE-ID>/<br />
<br />
===Other===<br />
;Mitre and NVD links for CVE's:<br />
:https://cve.mitre.org/cgi-bin/cvename.cgi?name=<CVE-ID><br />
:https://web.nvd.nist.gov/view/vuln/detail?vulnId=<CVE-ID><br />
<br />
NVD and Mitre do not necessarily fill their CVE entry immediately after attribution, so it is not always relevant for Arch. The CVE-ID and the "Date Entry Created" fields do not have particular meaning. CVE are attributed by CVE Numbering Authorities (CNA), and each CNA obtain CVE blocks from Mitre when needed/asked, so the CVE ID is not linked to the attribution date. The "Date Entry Created" field often only indicates when the CVE block was given to the CNA, nothing more.<br />
<br />
;Linux Weekly News: LWN provides a daily notice of security updates for various distributions.<br />
:https://lwn.net/headlines/newrss<br />
<br />
===More===<br />
For more resources, please see the OpenWall's [http://oss-security.openwall.org/wiki/ Open Source Software Security Wiki].<br />
<br />
== Team Members ==<br />
<br />
{{Note|Run {{ic|!pingsec <msg>}} in [https://wiki.archlinux.org/index.php/IRC_channel IRC channels] to hilight all current security team members.}}<br />
<br />
* [[User:anthraxx|Levente Polyak]]<br />
* [[User:rgacogne|Remi Gacogne]]<br />
* [[User:Shibumi|Christian Rebischke]]<br />
* [[User:Jelly|Jelle van der Waa]]<br />
* [[User:Sangy|Santiago Torres-Arias]]<br />
* [[User:pid1|Jonathan Roemer]]<br />
* [[User:Foxboron|Morten Linderud]]</div>
Sangy
https://wiki.archlinux.org/index.php?title=User:Foxboron/AST&diff=491683
User:Foxboron/AST
2017-09-28T19:53:24Z
<p>Sangy: /* Procedure */ Minor rewording/highlighting changes</p>
<hr />
<div>The Arch Security Team is a group of volunteers whose goal is to track security issues with Arch Linux packages. All issues are tracked on the [https://security.archlinux.org/ Arch Linux security tracker].<br />
<br />
It was formerly known as the Arch CVE Monitoring Team.<br />
<br />
==Contribute==<br />
Anyone can contribute to the Security Team and improve the security of Arch Linux. The most important job is to find and track issues assigned a [https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures Common Vulnerabilites and Exposure] (CVE) number. Following the recommended mailing lists for new CVEs, along with other sources if required, is a good idea to stay updated on new issues.<br />
<br />
Advisories are published on the IRC channel for peer-review, and needs two acknowledgments from team members before being published. We encourage volunteers in the channel to look over the advisories for mistakes, questions, or comments about the advisory.<br />
<br />
The Arch Linux security tracker is a platform used by the Security Team to track packages, add CVEs and generate advisory text. Contributing code to the [https://github.com/archlinux/arch-security-tracker project] is a great way to contribute to the team.<br />
<br />
Derivative distributions that rely on Arch Linux package repositories are encouraged to contribute. This helps the security of all the users.<br />
<br />
==Guidelines==<br />
Follow the [irc://irc.freenode.net/archlinux-security #archlinux-security] IRC channel.<br />
<br />
Subscribe to the following mailing lists:<br />
* [https://lists.archlinux.org/listinfo/arch-security arch-security]<br />
* [http://oss-security.openwall.org/wiki/mailing-lists/oss-security oss-security]<br />
<br />
Packages qualified for an advisory has to be part of the following repositories:<br />
* ''core''<br />
* ''extra''<br />
* ''community''<br />
* ''multilib''<br />
<br />
==Procedure==<br />
<br />
A security vulnerability has been found in a software package within the Arch Linux official repositories. A Security Team member picks up this information.<br />
<br />
* In order to assure vulnerability, verify the report against the current package version (including possible patches), and collect as much information (also via search engines) as possible.<br />
** Enter the IRC channel if you need help verifying the security issue.<br />
* If upstream released a new version that corrects the issue, the Security Team member should flag the package out-of-date.<br />
** If the package has not been updated after a long delay, a bug report should be filed about the vulnerability.<br />
** If this is an important (critical) security issue, a bug report must be filed immediately after flagging the package out-of-date.<br />
** If there is no upstream release available, a bug report must be filed including the patches for mitigation.<br />
* If a bug report has been created, the following information is mandatory:<br />
** Description about the security issue and its impact<br />
** Links to the CVE-IDs and (upstream) report<br />
** If no release is available, links to the upstream patches (or attachments) that mitigate the issue<br />
* A team member will create an advisory on the [https://security.archlinux.org/ security tracker] and add the CVEs for tracking.<br />
* A team member with access to [https://lists.archlinux.org/listinfo/arch-security arch-security] will generate an ASA from the tracker and publish it.<br />
<br />
If you have a private bug to report, then contact [https://mailman.archlinux.org/pipermail/arch-security/2014-June/000088.html security@archlinux.org]. Please note that the address for private bug reporting is ''security'', not ''arch-security''. A private bug is one that is too sensitive to post where anyone can read and exploit it, e.g. vulnerabilities in the Arch Linux infrastructure.<br />
<br />
==Resources==<br />
===RSS===<br />
;National Vulnerability Database (NVD)<br />
: All CVE vulnerabilites: https://nvd.nist.gov/download/nvd-rss.xml<br />
: All fully analyzed CVE vulnerabilities: https://nvd.nist.gov/download/nvd-rss-analyzed.xml<br />
<br />
===Mailing Lists===<br />
;oss-sec: Main list dealing with security of free software, a lot of CVE attributions happen here, required if you wish to follow security news.<br><br />
:Info: http://oss-security.openwall.org/wiki/mailing-lists/oss-security<br />
:Subscribe: oss-security-subscribe(at)lists.openwall.com<br />
:Archive: http://www.openwall.com/lists/oss-security/<br />
<br />
;BugTraq: A full disclosure moderated mailing list (noisy).<br />
:Info: http://www.securityfocus.com/archive/1/description<br />
:Subscribe: bugtraq-subscribe(at)securityfocus.com<br />
<br />
;Full-disclosure: Another full-disclosure mailing-list (noisy).<br />
:Info: http://lists.grok.org.uk/full-disclosure-charter.html<br />
:Subscribe: full-disclosure-request(at)lists.grok.org.uk<br />
<br />
Also consider following the mailing lists for specific packages, such as LibreOffice, X.org, Puppetlabs, ISC, etc.<br />
<br />
===Other Distributions===<br />
Resources of other distributions (to look for CVE, patch, comments etc.):<br />
;RedHat and Fedora:<br />
:Advisories feed: https://bodhi.fedoraproject.org/rss/updates/?type=security<br />
:CVE tracker: https://access.redhat.com/security/cve/<CVE-ID><br />
:Bug tracker: https://bugzilla.redhat.com/show_bug.cgi?id=<CVE-ID><br />
<br />
;Ubuntu:<br />
:Advisories feed: https://www.ubuntu.com/usn/atom.xml<br />
:CVE tracker: https://people.canonical.com/~ubuntu-security/cve/?cve=<CVE-ID><br />
:Database: https://code.launchpad.net/~ubuntu-security/ubuntu-cve-tracker/master<br />
<br />
;Debian:<br />
:CVE tracker: https://security-tracker.debian.org/tracker/<CVE-ID>/<br />
:Patch tracker: https://tracker.debian.org/pkg/patch<br />
:Database: https://anonscm.debian.org/viewvc/secure-testing/data/<br />
<br />
;OpenSUSE:<br />
:CVE tracker: https://www.suse.com/security/cve/<CVE-ID>/<br />
<br />
===Other===<br />
;Mitre and NVD links for CVE's:<br />
:https://cve.mitre.org/cgi-bin/cvename.cgi?name=<CVE-ID><br />
:https://web.nvd.nist.gov/view/vuln/detail?vulnId=<CVE-ID><br />
<br />
NVD and Mitre do not necessarily fill their CVE entry immediately after attribution, so it is not always relevant for Arch. The CVE-ID and the "Date Entry Created" fields do not have particular meaning. CVE are attributed by CVE Numbering Authorities (CNA), and each CNA obtain CVE blocks from Mitre when needed/asked, so the CVE ID is not linked to the attribution date. The "Date Entry Created" field often only indicates when the CVE block was given to the CNA, nothing more.<br />
<br />
;Linux Weekly News: LWN provides a daily notice of security updates for various distributions.<br />
:https://lwn.net/headlines/newrss<br />
<br />
===More===<br />
For more resources, please see the OpenWall's [http://oss-security.openwall.org/wiki/ Open Source Software Security Wiki].<br />
<br />
== Team Members ==<br />
<br />
{{Note|Run {{ic|!pingsec <msg>}} in [https://wiki.archlinux.org/index.php/IRC_channel IRC channels] to hilight all current security team members.}}<br />
<br />
* [[User:anthraxx|Levente Polyak]]<br />
* [[User:rgacogne|Remi Gacogne]]<br />
* [[User:Shibumi|Christian Rebischke]]<br />
* [[User:Jelly|Jelle van der Waa]]<br />
* [[User:Sangy|Santiago Torres-Arias]]<br />
* [[User:pid1|Jonathan Roemer]]<br />
* [[User:Foxboron|Morten Linderud]]</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=459240
Security Advisories
2016-12-14T00:48:23Z
<p>Sangy: /* December 2016 */ Adds ASA's 201612-{12,13,14}</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
[[ja:セキュリティアドバイザリ]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== December 2016 ===<br />
* [13 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000791.html ASA-201612-14] {{pkg|linux-zen}} denial of service<br />
* [13 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000790.html ASA-201612-13] {{pkg|python-html5lib}} cross-site scripting<br />
* [13 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000789.html ASA-201612-12] {{pkg|python2-html5lib}} cross-site scripting<br />
* [10 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000787.html ASA-201612-11] {{pkg|linux-grsec}} denial of service<br />
* [10 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000786.html ASA-201612-10] {{pkg|linux}} denial of service<br />
* [06 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000785.html ASA-201612-9] {{pkg|jasper}} multiple issues<br />
* [06 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000784.html ASA-201612-8] {{pkg|linux-zen}} privilege escalation<br />
* [06 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000783.html ASA-201612-7] {{pkg|linux-lts}} privilege escalation<br />
* [06 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000782.html ASA-201612-6] {{pkg|linux}} privilege escalation<br />
* [06 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000781.html ASA-201612-5] {{pkg|linux-grsec}} privilege escalation<br />
* [02 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000780.html ASA-201612-4] {{pkg|libdwarf}} multiple issues<br />
* [02 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000779.html ASA-201612-3] {{pkg|chromium}} multiple issues<br />
* [01 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000778.html ASA-201612-2] {{pkg|thunderbird}} arbitrary code execution<br />
* [01 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000777.html ASA-201612-1] {{pkg|firefox}} multiple issues<br />
<br />
=== November 2016 ===<br />
* [30 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000776.html ASA-201611-29] {{pkg|neovim}} arbitrary command execution<br />
* [26 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000775.html ASA-201611-28] {{pkg|ntp}} multiple issues <br />
* [25 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000774.html ASA-201611-27] {{pkg|lib32-libtiff}} multiple issues<br />
* [25 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000773.html ASA-201611-26] {{pkg|libtiff}} multiple issues<br />
* [24 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000772.html ASA-201611-25] {{pkg|wireshark-cli}} multiple issues<br />
* [24 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000771.html ASA-201611-24] {{pkg|wireshark-qt}} multiple issues<br />
* [24 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000770.html ASA-201611-23] {{pkg|wireshark-gtk}} multiple issues<br />
* [23 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000769.html ASA-201611-22] {{pkg|tomcat6}} multiple issues<br />
* [21 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000768.html ASA-201611-21] {{pkg|slock}} access restriction bypass<br />
* [19 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000767.html ASA-201611-20] {{pkg|drupal}} multiple issues<br />
* [18 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000766.html ASA-201611-19] {{pkg|php}} arbitrary code execution<br />
* [18 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000765.html ASA-201611-18] {{pkg|w3m}} arbitrary code execution<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000764.html ASA-201611-17] {{pkg|libgit2}} denial of service<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000763.html ASA-201611-16] {{pkg|firefox}} multiple issues<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000762.html ASA-201611-15] {{pkg|python-django}} multiple issues<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000761.html ASA-201611-14] {{pkg|python2-django}} multiple issues<br />
* [14 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000760.html ASA-201611-13] {{pkg|shutter}} arbitrary code execution<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000759.html ASA-201611-12] {{pkg|lib32-gdk-pixbuf2}} arbitrary code execution<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000758.html ASA-201611-11] {{pkg|tar}} arbitrary file overwrite<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000757.html ASA-201611-10] {{pkg|lib32-libcurl-gnutls}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000756.html ASA-201611-9] {{pkg|libcurl-gnutls}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000755.html ASA-201611-8] {{pkg|libcurl-compat}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000754.html ASA-201611-7] {{pkg|curl}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000753.html ASA-201611-6] {{pkg|tomcat6}} proxy injection<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000752.html ASA-201611-5] {{pkg|lib32-libcurl-compat}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000751.html ASA-201611-4] {{pkg|lib32-curl}} multiple issues<br />
* [01 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000750.html ASA-201611-3] {{pkg|bind}} denial of service<br />
* [01 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000749.html ASA-201611-2] {{pkg|libxml2}} arbitrary code execution<br />
* [01 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000748.html ASA-201611-1] {{pkg|memcached}} arbitrary code execution<br />
<br />
=== October 2016 ===<br />
* [26 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000747.html ASA-201610-19] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [26 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000746.html ASA-201610-18] {{pkg|flashplugin}} arbitrary code execution<br />
* [24 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000745.html ASA-201610-17] {{pkg|ocaml}} information disclosure<br />
* [24 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000744.html ASA-201610-16] {{pkg|linux-grsec}} privilege escalation<br />
* [23 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000743.html ASA-201610-15] {{pkg|chromium}} multiple issues<br />
* [22 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000742.html ASA-201610-14] {{pkg|linux}} privilege escalation<br />
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000741.html ASA-201610-13] {{pkg|python-django}} cross-site request forgery<br />
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000740.html ASA-201610-12] {{pkg|python2-django}} cross-site request forgery<br />
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000739.html ASA-201610-11] {{pkg|linux-lts}} privilege escalation<br />
* [16 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000738.html ASA-201610-10] {{pkg|guile}} multiple issues<br />
* [13 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000737.html ASA-201610-9] {{pkg|gdk-pixbuf2}} arbitrary code execution<br />
* [11 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000736.html ASA-201610-8] {{pkg|crypto++}} information disclosure<br />
* [09 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000735.html ASA-201610-7] {{pkg|wpa_supplicant}} multiple issues<br />
* [08 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000734.html ASA-201610-6] {{pkg|imagemagick}} multiple issues<br />
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000733.html ASA-201610-5] {{pkg|messagelib}} multiple issues<br />
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000732.html ASA-201610-4] {{pkg|kcoreaddons}} insufficient validation<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000731.html ASA-201610-3] {{pkg|hostapd}} multiple issues<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000730.html ASA-201610-2] {{pkg|systemd}} denial of service<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000729.html ASA-201610-1] {{pkg|chromium}} arbitrary code execution<br />
<br />
=== September 2016 ===<br />
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000728.html ASA-201609-32] {{pkg|wordpress}} multiple issues<br />
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000727.html ASA-201609-31] {{pkg|c-ares}} arbitrary code execution<br />
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000726.html ASA-201609-30] {{pkg|openssl}} denial of service<br />
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000725.html ASA-201609-29] {{pkg|bind}} denial of service<br />
* [27 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000724.html ASA-201609-28] {{pkg|lib32-openssl}} denial of service<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000723.html ASA-201609-27] {{pkg|wireshark-cli}} denial of service<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000722.html ASA-201609-26] {{pkg|lib32-gnutls}} certificate verification bypass<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000721.html ASA-201609-25] {{pkg|gnutls}} certificate verification bypass<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000720.html ASA-201609-24] {{pkg|lib32-openssl}} multiple issues<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000719.html ASA-201609-23] {{pkg|openssl}} multiple issues<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000718.html ASA-201609-22] {{pkg|firefox}} multiple issues<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000717.html ASA-201609-21] {{pkg|tomcat7}} proxy injection<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000716.html ASA-201609-20] {{pkg|irssi}} arbitrary code execution<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000715.html ASA-201609-19] {{pkg|curl}} denial of service<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000714.html ASA-201609-18] {{pkg|lib32-curl}} denial of service<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000713.html ASA-201609-17] {{pkg|lib32-jansson}} denial of service<br />
* [18 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16] {{pkg|php}} multiple issues<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15] {{pkg|jansson}} denial of service<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14] {{pkg|lib32-libgcrypt}} information disclosure<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13] {{pkg|chromium}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12] {{pkg|lib32-flashplugin}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] {{pkg|flashplugin}} multiple issues<br />
* [14 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10] {{pkg|mariadb}} multiple issues<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9] {{pkg|powerdns}} denial of service<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8] {{pkg|libtorrent-rasterbar}} denial of service<br />
* [10 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] {{pkg|tomcat8}} proxy injection<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000702.html ASA-201609-6] {{pkg|graphicsmagick}} multiple issues<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5] {{pkg|file-roller}} directory traversal<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000700.html ASA-201609-4] {{pkg|wordpress}} multiple issues<br />
* [04 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3] {{pkg|thunderbird}} arbitrary code execution<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2] {{pkg|webkit2gtk}} multiple issues<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2016 ===<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] {{pkg|mupdf}} arbitrary code execution<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} arbitrary code execution<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=458220
Security Advisories
2016-12-01T19:49:03Z
<p>Sangy: /* Recent Advisories */ Adds thunderbird ASA-201612-2</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
[[ja:セキュリティアドバイザリ]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== December 2016 ===<br />
* [01 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000778.html ASA-201612-2] {{pkg|thunderbird}} arbitrary code execution<br />
* [01 December 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-December/000777.html ASA-201612-1] {{pkg|firefox}} multiple issues<br />
<br />
=== November 2016 ===<br />
* [30 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000776.html ASA-201611-29] {{pkg|neovim}} arbitrary command execution<br />
* [26 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000775.html ASA-201611-28] {{pkg|ntp}} multiple issues <br />
* [25 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000774.html ASA-201611-27] {{pkg|lib32-libtiff}} multiple issues<br />
* [25 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000773.html ASA-201611-26] {{pkg|libtiff}} multiple issues<br />
* [24 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000772.html ASA-201611-25] {{pkg|wireshark-cli}} multiple issues<br />
* [24 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000771.html ASA-201611-24] {{pkg|wireshark-qt}} multiple issues<br />
* [24 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000770.html ASA-201611-23] {{pkg|wireshark-gtk}} multiple issues<br />
* [23 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000769.html ASA-201611-22] {{pkg|tomcat6}} multiple issues<br />
* [21 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000768.html ASA-201611-21] {{pkg|slock}} access restriction bypass<br />
* [19 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000767.html ASA-201611-20] {{pkg|drupal}} multiple issues<br />
* [18 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000766.html ASA-201611-19] {{pkg|php}} arbitrary code execution<br />
* [18 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000765.html ASA-201611-18] {{pkg|w3m}} arbitrary code execution<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000764.html ASA-201611-17] {{pkg|libgit2}} denial of service<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000763.html ASA-201611-16] {{pkg|firefox}} multiple issues<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000762.html ASA-201611-15] {{pkg|python-django}} multiple issues<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000761.html ASA-201611-14] {{pkg|python2-django}} multiple issues<br />
* [14 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000760.html ASA-201611-13] {{pkg|shutter}} arbitrary code execution<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000759.html ASA-201611-12] {{pkg|lib32-gdk-pixbuf2}} arbitrary code execution<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000758.html ASA-201611-11] {{pkg|tar}} arbitrary file overwrite<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000757.html ASA-201611-10] {{pkg|lib32-libcurl-gnutls}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000756.html ASA-201611-9] {{pkg|libcurl-gnutls}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000755.html ASA-201611-8] {{pkg|libcurl-compat}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000754.html ASA-201611-7] {{pkg|curl}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000753.html ASA-201611-6] {{pkg|tomcat6}} proxy injection<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000752.html ASA-201611-5] {{pkg|lib32-libcurl-compat}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000751.html ASA-201611-4] {{pkg|lib32-curl}} multiple issues<br />
* [01 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000750.html ASA-201611-3] {{pkg|bind}} denial of service<br />
* [01 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000749.html ASA-201611-2] {{pkg|libxml2}} arbitrary code execution<br />
* [01 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000748.html ASA-201611-1] {{pkg|memcached}} arbitrary code execution<br />
<br />
=== October 2016 ===<br />
* [26 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000747.html ASA-201610-19] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [26 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000746.html ASA-201610-18] {{pkg|flashplugin}} arbitrary code execution<br />
* [24 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000745.html ASA-201610-17] {{pkg|ocaml}} information disclosure<br />
* [24 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000744.html ASA-201610-16] {{pkg|linux-grsec}} privilege escalation<br />
* [23 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000743.html ASA-201610-15] {{pkg|chromium}} multiple issues<br />
* [22 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000742.html ASA-201610-14] {{pkg|linux}} privilege escalation<br />
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000741.html ASA-201610-13] {{pkg|python-django}} cross-site request forgery<br />
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000740.html ASA-201610-12] {{pkg|python2-django}} cross-site request forgery<br />
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000739.html ASA-201610-11] {{pkg|linux-lts}} privilege escalation<br />
* [16 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000738.html ASA-201610-10] {{pkg|guile}} multiple issues<br />
* [13 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000737.html ASA-201610-9] {{pkg|gdk-pixbuf2}} arbitrary code execution<br />
* [11 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000736.html ASA-201610-8] {{pkg|crypto++}} information disclosure<br />
* [09 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000735.html ASA-201610-7] {{pkg|wpa_supplicant}} multiple issues<br />
* [08 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000734.html ASA-201610-6] {{pkg|imagemagick}} multiple issues<br />
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000733.html ASA-201610-5] {{pkg|messagelib}} multiple issues<br />
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000732.html ASA-201610-4] {{pkg|kcoreaddons}} insufficient validation<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000731.html ASA-201610-3] {{pkg|hostapd}} multiple issues<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000730.html ASA-201610-2] {{pkg|systemd}} denial of service<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000729.html ASA-201610-1] {{pkg|chromium}} arbitrary code execution<br />
<br />
=== September 2016 ===<br />
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000728.html ASA-201609-32] {{pkg|wordpress}} multiple issues<br />
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000727.html ASA-201609-31] {{pkg|c-ares}} arbitrary code execution<br />
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000726.html ASA-201609-30] {{pkg|openssl}} denial of service<br />
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000725.html ASA-201609-29] {{pkg|bind}} denial of service<br />
* [27 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000724.html ASA-201609-28] {{pkg|lib32-openssl}} denial of service<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000723.html ASA-201609-27] {{pkg|wireshark-cli}} denial of service<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000722.html ASA-201609-26] {{pkg|lib32-gnutls}} certificate verification bypass<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000721.html ASA-201609-25] {{pkg|gnutls}} certificate verification bypass<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000720.html ASA-201609-24] {{pkg|lib32-openssl}} multiple issues<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000719.html ASA-201609-23] {{pkg|openssl}} multiple issues<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000718.html ASA-201609-22] {{pkg|firefox}} multiple issues<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000717.html ASA-201609-21] {{pkg|tomcat7}} proxy injection<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000716.html ASA-201609-20] {{pkg|irssi}} arbitrary code execution<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000715.html ASA-201609-19] {{pkg|curl}} denial of service<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000714.html ASA-201609-18] {{pkg|lib32-curl}} denial of service<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000713.html ASA-201609-17] {{pkg|lib32-jansson}} denial of service<br />
* [18 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16] {{pkg|php}} multiple issues<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15] {{pkg|jansson}} denial of service<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14] {{pkg|lib32-libgcrypt}} information disclosure<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13] {{pkg|chromium}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12] {{pkg|lib32-flashplugin}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] {{pkg|flashplugin}} multiple issues<br />
* [14 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10] {{pkg|mariadb}} multiple issues<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9] {{pkg|powerdns}} denial of service<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8] {{pkg|libtorrent-rasterbar}} denial of service<br />
* [10 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] {{pkg|tomcat8}} proxy injection<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000702.html ASA-201609-6] {{pkg|graphicsmagick}} multiple issues<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5] {{pkg|file-roller}} directory traversal<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000700.html ASA-201609-4] {{pkg|wordpress}} multiple issues<br />
* [04 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3] {{pkg|thunderbird}} arbitrary code execution<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2] {{pkg|webkit2gtk}} multiple issues<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2016 ===<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] {{pkg|mupdf}} arbitrary code execution<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} arbitrary code execution<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=457867
Security Advisories
2016-11-26T22:09:25Z
<p>Sangy: /* November 2016 */ Add ASA-201611-28 NTP: multiple issues.</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
[[ja:セキュリティアドバイザリ]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== November 2016 ===<br />
* [26 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000775.html ASA-201611-28] {{pkg|ntp}} multiple issues <br />
* [25 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000774.html ASA-201611-27] {{pkg|lib32-libtiff}} multiple issues<br />
* [25 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000773.html ASA-201611-26] {{pkg|libtiff}} multiple issues<br />
* [24 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000772.html ASA-201611-25] {{pkg|wireshark-cli}} multiple issues<br />
* [24 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000771.html ASA-201611-24] {{pkg|wireshark-qt}} multiple issues<br />
* [24 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000770.html ASA-201611-23] {{pkg|wireshark-gtk}} multiple issues<br />
* [23 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000769.html ASA-201611-22] {{pkg|tomcat6}} multiple issues<br />
* [21 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000768.html ASA-201611-21] {{pkg|slock}} access restriction bypass<br />
* [19 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000767.html ASA-201611-20] {{pkg|drupal}} multiple issues<br />
* [18 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000766.html ASA-201611-19] {{pkg|php}} arbitrary code execution<br />
* [18 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000765.html ASA-201611-18] {{pkg|w3m}} arbitrary code execution<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000764.html ASA-201611-17] {{pkg|libgit2}} denial of service<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000763.html ASA-201611-16] {{pkg|firefox}} multiple issues<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000762.html ASA-201611-15] {{pkg|python-django}} multiple issues<br />
* [16 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000761.html ASA-201611-14] {{pkg|python2-django}} multiple issues<br />
* [14 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000760.html ASA-201611-13] {{pkg|shutter}} arbitrary code execution<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000759.html ASA-201611-12] {{pkg|lib32-gdk-pixbuf2}} arbitrary code execution<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000758.html ASA-201611-11] {{pkg|tar}} arbitrary file overwrite<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000757.html ASA-201611-10] {{pkg|lib32-libcurl-gnutls}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000756.html ASA-201611-9] {{pkg|libcurl-gnutls}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000755.html ASA-201611-8] {{pkg|libcurl-compat}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000754.html ASA-201611-7] {{pkg|curl}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000753.html ASA-201611-6] {{pkg|tomcat6}} proxy injection<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000752.html ASA-201611-5] {{pkg|lib32-libcurl-compat}} multiple issues<br />
* [02 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000751.html ASA-201611-4] {{pkg|lib32-curl}} multiple issues<br />
* [01 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000750.html ASA-201611-3] {{pkg|bind}} denial of service<br />
* [01 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000749.html ASA-201611-2] {{pkg|libxml2}} arbitrary code execution<br />
* [01 November 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-November/000748.html ASA-201611-1] {{pkg|memcached}} arbitrary code execution<br />
<br />
=== October 2016 ===<br />
* [26 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000747.html ASA-201610-19] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [26 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000746.html ASA-201610-18] {{pkg|flashplugin}} arbitrary code execution<br />
* [24 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000745.html ASA-201610-17] {{pkg|ocaml}} information disclosure<br />
* [24 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000744.html ASA-201610-16] {{pkg|linux-grsec}} privilege escalation<br />
* [23 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000743.html ASA-201610-15] {{pkg|chromium}} multiple issues<br />
* [22 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000742.html ASA-201610-14] {{pkg|linux}} privilege escalation<br />
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000741.html ASA-201610-13] {{pkg|python-django}} cross-site request forgery<br />
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000740.html ASA-201610-12] {{pkg|python2-django}} cross-site request forgery<br />
* [21 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000739.html ASA-201610-11] {{pkg|linux-lts}} privilege escalation<br />
* [16 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000738.html ASA-201610-10] {{pkg|guile}} multiple issues<br />
* [13 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000737.html ASA-201610-9] {{pkg|gdk-pixbuf2}} arbitrary code execution<br />
* [11 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000736.html ASA-201610-8] {{pkg|crypto++}} information disclosure<br />
* [09 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000735.html ASA-201610-7] {{pkg|wpa_supplicant}} multiple issues<br />
* [08 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000734.html ASA-201610-6] {{pkg|imagemagick}} multiple issues<br />
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000733.html ASA-201610-5] {{pkg|messagelib}} multiple issues<br />
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000732.html ASA-201610-4] {{pkg|kcoreaddons}} insufficient validation<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000731.html ASA-201610-3] {{pkg|hostapd}} multiple issues<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000730.html ASA-201610-2] {{pkg|systemd}} denial of service<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000729.html ASA-201610-1] {{pkg|chromium}} arbitrary code execution<br />
<br />
=== September 2016 ===<br />
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000728.html ASA-201609-32] {{pkg|wordpress}} multiple issues<br />
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000727.html ASA-201609-31] {{pkg|c-ares}} arbitrary code execution<br />
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000726.html ASA-201609-30] {{pkg|openssl}} denial of service<br />
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000725.html ASA-201609-29] {{pkg|bind}} denial of service<br />
* [27 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000724.html ASA-201609-28] {{pkg|lib32-openssl}} denial of service<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000723.html ASA-201609-27] {{pkg|wireshark-cli}} denial of service<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000722.html ASA-201609-26] {{pkg|lib32-gnutls}} certificate verification bypass<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000721.html ASA-201609-25] {{pkg|gnutls}} certificate verification bypass<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000720.html ASA-201609-24] {{pkg|lib32-openssl}} multiple issues<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000719.html ASA-201609-23] {{pkg|openssl}} multiple issues<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000718.html ASA-201609-22] {{pkg|firefox}} multiple issues<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000717.html ASA-201609-21] {{pkg|tomcat7}} proxy injection<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000716.html ASA-201609-20] {{pkg|irssi}} arbitrary code execution<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000715.html ASA-201609-19] {{pkg|curl}} denial of service<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000714.html ASA-201609-18] {{pkg|lib32-curl}} denial of service<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000713.html ASA-201609-17] {{pkg|lib32-jansson}} denial of service<br />
* [18 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16] {{pkg|php}} multiple issues<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15] {{pkg|jansson}} denial of service<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14] {{pkg|lib32-libgcrypt}} information disclosure<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13] {{pkg|chromium}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12] {{pkg|lib32-flashplugin}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] {{pkg|flashplugin}} multiple issues<br />
* [14 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10] {{pkg|mariadb}} multiple issues<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9] {{pkg|powerdns}} denial of service<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8] {{pkg|libtorrent-rasterbar}} denial of service<br />
* [10 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] {{pkg|tomcat8}} proxy injection<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000702.html ASA-201609-6] {{pkg|graphicsmagick}} multiple issues<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5] {{pkg|file-roller}} directory traversal<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000700.html ASA-201609-4] {{pkg|wordpress}} multiple issues<br />
* [04 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3] {{pkg|thunderbird}} arbitrary code execution<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2] {{pkg|webkit2gtk}} multiple issues<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2016 ===<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] {{pkg|mupdf}} arbitrary code execution<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} arbitrary code execution<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=455791
CVE
2016-11-01T21:28:34Z
<p>Sangy: Adds CVE-2016-8864 Bind: DoS</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|-<br />
| {{CVE|CVE-2016-8864}} [http://ftp.isc.org/isc/bind9/9.11.0-P1/RELEASE-NOTES-bind-9.11.0-P1.html] [https://kb.isc.org/article/AA-01434/0] || {{pkg|bind}} || 2016-11-1 || <= 9.11.0-2 || 9.11.0.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-November/000750.html ASA-201611-3]<br />
|-<br />
| {{CVE|CVE-2016-8704}} {{CVE|CVE-2016-8705}} {{CVE|CVE-2016-8706}} [http://www.talosintelligence.com/reports/TALOS-2016-0219/] [http://www.talosintelligence.com/reports/TALOS-2016-0220/] [http://www.talosintelligence.com/reports/TALOS-2016-0221/] || {{pkg|memcached}} || 2016-10-31 || <= 1.4.31-1 || 1.4.32-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-November/000748.html ASA-201611-1]<br />
|-<br />
| {{CVE|CVE-2016-7855}} [https://helpx.adobe.com/security/products/flash-player/apsb16-36.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-10-26 || <= 11.2.202.637-1 || 11.2.202.643-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000746.html ASA-201610-18] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000747.html ASA-201610-19]<br />
|-<br />
| {{CVE|CVE-2016-5181}} {{CVE|CVE-2016-5182}} {{CVE|CVE-2016-5183}} {{CVE|CVE-2016-5184}} {{CVE|CVE-2016-5185}} {{CVE|CVE-2016-5186}} {{CVE|CVE-2016-5187}} {{CVE|CVE-2016-5188}} {{CVE|CVE-2016-5189}} {{CVE|CVE-2016-5190}} {{CVE|CVE-2016-5191}} {{CVE|CVE-2016-5192}} {{CVE|CVE-2016-5193}} {{CVE|CVE-2016-5194}} [https://googlechromereleases.blogspot.fr/2016/10/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-10-12 || <= 53.0.2785.143-1 || 54.0.2840.71-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000743.html ASA-201610-15]<br />
|-<br />
| {{CVE|CVE-2016-7401}} || {{pkg|python-django}} {{pkg|python2-django}} || 2016-10-21 || <= 1.9.9-1 || 1.10.1-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000741.html ASA-201610-13] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000740.html ASA-201610-12]<br />
|-<br />
| {{CVE|CVE-2016-5195}} [https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails] || {{pkg|linux}} || 2016-10-21 || <= 4.8.2-1 || 4.8.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000742.html ASA-201610-14]<br />
|-<br />
| {{CVE|CVE-2016-5195}} [https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails] || {{pkg|linux-grsec}} || 2016-10-21 || <= 1:4.7.8.r201610161720-1 || 1:4.7.10.r201610222037-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000744.html ASA-201610-16]<br />
|-<br />
| {{CVE|CVE-2016-5195}} [https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails] || {{pkg|linux-lts}} || 2016-10-21 || <= 4.4.25-1 || 4.4.26-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000739.html ASA-201610-11]<br />
|-<br />
| {{CVE|CVE-2016-8605}} {{CVE|CVE-2016-8606}} [http://www.openwall.com/lists/oss-security/2016/10/11/1] [http://www.openwall.com/lists/oss-security/2016/10/12/2] || {{pkg|guile}} || 2016-10-11 || <= 2.0.12-1 || 2.0.13-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000738.html ASA-201610-10]<br />
|-<br />
| {{CVE|CVE-2016-7906}} {{CVE|CVE-2016-7799}} [http://www.openwall.com/lists/oss-security/2016/10/02/3] [http://www.openwall.com/lists/oss-security/2016/10/01/6] || {{pkg|imagemagick}} || 2016-10-02 || <= 6.9.5.10-1 || 6.9.6.0-1 || <5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000734.html ASA-201610-6]<br />
|-<br />
| {{CVE|CVE-2016-7967}} {{CVE|CVE-2016-7968}} [https://www.kde.org/info/security/advisory-20161006-2.txt] [https://www.kde.org/info/security/advisory-20161006-3.txt] [http://seclists.org/oss-sec/2016/q4/23] || {{pkg|messagelib}} || 2016-10-06 || <= 16.08.1-1 || 16.08.1-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000733.html ASA-201610-5]<br />
|- <br />
| {{CVE|CVE-2016-7966}} [https://www.kde.org/info/security/advisory-20161006-1.txt] [http://seclists.org/oss-sec/2016/q4/23] || {{pkg|kcoreaddons}} || 2016-10-06 || <= 5.26.0-1 || 5.26.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000732.html ASA-201610-4]<br />
|- <br />
| {{CVE|CVE-2016-7795}} || {{pkg|systemd}} || 2016-09-29 || <= 231-1 || 231-2 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000730.html ASA-201610-2]<br />
|- <br />
| {{CVE|CVE-2016-5177}} {{CVE|CVE-2016-5178}} [https://googlechromereleases.blogspot.fr/2016/09/stable-channel-update-for-desktop_29.html] || {{pkg|chromium}} || 2016-09-29 || <= 53.0.2785.116-1 || 53.0.2785.143-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000729.html ASA-201610-1]<br />
|- <br />
| {{CVE|CVE-2016-7168}} {{CVE|CVE-2016-7169}} [https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/] || {{pkg|wordpress}} || 2016-09-29 || <= 4.6.0-1 || 4.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000728.html ASA-201609-32]<br />
|- <br />
| {{CVE|CVE-2016-5180}} [https://c-ares.haxx.se/adv_20160929.html] || {{pkg|c-ares}} || 2016-09-29 || <= 1.11.0-1 || 1.12.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000727.html ASA-201609-31]<br />
|- <br />
| {{CVE|CVE-2016-2776}} [https://kb.isc.org/article/AA-01419/0] || {{pkg|bind}} || 2016-07-27 || <= 9.10.4.P2-1 || 9.10.4.P3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000725.html ASA-201607-29]<br />
|-<br />
| {{CVE|CVE-2016-7052}} [https://www.openssl.org/news/secadv/20160926.txt] || {{pkg|lib32-openssl}} || 2016-09-26 || <= 1:1.0.2.i-1 || 1:1.0.2.j-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000724.html ASA-201609-28]<br />
|- <br />
| {{CVE|CVE-2016-7052}} [https://www.openssl.org/news/secadv/20160926.txt] || {{pkg|openssl}} || 2016-09-26 || <= 1.0.2.i-1 || 1.0.2.j-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000726.html ASA-201609-30]<br />
|- <br />
| {{CVE|CVE-2016-6309}} [https://www.openssl.org/news/secadv/20160926.txt] || {{pkg|lib32-openssl}} || 2016-09-26 || <= 1:1.0.2.i-1 || || || Not Affected || None<br />
|- <br />
| {{CVE|CVE-2016-6309}} [https://www.openssl.org/news/secadv/20160926.txt] || {{pkg|openssl}} || 2016-09-26 || <= 1.0.2.i-1 || || || Not Affected || None<br />
|- <br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} {{CVE|CVE-2016-2179}} {{CVE|CVE-2016-2180}} {{CVE|CVE-2016-2181}} {{CVE|CVE-2016-2182}} {{CVE|CVE-2016-2183}} {{CVE|CVE-2016-6302}} {{CVE|CVE-2016-6303}} {{CVE|CVE-2016-6304}} {{CVE|CVE-2016-6306}} [http://eprint.iacr.org/2016/594] [https://www.openssl.org/news/secadv/20160922.txt] || {{pkg|openssl}} || 2016-09-22 || <= 1.0.2.h-1 || 1.0.2.i-1 || <1d || Fixed ({{bug|49616}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000719.html ASA-201609-23]<br />
|- <br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} {{CVE|CVE-2016-2179}} {{CVE|CVE-2016-2180}} {{CVE|CVE-2016-2181}} {{CVE|CVE-2016-2182}} {{CVE|CVE-2016-2183}} {{CVE|CVE-2016-6302}} {{CVE|CVE-2016-6303}} {{CVE|CVE-2016-6304}} {{CVE|CVE-2016-6306}} [http://eprint.iacr.org/2016/594] [https://www.openssl.org/news/secadv/20160922.txt] || {{pkg|lib32-openssl}} || 2016-09-22 || <= 1:1.0.2.h-1 || 1:1.0.2.i-1 || <1d || Fixed ({{bug|49616}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000720.html ASA-201609-24]<br />
|- <br />
| {{CVE|CVE-2016-7044}} {{CVE|CVE-2016-7045}} [https://irssi.org/security/irssi_sa_2016.txt] || {{pkg|irssi}} || 2016-09-21 || <= 0.8.19-2 || 0.8.20-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000716.html ASA-201609-20]<br />
|- <br />
| {{CVE|CVE-2016-5270}} {{CVE|CVE-2016-5271}} {{CVE|CVE-2016-5272}} {{CVE|CVE-2016-5273}} {{CVE|CVE-2016-5276}} {{CVE|CVE-2016-5274}} {{CVE|CVE-2016-5277}} {{CVE|CVE-2016-5275}} {{CVE|CVE-2016-5278}} {{CVE|CVE-2016-5279}} {{CVE|CVE-2016-5280}} {{CVE|CVE-2016-5281}} {{CVE|CVE-2016-5282}} {{CVE|CVE-2016-5283}} {{CVE|CVE-2016-5284}} {{CVE|CVE-2016-5256}} {{CVE|CVE-2016-5257}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-85/] || {{pkg|firefox}} || 2016-09-13 || <= 48.0.2-1 || 49.0-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000718.html ASA-201609-22]<br />
|- <br />
| {{CVE|CVE-2016-5388}} || {{pkg|tomcat7}} || 2016-09-18 || <= 7.0.70-1 || 7.0.72-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000717.html ASA-201609-21]<br />
|- <br />
| {{CVE|CVE-2016-7420}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7420] || {{pkg|crypto++}} || 2016-09-18 || <= 5.6.4-2 || 5.6.5-1 || <24d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000736.html ASA-201610-8 ]<br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|gnutls}} || 2016-09-08 || <= 3.4.14-1 || 3.4.15-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000721.html ASA-201609-25]<br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|lib32-gnutls}} || 2016-09-08 || <= 3.4.14-1 || 3.4.15-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000722.html ASA-201609-26]<br />
|- <br />
| {{CVE|CVE-2016-5170}} {{CVE|CVE-2016-5171}} {{CVE|CVE-2016-5172}} {{CVE|CVE-2016-5173}} {{CVE|CVE-2016-5174}} {{CVE|CVE-2016-5175}} [https://googlechromereleases.blogspot.fr/2016/09/stable-channel-update-for-desktop_13.html] || {{pkg|chromium}} || 2016-09-13 || <= 53.0.2785.101-1 || 53.0.2785.116-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13]<br />
|- <br />
| {{CVE|CVE-2016-7412}} {{CVE|CVE-2016-7413}} {{CVE|CVE-2016-7414}} {{CVE|CVE-2016-7416}} {{CVE|CVE-2016-7417}} {{CVE|CVE-2016-7418}} [http://www.openwall.com/lists/oss-security/2016/09/15/10] || {{pkg|php}} || 2016-09-15 || <= 7.0.10-1 || 7.0.11-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16]<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|lib32-gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || 2.36.0+2+ga7c869a-1 || 50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000737.html ASA-201610-9]<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || 7.50.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000715.html ASA-201609-19]<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || 7.50.3-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000714.html ASA-201609-18]<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || 2.2.0-1 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000723.html ASA-201609-27]<br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || 7.0.11-1 || || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14]<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23-1 || || Fixed ({{bug|49958}}) || None<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Not Affected ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || 2.6-1 || 90d || Fixed ({{bug|49196}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000731.html ASA-201610-3]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || 1:2.6-1 || >90d || Fixed ({{bug|49196}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000735.html ASA-201610-7]<br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || 2.8-1 || 137d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|lib32-jansson}} || 2016-05-02 || <= 2.7-2 || 2.8-1 || 140d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000713.html ASA-201609-17]<br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || 4.03.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000745.html ASA-201610-17]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.1.2-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Not Affected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.1.2-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || 7.u75_2.5.4-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 0.5.5-3 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Not Affected ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || <=9.3.3 || 9.3.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || 2.7.6-3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || 5.7.2.1-2 || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || 11.2.202.346 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || 0.24-1 || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || 1.8.0-2 || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || <2.36.0 || 2.34.0-3 || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=453717
Security Advisories
2016-10-12T16:30:55Z
<p>Sangy: Added ASA-201610-8</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== October 2016 ===<br />
* [11 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000736.html ASA-201610-8] {{pkg|crypto++}} information disclosure<br />
* [09 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000735.html ASA-201610-7] {{pkg|wpa_supplicant}} multiple issues<br />
* [08 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000734.html ASA-201610-6] {{pkg|imagemagick}} multiple issues<br />
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000733.html ASA-201610-5] {{pkg|messagelib}} multiple issues<br />
* [07 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000732.html ASA-201610-4] {{pkg|kcoreaddons}} insufficient validation<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000731.html ASA-201610-3] {{pkg|hostapd}} multiple issues<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000730.html ASA-201610-2] {{pkg|systemd}} denial of service<br />
* [03 October 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-October/000729.html ASA-201610-1] {{pkg|chromium}} arbitrary code execution<br />
<br />
=== September 2016 ===<br />
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000728.html ASA-201609-32] {{pkg|wordpress}} multiple issues<br />
* [30 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000727.html ASA-201609-31] {{pkg|c-ares}} arbitrary code execution<br />
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000726.html ASA-201609-30] {{pkg|openssl}} denial of service<br />
* [28 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000725.html ASA-201609-29] {{pkg|bind}} denial of service<br />
* [27 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000724.html ASA-201609-28] {{pkg|lib32-openssl}} denial of service<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000723.html ASA-201609-27] {{pkg|wireshark-cli}} denial of service<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000722.html ASA-201609-26] {{pkg|lib32-gnutls}} certificate verification bypass<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000721.html ASA-201609-25] {{pkg|gnutls}} certificate verification bypass<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000720.html ASA-201609-24] {{pkg|lib32-openssl}} multiple issues<br />
* [26 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000719.html ASA-201609-23] {{pkg|openssl}} multiple issues<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000718.html ASA-201609-22] {{pkg|firefox}} multiple issues<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000717.html ASA-201609-21] {{pkg|tomcat7}} proxy injection<br />
* [22 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000716.html ASA-201609-20] {{pkg|irssi}} arbitrary code execution<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000715.html ASA-201609-19] {{pkg|curl}} denial of service<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000714.html ASA-201609-18] {{pkg|lib32-curl}} denial of service<br />
* [20 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000713.html ASA-201609-17] {{pkg|lib32-jansson}} denial of service<br />
* [18 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16] {{pkg|php}} multiple issues<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15] {{pkg|jansson}} denial of service<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14] {{pkg|lib32-libgcrypt}} information disclosure<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13] {{pkg|chromium}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12] {{pkg|lib32-flashplugin}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] {{pkg|flashplugin}} multiple issues<br />
* [14 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10] {{pkg|mariadb}} multiple issues<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9] {{pkg|powerdns}} denial of service<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8] {{pkg|libtorrent-rasterbar}} denial of service<br />
* [10 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] {{pkg|tomcat8}} proxy injection<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000702.html ASA-201609-6] {{pkg|graphicsmagick}} multiple issues<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5] {{pkg|file-roller}} directory traversal<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000700.html ASA-201609-4] {{pkg|wordpress}} multiple issues<br />
* [04 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3] {{pkg|thunderbird}} arbitrary code execution<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2] {{pkg|webkit2gtk}} multiple issues<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2016 ===<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] {{pkg|mupdf}} arbitrary code execution<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} arbitrary code execution<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=453716
CVE
2016-10-12T16:24:27Z
<p>Sangy: Adds ASA for CVE-2016-720</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-7906}} {{CVE|CVE-2016-7799}} [http://www.openwall.com/lists/oss-security/2016/10/02/3] [http://www.openwall.com/lists/oss-security/2016/10/01/6] || {{pkg|imagemagick}} || 2016-10-02 || <= 6.9.5.10-1 || 6.9.6.0-1 || <5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000734.html ASA-201610-6]<br />
|-<br />
| {{CVE|CVE-2016-7967}} {{CVE|CVE-2016-7968}} [https://www.kde.org/info/security/advisory-20161006-2.txt] [https://www.kde.org/info/security/advisory-20161006-3.txt] [http://seclists.org/oss-sec/2016/q4/23] || {{pkg|messagelib}} || 2016-10-06 || <= 16.08.1-1 || 16.08.1-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000733.html ASA-201610-5]<br />
|- <br />
| {{CVE|CVE-2016-7966}} [https://www.kde.org/info/security/advisory-20161006-1.txt] [http://seclists.org/oss-sec/2016/q4/23] || {{pkg|kcoreaddons}} || 2016-10-06 || <= 5.26.0-1 || 5.26.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000732.html ASA-201610-4]<br />
|- <br />
| {{CVE|CVE-2016-7795}} || {{pkg|systemd}} || 2016-09-29 || <= 231-1 || 231-2 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000730.html ASA-201610-2]<br />
|- <br />
| {{CVE|CVE-2016-5177}} {{CVE|CVE-2016-5178}} [https://googlechromereleases.blogspot.fr/2016/09/stable-channel-update-for-desktop_29.html] || {{pkg|chromium}} || 2016-09-29 || <= 53.0.2785.116-1 || 53.0.2785.143-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000729.html ASA-201610-1]<br />
|- <br />
| {{CVE|CVE-2016-7168}} {{CVE|CVE-2016-7169}} [https://wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-release/] || {{pkg|wordpress}} || 2016-09-29 || <= 4.6.0-1 || 4.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000728.html ASA-201609-32]<br />
|- <br />
| {{CVE|CVE-2016-5180}} [https://c-ares.haxx.se/adv_20160929.html] || {{pkg|c-ares}} || 2016-09-29 || <= 1.11.0-1 || 1.12.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000727.html ASA-201609-31]<br />
|- <br />
| {{CVE|CVE-2016-2776}} [https://kb.isc.org/article/AA-01419/0] || {{pkg|bind}} || 2016-07-27 || <= 9.10.4.P2-1 || 9.10.4.P3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000725.html ASA-201607-29]<br />
|-<br />
| {{CVE|CVE-2016-7052}} [https://www.openssl.org/news/secadv/20160926.txt] || {{pkg|lib32-openssl}} || 2016-09-26 || <= 1:1.0.2.i-1 || 1:1.0.2.j-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000724.html ASA-201609-28]<br />
|- <br />
| {{CVE|CVE-2016-7052}} [https://www.openssl.org/news/secadv/20160926.txt] || {{pkg|openssl}} || 2016-09-26 || <= 1.0.2.i-1 || 1.0.2.j-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000726.html ASA-201609-30]<br />
|- <br />
| {{CVE|CVE-2016-6309}} [https://www.openssl.org/news/secadv/20160926.txt] || {{pkg|lib32-openssl}} || 2016-09-26 || <= 1:1.0.2.i-1 || || || Not Affected || None<br />
|- <br />
| {{CVE|CVE-2016-6309}} [https://www.openssl.org/news/secadv/20160926.txt] || {{pkg|openssl}} || 2016-09-26 || <= 1.0.2.i-1 || || || Not Affected || None<br />
|- <br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} {{CVE|CVE-2016-2179}} {{CVE|CVE-2016-2180}} {{CVE|CVE-2016-2181}} {{CVE|CVE-2016-2182}} {{CVE|CVE-2016-2183}} {{CVE|CVE-2016-6302}} {{CVE|CVE-2016-6303}} {{CVE|CVE-2016-6304}} {{CVE|CVE-2016-6306}} [http://eprint.iacr.org/2016/594] [https://www.openssl.org/news/secadv/20160922.txt] || {{pkg|openssl}} || 2016-09-22 || <= 1.0.2.h-1 || 1.0.2.i-1 || <1d || Fixed ({{bug|49616}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000719.html ASA-201609-23]<br />
|- <br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} {{CVE|CVE-2016-2179}} {{CVE|CVE-2016-2180}} {{CVE|CVE-2016-2181}} {{CVE|CVE-2016-2182}} {{CVE|CVE-2016-2183}} {{CVE|CVE-2016-6302}} {{CVE|CVE-2016-6303}} {{CVE|CVE-2016-6304}} {{CVE|CVE-2016-6306}} [http://eprint.iacr.org/2016/594] [https://www.openssl.org/news/secadv/20160922.txt] || {{pkg|lib32-openssl}} || 2016-09-22 || <= 1:1.0.2.h-1 || 1:1.0.2.i-1 || <1d || Fixed ({{bug|49616}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000720.html ASA-201609-24]<br />
|- <br />
| {{CVE|CVE-2016-7044}} {{CVE|CVE-2016-7045}} [https://irssi.org/security/irssi_sa_2016.txt] || {{pkg|irssi}} || 2016-09-21 || <= 0.8.19-2 || 0.8.20-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000716.html ASA-201609-20]<br />
|- <br />
| {{CVE|CVE-2016-5270}} {{CVE|CVE-2016-5271}} {{CVE|CVE-2016-5272}} {{CVE|CVE-2016-5273}} {{CVE|CVE-2016-5276}} {{CVE|CVE-2016-5274}} {{CVE|CVE-2016-5277}} {{CVE|CVE-2016-5275}} {{CVE|CVE-2016-5278}} {{CVE|CVE-2016-5279}} {{CVE|CVE-2016-5280}} {{CVE|CVE-2016-5281}} {{CVE|CVE-2016-5282}} {{CVE|CVE-2016-5283}} {{CVE|CVE-2016-5284}} {{CVE|CVE-2016-5256}} {{CVE|CVE-2016-5257}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-85/] || {{pkg|firefox}} || 2016-09-13 || <= 48.0.2-1 || 49.0-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000718.html ASA-201609-22]<br />
|- <br />
| {{CVE|CVE-2016-5388}} || {{pkg|tomcat7}} || 2016-09-18 || <= 7.0.70-1 || 7.0.72-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000717.html ASA-201609-21]<br />
|- <br />
| {{CVE|CVE-2016-7420}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7420] || {{pkg|crypto++}} || 2016-09-18 || <= 5.6.4-2 || 5.6.5-1 || <24d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000736.html ASA-201610-8 ]<br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|gnutls}} || 2016-09-08 || <= 3.4.14-1 || 3.4.15-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000721.html ASA-201609-25]<br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|lib32-gnutls}} || 2016-09-08 || <= 3.4.14-1 || 3.4.15-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000722.html ASA-201609-26]<br />
|- <br />
| {{CVE|CVE-2016-5170}} {{CVE|CVE-2016-5171}} {{CVE|CVE-2016-5172}} {{CVE|CVE-2016-5173}} {{CVE|CVE-2016-5174}} {{CVE|CVE-2016-5175}} [https://googlechromereleases.blogspot.fr/2016/09/stable-channel-update-for-desktop_13.html] || {{pkg|chromium}} || 2016-09-13 || <= 53.0.2785.101-1 || 53.0.2785.116-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13]<br />
|- <br />
| {{CVE|CVE-2016-7412}} {{CVE|CVE-2016-7413}} {{CVE|CVE-2016-7414}} {{CVE|CVE-2016-7416}} {{CVE|CVE-2016-7417}} {{CVE|CVE-2016-7418}} [http://www.openwall.com/lists/oss-security/2016/09/15/10] || {{pkg|php}} || 2016-09-15 || <= 7.0.10-1 || 7.0.11-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16]<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|lib32-gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || 7.50.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000715.html ASA-201609-19]<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || 7.50.3-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000714.html ASA-201609-18]<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || 2.2.0-1 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000723.html ASA-201609-27]<br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || 7.0.11-1 || || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14]<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23-1 || || Fixed ({{bug|49958}}) || None<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Not Affected ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || 2.6-1 || 90d || Fixed ({{bug|49196}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000731.html ASA-201610-3]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || 1:2.6-1 || >90d || Fixed ({{bug|49196}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-October/000735.html ASA-201610-7]<br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || 2.8-1 || 137d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|lib32-jansson}} || 2016-05-02 || <= 2.7-2 || 2.8-1 || 140d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000713.html ASA-201609-17]<br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.1.2-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Not Affected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.1.2-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || 7.u75_2.5.4-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 0.5.5-3 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Not Affected ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || <=9.3.3 || 9.3.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || 2.7.6-3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || 5.7.2.1-2 || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || 11.2.202.346 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || 0.24-1 || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || 1.8.0-2 || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || <2.36.0 || 2.34.0-3 || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=451334
CVE
2016-09-20T21:57:16Z
<p>Sangy: /* Documented CVE's */ Wrong CVE number in FF (5258 -> 5257)</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-5270}} {{CVE|CVE-2016-5271}} {{CVE|CVE-2016-5272}} {{CVE|CVE-2016-5273}} {{CVE|CVE-2016-5276}} {{CVE|CVE-2016-5274}} {{CVE|CVE-2016-5277}} {{CVE|CVE-2016-5275}} {{CVE|CVE-2016-5278}} {{CVE|CVE-2016-5279}} {{CVE|CVE-2016-5280}} {{CVE|CVE-2016-5281}} {{CVE|CVE-2016-5282}} {{CVE|CVE-2016-5283}} {{CVE|CVE-2016-5284}} {{CVE|CVE-2016-5256}} {{CVE|CVE-2016-5257}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-85/] || {{pkg|firefox}} || 2016-09-13 || <= 48.0.2-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} || {{pkg|tomcat7}} || 2016-09-18 || <= 7.0.70-1 || 7.0.72-1 || || Fixed || <br />
|- <br />
| {{CVE|CVE-2016-7420}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7420] || {{pkg|crypto++}} || 2016-09-18 || <= 5.6.4-2 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|gnutls}} || 2016-09-08 || <= 3.4.14-1 || 3.4.15-1 || <1d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|lib32-gnutls}} || 2016-09-08 || <= 3.4.14-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-5170}} {{CVE|CVE-2016-5171}} {{CVE|CVE-2016-5172}} {{CVE|CVE-2016-5173}} {{CVE|CVE-2016-5174}} {{CVE|CVE-2016-5175}} [https://googlechromereleases.blogspot.fr/2016/09/stable-channel-update-for-desktop_13.html] || {{pkg|chromium}} || 2016-09-13 || <= 53.0.2785.101-1 || 53.0.2785.116-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13]<br />
|- <br />
| {{CVE|CVE-2016-7412}} {{CVE|CVE-2016-7413}} {{CVE|CVE-2016-7414}} {{CVE|CVE-2016-7416}} {{CVE|CVE-2016-7417}} {{CVE|CVE-2016-7418}} [http://www.openwall.com/lists/oss-security/2016/09/15/10] || {{pkg|php}} || 2016-09-15 || <= 7.0.10-1 || 7.0.11-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16]<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|lib32-gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || 7.50.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000715.html ASA-201609-19]<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || 7.50.3-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000714.html ASA-201609-18]<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14]<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || 2.8-1 || 137d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|lib32-jansson}} || 2016-05-02 || <= 2.7-2 || 2.8-1 || 140d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000713.html ASA-201609-17]<br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=451333
CVE
2016-09-20T21:43:50Z
<p>Sangy: /* Documented CVE's */ CVE's fixed in firefox 49</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-5270}} {{CVE|CVE-2016-5271}} {{CVE|CVE-2016-5272}} {{CVE|CVE-2016-5273}} {{CVE|CVE-2016-5276}} {{CVE|CVE-2016-5274}} {{CVE|CVE-2016-5277}} {{CVE|CVE-2016-5275}} {{CVE|CVE-2016-5278}} {{CVE|CVE-2016-5279}} {{CVE|CVE-2016-5280}} {{CVE|CVE-2016-5281}} {{CVE|CVE-2016-5282}} {{CVE|CVE-2016-5283}} {{CVE|CVE-2016-5284}} {{CVE|CVE-2016-5256}} {{CVE|CVE-2016-5258}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-85/] || {{pkg|firefox}} || 2016-09-13 || <= 48.0.2-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} || {{pkg|tomcat7}} || 2016-09-18 || <= 7.0.70-1 || 7.0.72-1 || || Fixed || <br />
|- <br />
| {{CVE|CVE-2016-7420}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7420] || {{pkg|crypto++}} || 2016-09-18 || <= 5.6.4-2 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|gnutls}} || 2016-09-08 || <= 3.4.14-1 || 3.4.15-1 || <1d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|lib32-gnutls}} || 2016-09-08 || <= 3.4.14-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-5170}} {{CVE|CVE-2016-5171}} {{CVE|CVE-2016-5172}} {{CVE|CVE-2016-5173}} {{CVE|CVE-2016-5174}} {{CVE|CVE-2016-5175}} [https://googlechromereleases.blogspot.fr/2016/09/stable-channel-update-for-desktop_13.html] || {{pkg|chromium}} || 2016-09-13 || <= 53.0.2785.101-1 || 53.0.2785.116-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13]<br />
|- <br />
| {{CVE|CVE-2016-7412}} {{CVE|CVE-2016-7413}} {{CVE|CVE-2016-7414}} {{CVE|CVE-2016-7416}} {{CVE|CVE-2016-7417}} {{CVE|CVE-2016-7418}} [http://www.openwall.com/lists/oss-security/2016/09/15/10] || {{pkg|php}} || 2016-09-15 || <= 7.0.10-1 || 7.0.11-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16]<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|lib32-gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || 7.50.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000715.html ASA-201609-19]<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || 7.50.3-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000714.html ASA-201609-18]<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14]<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || 2.8-1 || 137d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|lib32-jansson}} || 2016-05-02 || <= 2.7-2 || 2.8-1 || 140d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000713.html ASA-201609-17]<br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=451148
CVE
2016-09-19T17:36:03Z
<p>Sangy: Adds CVE-2016-7420 Crypto++: information disclosure</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-7420}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7420] || {{pkg|crypto++}} || 2016-09-18 || <= 5.6.4-2 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|gnutls}} || 2016-09-08 || <= 3.4.14-1 || 3.4.15-1 || <1d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2016-7444}} [http://seclists.org/oss-sec/2016/q3/545] [https://www.gnutls.org/security.html#GNUTLS-SA-2016-3] || {{pkg|lib32-gnutls}} || 2016-09-08 || <= 3.4.14-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-5170}} {{CVE|CVE-2016-5171}} {{CVE|CVE-2016-5172}} {{CVE|CVE-2016-5173}} {{CVE|CVE-2016-5174}} {{CVE|CVE-2016-5175}} [https://googlechromereleases.blogspot.fr/2016/09/stable-channel-update-for-desktop_13.html] || {{pkg|chromium}} || 2016-09-13 || <= 53.0.2785.101-1 || 53.0.2785.116-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13]<br />
|- <br />
| {{CVE|CVE-2016-7412}} {{CVE|CVE-2016-7413}} {{CVE|CVE-2016-7414}} {{CVE|CVE-2016-7416}} {{CVE|CVE-2016-7417}} {{CVE|CVE-2016-7418}} [http://www.openwall.com/lists/oss-security/2016/09/15/10] || {{pkg|php}} || 2016-09-15 || <= 7.0.10-1 || 7.0.11-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16]<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|lib32-gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || 7.50.3-1 || 2d || Fixed ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || 7.50.3-1 || 3d || Fixed ||<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14]<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || 2.8-1 || 137d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|lib32-jansson}} || 2016-05-02 || <= 2.7-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=451086
CVE
2016-09-18T15:38:23Z
<p>Sangy: Adds php (ASA-201609-16) to relevant entry</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-5170}} {{CVE|CVE-2016-5171}} {{CVE|CVE-2016-5172}} {{CVE|CVE-2016-5173}} {{CVE|CVE-2016-5174}} {{CVE|CVE-2016-5175}} [https://googlechromereleases.blogspot.fr/2016/09/stable-channel-update-for-desktop_13.html] || {{pkg|chromium}} || 2016-09-13 || <= 53.0.2785.101-1 || 53.0.2785.116-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13]<br />
|- <br />
| {{CVE|CVE-2016-7412}} {{CVE|CVE-2016-7413}} {{CVE|CVE-2016-7414}} {{CVE|CVE-2016-7416}} {{CVE|CVE-2016-7417}} {{CVE|CVE-2016-7418}} [http://www.openwall.com/lists/oss-security/2016/09/15/10] || {{pkg|php}} || 2016-09-15 || <= 7.0.10-1 || 7.0.11-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16]<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|lib32-gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || 7.50.3-1 || 2d || Fixed ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || 7.50.3-1 || 3d || Fixed ||<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14]<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || 2.8-1 || 137d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|lib32-jansson}} || 2016-05-02 || <= 2.7-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=451085
Security Advisories
2016-09-18T15:36:43Z
<p>Sangy: Adds php (ASA-201609-16) to recent advisories.</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== September 2016 ===<br />
* [18 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000712.html ASA-201609-16] {{pkg|php}} multiple issues.<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000711.html ASA-201609-15] {{pkg|jansson}} denial of service<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000710.html ASA-201609-14] {{pkg|lib32-libgcrypt}} information disclosure<br />
* [17 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000709.html ASA-201609-13] {{pkg|chromium}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12] {{pkg|lib32-flashplugin}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] {{pkg|flashplugin}} multiple issues<br />
* [14 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10] {{pkg|mariadb}} multiple issues<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9] {{pkg|powerdns}} denial of service<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8] {{pkg|libtorrent-rasterbar}} denial of service<br />
* [10 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] {{pkg|tomcat8}} proxy injection<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000702.html ASA-201609-6] {{pkg|graphicsmagick}} multiple issues<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5] {{pkg|file-roller}} directory traversal<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000700.html ASA-201609-4] {{pkg|wordpress}} multiple issues<br />
* [04 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3] {{pkg|thunderbird}} arbitrary code execution<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2] {{pkg|webkit2gtk}} multiple issues<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2016 ===<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] {{pkg|mupdf}} arbitrary code execution<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} arbitrary code execution<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=451031
Security Advisories
2016-09-17T20:50:01Z
<p>Sangy: /* Scheduled Advisories */ Claims ASA 201609-16 php</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
* [17 September 2016] ASA-210609-16 {{pkg|php}} multiple issues<br />
* [17 September 2016] ASA-201609-15 {{pkg|jansson}} denial of service<br />
* [17 September 2016] ASA-201609-14 {{pkg|lib32-libgcrypt}} information disclosure<br />
* [17 September 2016] ASA-201609-13 {{pkg|chromium}} multiple issues<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== September 2016 ===<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12] {{pkg|lib32-flashplugin}} multiple issues<br />
* [15 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] {{pkg|flashplugin}} multiple issues<br />
* [14 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10] {{pkg|mariadb}} multiple issues<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9] {{pkg|powerdns}} denial of service<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8] {{pkg|libtorrent-rasterbar}} denial of service<br />
* [10 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] {{pkg|tomcat8}} proxy injection<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000702.html ASA-201609-6] {{pkg|graphicsmagick}} multiple issues<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5] {{pkg|file-roller}} directory traversal<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000700.html ASA-201609-4] {{pkg|wordpress}} multiple issues<br />
* [04 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3] {{pkg|thunderbird}} arbitrary code execution<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2] {{pkg|webkit2gtk}} multiple issues<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2016 ===<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] {{pkg|mupdf}} arbitrary code execution<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} arbitrary code execution<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=450897
CVE
2016-09-15T18:28:15Z
<p>Sangy: CVE for php CVE-2016-7411 doesn't apply to this version (but 7418 does)</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-7412}} {{CVE|CVE-2016-7413}} {{CVE|CVE-2016-7414}} {{CVE|CVE-2016-7416}} {{CVE|CVE-2016-7417}} {{CVE|CVE-2016-7418}} [http://www.openwall.com/lists/oss-security/2016/09/15/10] || {{pkg|php}} || 2016-09-15 || <= 7.0.10-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|lib32-gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=450896
CVE
2016-09-15T18:26:21Z
<p>Sangy: Added CVE's for php CVE-2016-{{7411..7417}}</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-7411}} {{CVE|CVE-2016-7412}} {{CVE|CVE-2016-7413}} {{CVE|CVE-2016-7414}} {{CVE|CVE-2016-7416}} {{CVE|CVE-2016-7417}} [http://www.openwall.com/lists/oss-security/2016/09/15/10] || {{pkg|php}} || 2016-09-15 || <= 7.0.10-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|lib32-gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=450885
CVE
2016-09-15T14:06:50Z
<p>Sangy: Adds lib32-gdk-pixbuf2 to CVE-2016-6352</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|lib32-gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=450884
CVE
2016-09-15T14:00:52Z
<p>Sangy: corrects typo gdk-pixbuf -> gdk-pixbuf2</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf2}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=450883
CVE
2016-09-15T13:59:17Z
<p>Sangy: Documented CVE: gdk-pixbuf CVE-2016-6352</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-6352}} [https://bugzilla.redhat.com/show_bug.cgi?id=1349751] || {{pkg|gdk-pixbuf}} || 2016-08-31 || <= 2.34.0-2 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|curl}} || 2016-09-14 || <= 7.50.2-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-7167}} [https://curl.haxx.se/docs/adv_20160914.html] || {{pkg|lib32-curl}} || 2016-09-14 || <= 7.50.0-1 || || || '''Vulnerable''' ||<br />
|- <br />
| {{CVE|CVE-2016-4271}} {{CVE|CVE-2016-4272}} {{CVE|CVE-2016-4274}} {{CVE|CVE-2016-4275}} {{CVE|CVE-2016-4276}} {{CVE|CVE-2016-4277}} {{CVE|CVE-2016-4278}} {{CVE|CVE-2016-4279}} {{CVE|CVE-2016-4280}} {{CVE|CVE-2016-4281}} {{CVE|CVE-2016-4282}} {{CVE|CVE-2016-4283}} {{CVE|CVE-2016-4284}} {{CVE|CVE-2016-4285}} {{CVE|CVE-2016-4287}} {{CVE|CVE-2016-6921}} {{CVE|CVE-2016-6922}} {{CVE|CVE-2016-6923}} {{CVE|CVE-2016-6924}} {{CVE|CVE-2016-6925}} {{CVE|CVE-2016-6926}} {{CVE|CVE-2016-6927}} {{CVE|CVE-2016-6929}} {{CVE|CVE-2016-6930}} {{CVE|CVE-2016-6931}} {{CVE|CVE-2016-6932}} [https://helpx.adobe.com/security/products/flash-player/apsb16-29.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-09-13 || <= 11.2.202.632-1 || 11.2.202.635-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000707.html ASA-201609-11] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000708.html ASA-201609-12]<br />
|- <br />
| {{CVE|CVE-2016-6662}} {{CVE|CVE-2016-6663}} [https://mariadb.org/mariadb-server-versions-remote-root-code-execution-vulnerability-cve-2016-6662/] [https://jira.mariadb.org/browse/MDEV-10465] [http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html] || {{Pkg|mariadb}} || 2016-09-13 || <= 10.1.16-2 || 10.1.17-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10]<br />
|-<br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark-cli}} || 2016-09-09 || <= 2.0.5-1 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || 4.0.1-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9]<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || 1:1.1.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8]<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=450849
Security Advisories
2016-09-14T22:08:31Z
<p>Sangy: Claims ASA 2016-09-11/12 flashplugin and lib32 flashplugin.</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
* {{pkg|lib32-flashplugin}} ASA-201609-12<br />
* {{pkg|flashplugin}} ASA-201609-11 <br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== September 2016 ===<br />
* [14 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000706.html ASA-201609-10] {{pkg|mariadb}} multiple issues<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000705.html ASA-201609-9] {{pkg|powerdns}} denial of service<br />
* [13 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000704.html ASA-201609-8] {{pkg|libtorrent-rasterbar}} denial of service<br />
* [10 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] {{pkg|tomcat8}} proxy injection<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000702.html ASA-201609-6] {{pkg|graphicsmagick}} multiple issues<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5] {{pkg|file-roller}} directory traversal<br />
* [09 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000700.html ASA-201609-4] {{pkg|wordpress}} multiple issues<br />
* [04 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3] {{pkg|thunderbird}} arbitrary code execution<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2] {{pkg|webkit2gtk}} multiple issues<br />
* [01 September 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2016 ===<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] {{pkg|mupdf}} arbitrary code execution<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} arbitrary code execution<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=450180
CVE
2016-09-10T17:53:49Z
<p>Sangy: /* Documented CVE's */ Adds wireshark CVE-2016-7185-7180</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|- <br />
| {{CVE|CVE-2016-7180}} {{CVE|CVE-2016-7175}} {{CVE|CVE-2016-7176}} {{CVE|CVE-2016-7177}} {{CVE|CVE-2016-7178}} {{CVE|CVE-2016-7179}} [https://www.wireshark.org/security/wnpa-sec-2016-50.html] [https://www.wireshark.org/security/wnpa-sec-2016-51.html] [https://www.wireshark.org/security/wnpa-sec-2016-52.html] [https://www.wireshark.org/security/wnpa-sec-2016-53.html] [https://www.wireshark.org/security/wnpa-sec-2016-54.html] [https://www.wireshark.org/security/wnpa-sec-2016-55.html] || {{pkg|wireshark}} || 2016-09-09 || < 2.0.6 || || || '''Vulnerable''' || <br />
|- <br />
| {{CVE|CVE-2016-5388}} [https://www.apache.org/security/asf-httpoxy-response.txt] || {{pkg|tomcat8}} || 2016-07-18 || <= 8.0.36-1 || 8.0.37-1 || 52d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000703.html ASA-201609-7] <br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://ftp.gnome.org/mirror/gnome.org/sources/file-roller/3.20/file-roller-3.20.3.news] || {{pkg|file-roller}} || 2016-09-08 || <= 3.20.2-1 || 3.20.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000701.html ASA-201609-5]<br />
|-<br />
| {{CVE|CVE-2016-5426}} {{CVE|CVE-2016-5427}} [http://seclists.org/oss-sec/2016/q3/464] [https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/] || {{pkg|powerdns}} || 2016-09-08 || 3.4.9-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-7164}} [http://seclists.org/oss-sec/2016/q3/443] || {{pkg|libtorrent-rasterbar}} || 2016-09-08 || <= 1:1.1-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=449782
CVE
2016-09-07T13:36:02Z
<p>Sangy: Adds libcurl CVE-2016-7141 (not affected)</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|-<br />
| {{CVE|CVE-2016-7141}} [https://curl.haxx.se/docs/adv_20160907.html] || {{pkg|curl}} || 2016-09-07 || N/A || N/A || - || Not Affected || None<br />
|-<br />
| {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/] || {{pkg|thunderbird}} || 2016-08-30 || <= 45.2.0-2 || 45.3.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000699.html ASA-201609-3]<br />
|-<br />
| {{CVE|CVE-2016-7134}} {{CVE|CVE-2016-7133}} {{CVE|CVE-2016-7132}} {{CVE|CVE-2016-7131}} {{CVE|CVE-2016-7130}} {{CVE|CVE-2016-7129}} {{CVE|CVE-2016-7128}} {{CVE|CVE-2016-7127}} {{CVE|CVE-2016-7126}} {{CVE|CVE-2016-7125}} {{CVE|CVE-2016-7124}} [http://www.openwall.com/lists/oss-security/2016/09/02/9] || {{pkg|php}} || 2016-09-03 || <= 7.0.10-1 || || || ||<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Invalid || -<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=NetworkManager&diff=449085
NetworkManager
2016-09-02T00:23:13Z
<p>Sangy: Added MAC address spoofing section</p>
<hr />
<div>[[Category:Network configuration]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[ja:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
[[zh-CN:NetworkManager]]<br />
{{Related articles start}}<br />
{{Related|Network configuration}}<br />
{{Related|Wireless network configuration}}<br />
{{Related|:Category:Network configuration}}<br />
{{Related articles end}}<br />
[http://projects.gnome.org/NetworkManager/ NetworkManager] is a program for providing detection and configuration for systems to automatically connect to network. NetworkManager's functionality can be useful for both wireless and wired networks. For wireless networks, NetworkManager prefers known wireless networks and has the ability to switch to the most reliable network. NetworkManager-aware applications can switch from online and offline mode. NetworkManager also prefers wired connections over wireless ones, has support for modem connections and certain types of VPN. NetworkManager was originally developed by Red Hat and now is hosted by the [[GNOME]] project.<br />
<br />
{{Warning|By default, Wi-Fi passwords are stored in clear text. See section [[#Encrypted Wi-Fi passwords]]}}<br />
<br />
== Installation ==<br />
<br />
NetworkManager can be [[install]]ed with the package {{Pkg|networkmanager}}. The package does not include the tray applet ''nm-applet'' which is part of the {{Pkg|network-manager-applet}}. It has functionality for basic DHCP support. For full featured DHCP and if you require IPv6 support, {{Pkg|dhclient}} integrates it. <br />
<br />
{{Note|You must ensure that no other service that wants to configure the network is running; in fact, multiple networking services will conflict. You can find a list of the currently running services with {{ic|1=systemctl --type=service}} and then [[stop]] them. See [[#Configuration]] to enable the NetworkManager service.}}<br />
<br />
=== VPN support ===<br />
<br />
NetworkManager VPN support is based on a plug-in system. If you need VPN support via NetworkManager, you have to install one of the following packages:<br />
<br />
* {{Pkg|networkmanager-openconnect}}<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
* {{AUR|networkmanager-l2tp}}<br />
<br />
{{Warning|1=VPN support is [https://bugzilla.gnome.org/buglist.cgi?quicksearch=networkmanager%20vpn unstable], check the daemon processes options set via the GUI correctly and double-check with each package release.[https://bugzilla.gnome.org/show_bug.cgi?id=755350] [https://bugzilla.gnome.org/show_bug.cgi?id=758772] {{Bug|47535}}}}<br />
<br />
=== PPPoE / DSL support ===<br />
<br />
[[Install]] {{pkg|rp-pppoe}} for PPPoE / DSL connection support.<br />
<br />
== Front-ends ==<br />
<br />
To configure and have easy access to NetworkManager, most users will want to install an applet. This GUI front-end usually resides in the system tray (or notification area) and allows network selection and configuration of NetworkManager. Various applets exist for different types of desktops.<br />
<br />
=== GNOME ===<br />
<br />
[[GNOME]]'s {{Pkg|network-manager-applet}} works in all environments.<br />
<br />
To store authentication details for connections (Wireless/DSL) install and configure [[GNOME Keyring]].<br />
<br />
Be aware that after enabling the tick-box option {{ic|Make available to other users}} for a connection, NetworkManager stores the password in plain-text, though the respective file is accessible only to root (or other users via {{ic|nm-applet}}). See [[#Encrypted Wi-Fi passwords]].<br />
<br />
=== KDE Plasma ===<br />
<br />
[[Install]] the {{Pkg|plasma-nm}} applet.<br />
<br />
=== Xfce ===<br />
<br />
While {{Pkg|network-manager-applet}} works in [[Xfce]], in order to see notifications, including error messages, {{ic|nm-applet}} needs an implementation of the Freedesktop desktop notifications specification (see the [http://www.galago-project.org/specs/notification/0.9/index.html Galapago Project]) to display them. To enable notifications install {{Pkg|xfce4-notifyd}}, a package that provides an implementation for the specification.<br />
<br />
Without such a notification daemon, {{ic|nm-applet}} outputs the following errors to stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
{{ic|nm-applet}} will still work fine, though, but without notifications.<br />
<br />
If {{ic|nm-applet}} is not prompting for a password when connecting to new wifi networks, and is just disconnecting immediately, you may need to install {{Pkg|gnome-keyring}}. <br />
<br />
Should the applet not appear, install the {{AUR|xfce4-indicator-plugin}} package. [http://askubuntu.com/questions/449658/networkmanager-tray-nm-applet-is-gone-after-upgrade-to-14-04-trusty]<br />
<br />
=== Openbox ===<br />
<br />
To work properly in [[Openbox]], the GNOME applet requires the {{Pkg|xfce4-notifyd}} notification daemon for the same reason as in XFCE and the {{Pkg|gnome-icon-theme}} package to be able to display the applet in the systray.<br />
<br />
If you want to store authentication details (Wireless/DSL) install and configure [[gnome-keyring]].<br />
<br />
{{ic|nm-applet}} installs the autostart file at {{ic|/etc/xdg/autostart/nm-applet.desktop}}. If you have issues with it (e.g. {{ic|nm-applet}} is started twice or is not started at all), see [[Openbox#autostart]] or [https://bbs.archlinux.org/viewtopic.php?pid=993738] for solution.<br />
<br />
=== Other desktops and window managers ===<br />
<br />
In all other scenarios it is recommended to use the GNOME applet. You will also need to be sure that the {{Pkg|gnome-icon-theme}} package is installed to be able to display the applet.<br />
<br />
To store connection secrets install and configure [[GNOME Keyring]].<br />
<br />
In order to run {{ic|nm-applet}} without a systray, you can use {{Pkg|trayer}} or {{Pkg|stalonetray}}. For example, you can add a script like this one in your path:<br />
<br />
{{hc|nmgui|<nowiki><br />
#!/bin/sh<br />
nm-applet 2>&1 > /dev/null &<br />
stalonetray 2>&1 > /dev/null<br />
killall nm-applet<br />
</nowiki>}}<br />
<br />
When you close the ''stalonetray'' window, it closes {{ic|nm-applet}} too, so no extra memory is used once you are done with network settings.<br />
<br />
=== Command line ===<br />
<br />
{{Style|Why is this a subsection of [[#Graphical front-ends]]?}}<br />
<br />
The following applications can be useful for configuring and managing networks without X.<br />
<br />
==== nmcli ====<br />
<br />
A command line frontend, ''nmcli'', is included with {{Pkg|networkmanager}}.<br />
<br />
For usage information, see {{ic|man nmcli}}. Examples:<br />
<br />
* To connect to a wifi network: {{bc|nmcli dev wifi connect <name> password <password>}}<br />
* To connect to a wifi on the {{ic|wlan1}} wifi interface: {{bc|nmcli dev wifi connect <name> password <password> iface wlan1 [profile name]}}<br />
* To disconnect an interface: {{bc|nmcli dev disconnect iface eth0}}<br />
* To reconnect an interface marked as disconnected: {{bc|nmcli con up uuid <uuid>}}<br />
* To get a list of UUIDs: {{bc|nmcli con show}}<br />
* To see a list of network devices and their state: {{bc|nmcli dev}}<br />
* To turn off wifi: {{bc|nmcli r wifi off}}<br />
<br />
==== nmtui ====<br />
<br />
A curses based graphical frontend, ''nmtui'', is included with {{Pkg|networkmanager}}.<br />
<br />
For usage information, see {{ic|man nmtui}}.<br />
<br />
==== nmcli-dmenu ====<br />
<br />
Alternatively there is {{AUR|networkmanager-dmenu-git}} which is a small script to manage NetworkManager connections with ''dmenu'' instead of {{ic|nm-applet}}. It provides all essential features such as connect to existing NetworkManager wifi or wired connections, connect to new wifi connections, requests passphrase if required, connect to existing VPN connections, enable/disable networking, launch ''nm-connection-editor'' GUI.<br />
<br />
== Configuration ==<br />
<br />
NetworkManager will require some additional steps to be able run properly. Make sure you have configured {{ic|/etc/hosts}} as described in [[Network configuration#Set the hostname]] section.<br />
<br />
=== Enable NetworkManager ===<br />
<br />
NetworkManager is [[systemd#Using units|controlled]] via {{ic|NetworkManager.service}}. Once the NetworkManager daemon is started, it will automatically connect to any available "system connections" that have already been configured. Any "user connections" or unconfigured connections will need ''nmcli'' or an applet to configure and connect.<br />
<br />
NetworkManager has a global configuration file at {{ic|/etc/NetworkManager/NetworkManager.conf}}. Usually no configuration needs to be done to the global defaults.<br />
<br />
=== Enable NetworkManager Wait Online ===<br />
<br />
If you have services which fail if they are started before the network is up, you may use {{ic|NetworkManager-wait-online.service}} in addition to {{ic|NetworkManager.service}}. This is, however, rarely necessary because most networked daemons start up okay, even if the network has not been configured yet.<br />
<br />
In some cases, the service will still fail to start successfully on boot due to the timeout setting in {{ic|/usr/lib/systemd/system/NetworkManager-wait-online.service}} being too short. Change the default timeout from 30 to a higher value.<br />
<br />
=== Set up PolicyKit permissions ===<br />
<br />
See [[General troubleshooting#Session permissions]] for setting up a working session.<br />
<br />
With a working session, you have several options for granting the necessary privileges to NetworkManager:<br />
<br />
* ''Option 1.'' Run a [[Polkit]] authentication agent when you log in, such as {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). You will be prompted for your password whenever you add or remove a network connection.<br />
* ''Option 2.'' [[Users and groups#Group management|Add]] yourself to the {{ic|wheel}} group. You will not have to enter your password, but your user account may be granted other permissions as well, such as the ability to use [[sudo]] without entering the root password.<br />
* ''Option 3.'' [[Users and groups#Group management|Add]] yourself to the {{ic|network}} group and create the following file:<br />
<br />
{{hc|/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules|<nowiki><br />
polkit.addRule(function(action, subject) {<br />
if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) {<br />
return polkit.Result.YES;<br />
}<br />
});<br />
</nowiki>}}<br />
<br />
: All users in the {{ic|network}} group will be able to add and remove networks without a password. This will not work under [[systemd]] if you do not have an active session with ''systemd-logind''.<br />
<br />
=== Network services with NetworkManager dispatcher ===<br />
<br />
There are quite a few network services that you will not want running until NetworkManager brings up an interface. Good examples are [[NTPd]] and network filesystem mounts of various types (e.g. '''netfs'''). NetworkManager has the ability to start these services when you connect to a network and stop them when you disconnect. To activate the feature you need to [[start]] the {{ic|NetworkManager-dispatcher.service}}.<br />
<br />
Once the feature is active, scripts can be added to the {{ic|/etc/NetworkManager/dispatcher.d}} directory. These scripts must be '''owned by root''', otherwise the dispatcher will not execute them. For added security, set group ownership to root as well:<br />
<br />
# chown root:root ''scriptname''<br />
<br />
Also, the script must have '''write permission for owner only''', otherwise the dispatcher will not execute them:<br />
<br />
# chmod 755 ''scriptname''<br />
<br />
The scripts will be run in alphabetical order at connection time, and in reverse alphabetical order at disconnect time. They receive two arguments: the name of the interface (e.g. {{ic|eth0}}) and the status (''up'' or ''down'' for interfaces and ''vpn-up'' or ''vpn-down'' for vpn connections). To ensure what order they come up in, it is common to use numerical characters prior to the name of the script (e.g. {{ic|10_portmap}} or {{ic|30_netfs}} (which ensures that the ''portmapper'' is up before NFS mounts are attempted).<br />
<br />
{{Warning|If you connect to foreign or public networks, be aware of what services you are starting and what servers you expect to be available for them to connect to. You could make a security hole by starting the wrong services while connected to a public network}}<br />
<br />
==== Avoiding the dispatcher timeout ====<br />
<br />
If the above is working, then this section is not relevant. However, there is a general problem related to running dispatcher scripts which take longer to be executed. Initially an internal timeout of three seconds only was used. If the called script did not complete in time, it was killed. Later the timeout was extended to about 20 seconds (see the [https://bugzilla.redhat.com/show_bug.cgi?id=982734 Bugtracker] for more information). If the timeout still creates the problem, a work around may be to modify the dispatcher service file {{ic|/usr/lib/systemd/system/NetworkManager-dispatcher.service}} to remain active after exit: <br />
<br />
{{hc|/etc/systemd/system/NetworkManager-dispatcher.service|2=<br />
.include /usr/lib/systemd/system/NetworkManager-dispatcher.service<br />
[Service]<br />
RemainAfterExit=yes}}<br />
<br />
Now start and enable the modified {{ic|NetworkManager-dispatcher}} service.<br />
<br />
{{Warning|Adding the {{ic|RemainAfterExit}} line to it will prevent the dispatcher from closing. Unfortunately, the dispatcher '''has''' to close before it can run your scripts again. With it the dispatcher will not time out but it also will not close, which means that the scripts will only run once per boot. Therefore, do not add the line unless the timeout is definitely causing a problem.}}<br />
<br />
==== Start OpenNTPD ====<br />
<br />
Install the {{Pkg|networkmanager-dispatcher-openntpd}} package.<br />
<br />
==== Mount remote folder with sshfs ====<br />
<br />
As the script is run in a very restrictive environment, you have to export {{ic|SSH_AUTH_SOCK}} in order to connect to your SSH agent. There are different ways to accomplish this, see [https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 this message] for more information. The example below works with [[GNOME Keyring]], and will ask you for the password if not unlocked already. In case NetworkManager connects automatically on login, it is likely ''gnome-keyring'' has not yet started and the export will fail (hence the sleep). The {{ic|UUID}} to match can be found with the command {{ic|nmcli con status}} or {{ic|nmcli con list}}. <br />
<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
USER='username'<br />
REMOTE='user@host:/remote/path'<br />
LOCAL='/local/path'<br />
<br />
interface=$1 status=$2<br />
if [ "$CONNECTION_UUID" = "</nowiki>''uuid''<nowiki>" ]; then<br />
case $status in<br />
up)<br />
export SSH_AUTH_SOCK=$(find /tmp -maxdepth 1 -type s -user "$USER" -name 'ssh')<br />
su "$USER" -c "sshfs $REMOTE $LOCAL"<br />
;;<br />
down)<br />
fusermount -u "$LOCAL"<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
==== Use dispatcher to connect to a VPN after a network connection is established ====<br />
<br />
In this example we want to connect automatically to a previously defined VPN connection after connecting to a specific Wi-Fi network. First thing to do is to create the dispatcher script that defines what to do after we are connected to the network.<br />
<br />
:1. Create the dispatcher script:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli con up id "$VPN_NAME"<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli con show --active | grep "$VPN_NAME"; then<br />
nmcli con down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
If you would like to attempt to automatically connect to VPN for all Wi-Fi networks, you can use the following definition of the ESSID: {{ic|1=ESSID=$(iwgetid -r)}}. Remember to set the script's permissions [[#Network services with NetworkManager dispatcher|accordingly]]. <br />
<br />
If you require and tick the {{ic|nm-applet}} option to ''Make the VPN connection available to all users'', trying to connect may still fail and NetworkManager will complain about 'no valid VPN secrets', because of [http://developer.gnome.org/NetworkManager/0.9/secrets-flags.html the way VPN secrets are stored], which brings us to step 2:<br />
<br />
:2. Either edit the VPN connection configuration file to make NetworkManager store the secrets by itself rather than inside a keyring [https://bugzilla.redhat.com/show_bug.cgi?id=710552 that will be inaccessible for root]: open up {{ic|/etc/NetworkManager/system-connections/''name of your VPN connection''}} and change the {{ic|password-flags}} and {{ic|secret-flags}} from {{ic|1}} to {{ic|0}}.<br />
<br />
Alternatively put the password directly in the configuration file adding the section {{ic|vpn-secrets}}:<br />
<br />
[vpn]<br />
....<br />
password-flags=0<br />
<br />
[vpn-secrets]<br />
password=''your_password''<br />
<br />
{{Note|It may now be necessary to re-open the NetworkManager connection editor and save the VPN passwords/secrets again.}}<br />
<br />
==== Use dispatcher to handle mounting of CIFS shares ====<br />
<br />
Some CIFS shares are only available on certain networks or locations (e.g. at home). You can use the dispatcher to only mount CIFS shares that are present at your current location.<br />
<br />
The following script will check if we connected to a specific network and mount shares accordingly:<br />
{{hc|/etc/NetworkManager/dispatcher.d/mount_cifs|<nowiki><br />
#!/bin/bash<br />
if [ "$2" = "up" ]<br />
if [ "$CONNECTION_UUID" = "uuid" ]<br />
mount /your/mount/point & <br />
# add more shares as needed<br />
fi<br />
fi<br />
</nowiki>}}<br />
{{Note|You can get a list of uuids using [[#nmcli|nmcli]].}}<br />
<br />
The following script will unmount all CIFS before a disconnect from a specific network:<br />
{{hc|/etc/NetworkManager/dispatcher.d/pre-down.d/mount_cifs|<nowiki><br />
#!/bin/bash<br />
umount -a -l -t cifs<br />
</nowiki>}}<br />
{{Note|Make sure this script is located in the pre-down.d subdirectory as shown above, otherwise it will unmount all shares on any connection state change.}}<br />
{{Note|Ever since NetworkManager 0.9.8, the 'pre-down' and 'down' actions are not executed on shutdown or restart, so the above script will only work if you manually disconnect from the network. See [https://bugzilla.gnome.org/show_bug.cgi?id&#61;701242 this bug report] for more info.}}<br />
<br />
As before, do not forget to set the script permissions [[#Network services with NetworkManager dispatcher|accordingly]].<br />
<br />
See also [[NFS#NetworkManager dispatcher]] for another example script that parses {{ic|/etc/fstab}} mounts during dispatcher actions.<br />
<br />
=== Proxy settings ===<br />
<br />
NetworkManager does not directly handle proxy settings, but if you are using GNOME or KDE, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using NetworkManager's informations. proxydriver is found in the package {{AUR|proxydriver}}.<br />
<br />
In order for ''proxydriver'' to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (System -> Preferences -> Startup Applications):<br />
<br />
xhost +si:localuser:''your_username''<br />
<br />
See: [[Proxy settings]].<br />
<br />
=== Disable NetworkManager ===<br />
<br />
It might not be obvious, but the service automatically starts through ''dbus''. To completely disable it you can [[mask]] the services {{ic|NetworkManager}} and {{ic|NetworkManager-dispatcher}}.<br />
<br />
== Testing ==<br />
<br />
NetworkManager applets are designed to load upon login so no further configuration should be necessary for most users. If you have already disabled your previous network settings and disconnected from your network, you can now test if NetworkManager will work. The first step is to [[start]] {{ic|NetworkManager.service}}.<br />
<br />
Some applets will provide you with a {{ic|.desktop}} file so that the NetworkManager applet can be loaded through the application menu. If it does not, you are going to either have to discover the command to use or logout and login again to start the applet. Once the applet is started, it will likely begin polling network connections with for auto-configuration with a DHCP server.<br />
<br />
To start the GNOME applet in non-xdg-compliant window managers like [[awesome]]:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IP addresses, you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
== Troubleshooting ==<br />
<br />
=== No prompt for password of secured Wi-Fi networks ===<br />
<br />
When trying to connect to a secured Wi-Fi network, no prompt for a password is shown and no connection is established. This happens when no keyring package is installed. An easy solution is to install {{Pkg|gnome-keyring}}. If you want the passwords to be stored in encrypted form, follow [[GNOME Keyring]] to set up the ''gnome-keyring-daemon''.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully; you see a ppp0 interface with the correct VPN IP address, but you cannot even ping the remote IP address. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install the {{AUR|ppp-mppe}}{{Broken package link|{{aur-mirror|ppp-mppe}}}} package.<br />
<br />
See also [[WPA2 Enterprise#MS-CHAPv2]].<br />
<br />
=== Network management disabled ===<br />
<br />
When NetworkManager shuts down but the pid (state) file is not removed, you will see a {{ic|Network management disabled}} message. If this happens, remove the file manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
=== Problems with internal DHCP client ===<br />
<br />
If you have problems with getting an IP address using the internal DHCP client, consider {{Pkg|dhclient}} as DHCP client.<br />
<br />
After installation, update the NetworkManager config file:<br />
<br />
{{hc|1=/etc/NetworkManager/NetworkManager.conf|2=<br />
dhcp=dhclient<br />
}}<br />
<br />
This workaround might solve problems in big wireless networks like eduroam.<br />
<br />
=== Customizing resolv.conf ===<br />
<br />
See the main page: [[resolv.conf]]. If you use {{Pkg|dhclient}}, you may try the {{AUR|networkmanager-dispatch-resolv}}{{Broken package link|{{aur-mirror|networkmanager-dispatch-resolv}}}} package.<br />
<br />
=== DHCP problems with dhclient ===<br />
<br />
If you have problems with getting an IP address via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
Where {{ic|aa:bb:cc:dd:ee:ff}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show ''interface''}} command from the {{Pkg|iproute2}} package.<br />
<br />
=== Hostname problems ===<br />
<br />
It depends on the NetworkManager plugins used, whether the hostname is forwarded to a router on connect. The generic "keyfile" plugin does not forward the hostname in default configuration. To make it forward the hostname, add the following to {{ic|/etc/NetworkManager/NetworkManager.conf}}:<br />
<br />
[keyfile]<br />
hostname=''your_hostname''<br />
<br />
The options under {{ic|[keyfile]}} will be applied to network connections in the default {{ic|/etc/NetworkManager/system-connections}} path. <br />
<br />
Another option is to configure the DHCP client, which NetworkManager starts automatically, to forward it. NetworkManager utilizes {{Pkg|dhclient}} in default and falls back to its internal DHCP funtionality, if the former is not installed. To make ''dhclient'' forward the hostname requires to set a non-default option, ''dhcpcd'' forwards the hostname by default. <br />
<br />
First, check which DHCP client is used (''dhclient'' in this example):<br />
<br />
{{hc|<nowiki># journalctl -b | egrep "dhc"</nowiki>|<br />
...<br />
Nov 17 21:03:20 zenbook dhclient[2949]: Nov 17 21:03:20 zenbook dhclient[2949]: Bound to *:546<br />
Nov 17 21:03:20 zenbook dhclient[2949]: Listening on Socket/wlan0<br />
Nov 17 21:03:20 zenbook dhclient[2949]: Sending on Socket/wlan0<br />
Nov 17 21:03:20 zenbook dhclient[2949]: XMT: Info-Request on wlan0, interval 1020ms.<br />
Nov 17 21:03:20 zenbook dhclient[2949]: RCV: Reply message on wlan0 from fe80::126f:3fff:fe0c:2dc.<br />
}}<br />
<br />
==== Configure dhclient to push the hostname to the DHCP server ====<br />
<br />
Copy the example configuration file:<br />
<br />
# cp /usr/share/dhclient/dhclient.conf.example /etc/dhclient.conf<br />
<br />
Take a look at the file - there will only really be one line we want to keep and ''dhclient'' will use it's defaults (as it has been using if you did not have this file) for the other options. This is the important line:<br />
<br />
{{hc|/etc/dhclient.conf|2=send host-name = pick-first-value(gethostname(), "ISC-dhclient");}}<br />
<br />
Force an IP address renewal by your favorite means, and you should now see your hostname on your DHCP server.<br />
<br />
IPv6 push host name:<br />
<br />
# cp /usr/share/dhclient/dhclient.conf.example /etc/dhclient6.conf<br />
<br />
{{hc|/etc/dhclient6.conf|2=send fqdn.fqdn = pick-first-value(gethostname(), "ISC-dhclient");}}<br />
<br />
==== Configure NetworkManager to use a specific DHCP client ====<br />
<br />
If you want to explicitly set the DHCP client used by NetworkManager, it can be set in the global configuration: <br />
<br />
{{hc|1=/etc/NetworkManager/NetworkManager.conf|2=dhcp=internal}}<br />
<br />
The alternative {{ic|1=dhcp=dhclient}} is used per default, if this option is not set. <br />
<br />
Then [[restart]] {{ic|NetworkManager.service}}.<br />
<br />
{{Note|1=Support for {{Pkg|dhcpcd}} has been [https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/networkmanager&id=a1df79cbcebaec0c043789eb31965e57d17b6cdb disabled] in {{Pkg|networkmanager}}-1.0.0-2 (2015-02-14).}}<br />
<br />
=== Missing default route ===<br />
<br />
On at least one KDE4 system, no default route was created when establishing wireless connections with NetworkManager. Changing the route settings of the wireless connection to remove the default selection "Use only for resources on this connection" solved the issue.<br />
<br />
=== 3G modem not detected ===<br />
<br />
See [[USB 3G Modem#Network Manager]].<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your Wi-Fi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with ''rfkill''. [[Install]] the {{Pkg|rfkill}} package and use:<br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies ''rfkill'' about the wireless adapter's status. If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP address settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to a static IP address, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP address settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} ('''not''' as root). In the connection editor, edit the default connection (e.g. "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set up PolicyKit permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden networks are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/''SSID''<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in GNOME ===<br />
<br />
When setting up OpenConnect or vpnc connections in NetworkManager while using GNOME, you will sometimes never see the dialog box pop up and the following error appears in {{ic|/var/log/errors.log}}:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the GNOME NM Applet expecting dialog scripts to be at {{ic|/usr/lib/gnome-shell}}, when NetworkManager's packages put them in {{ic|/usr/lib/networkmanager}}.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
* For OpenConnect: {{ic|ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/}}<br />
* For VPNC (i.e. Cisco VPN): {{ic|ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/}}<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
=== Unable to connect to visible European wireless networks ===<br />
<br />
WLAN chips are shipped with a default [[Wireless network configuration#Respecting the regulatory domain|regulatory domain]]. If your access point does not operate within these limitations, you will not be able to connect to the network. Fixing this is easy:<br />
<br />
# [[Install]] {{Pkg|crda}}<br />
# Uncomment the correct Country Code in {{ic|/etc/conf.d/wireless-regdom}}<br />
# Reboot the system, because the setting is only read on boot<br />
<br />
=== Automatic connect to VPN on boot is not working ===<br />
<br />
The problem occurs when the system (i.e. NetworkManager running as the root user) tries to establish a VPN connection, but the password is not accessible because it is stored in the Gnome keyring of a particular user. <br />
<br />
A solution is to keep the password to your VPN in plaintext, as described in step (2.) of [[#Use dispatcher to connect to a VPN after a network connection is established]]. <br />
<br />
You do not need to use the dispatcher described in step (1.) to auto-connect anymore, if you use the new "auto-connect VPN" option from the {{ic|nm-applet}} GUI.<br />
<br />
=== Systemd Bottleneck ===<br />
<br />
Over time the log files ({{ic|/var/log/journal}}) can become very large. This can have a big impact on boot performance when using NetworkManager, see: [[Systemd#Boot time increasing over time]].<br />
<br />
=== Regular network disconnects, latency and lost packets (WiFi) ===<br />
<br />
NetworkManager does a scan every 2 minutes.<br />
<br />
Some WiFi drivers have issues when scanning for base stations whilst connected/associated. Symptoms include VPN disconnects/reconnects and lost packets, web pages failing to load and then refresh fine.<br />
<br />
Running {{ic|journalctl -f}} will indicate that this is taking place, messages like the following will be contained in the logs at regular intervals.<br />
<br />
NetworkManager[410]: <info> (wlp3s0): roamed from BSSID 00:14:48:11:20:CF (my-wifi-name) to (none) ((none))<br />
<br />
There is a patched version of NetworkManager which should prevent this type of scanning: {{AUR|networkmanager-noscan}}.<br />
<br />
Alternatively, if roaming is not important, the periodic scanning behavior can be disabled by locking the BSSID of the access point in the WiFi connection profile.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Encrypted Wi-Fi passwords ===<br />
<br />
By default, NetworkManager stores passwords in clear text in the connection files at {{ic|/etc/NetworkManager/system-connections/}}. To print the stored passwords, use the following command:<br />
<br />
# grep -H '^psk=' /etc/NetworkManager/system-connections/*<br />
<br />
The passwords are accessible to the root user in the filesystem and to users with access to settings via the GUI (e.g. {{ic|nm-applet}}). <br />
<br />
If it is preferable to save the passwords in encrypted form in a keyring instead of clear text. The downside of using a keyring is that the connections have to be set up for each user.<br />
<br />
====Using Gnome-Keyring====<br />
<br />
The keyring daemon has to be started and the keyring needs to be unlocked for the following to work.<br />
<br />
Furthermore, NetworkManager needs to be configured not to store the password for all users. Using GNOME {{ic|nm-applet}}, run {{ic|nm-connection-editor}} from a terminal, select a network connection, click {{ic|Edit}}, select the {{ic|Wifi-Security}} tab and click on the right icon of password and check {{ic|Store the password for this user}}. <br />
<br />
====Using KDE Wallet====<br />
<br />
Using KDE's {{Pkg|kdeplasma-applets-plasma-nm}}{{Broken package link|{{aur-mirror|kdeplasma-applets-plasma-nm}}}}, click the applet, click on the top right {{ic|Settings}} icon, double click on a network connection, in the {{ic|General settings}} tab, untick {{ic|all users may connect to this network}}. If the option is ticked, the passwords will still be stored in clear text, even if a keyring daemon is running.<br />
<br />
If the option was selected previously and you un-tick it, you may have to use the {{ic|reset}} option first to make the password disappear from the file. Alternatively, delete the connection first and set it up again. <br />
<br />
<br />
=== Sharing internet connection over Wi-Fi ===<br />
<br />
You can share your internet connection (e.g. 3G or wired) with a few clicks using nm. You will need a supported Wi-Fi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice). Please note that a [[firewall]] may interfere with internet sharing.<br />
<br />
==== Ad-hoc ====<br />
<br />
{{Style|"I think so"...}}<br />
<br />
* [[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
* Custom {{ic|dnsmasq.conf}} may interfere with NetworkManager (not sure about this, but I think so).<br />
* Click on applet and choose "Create new wireless network".<br />
* Follow wizard (if using WEP, be sure to use 5 or 13 character long password, different lengths will fail).<br />
* Settings will remain stored for the next time you need it.<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Android phones as they intentionally do not support ad-hoc) is added by NetworkManager as of late 2012.<br />
<br />
See [https://fedoraproject.org/wiki/Features/RealHotspot Fedora's wiki].<br />
<br />
=== Sharing internet connection over Ethernet ===<br />
<br />
Scenario: your device has internet connection over wi-fi and you want to share the internet connection to other devices over ethernet.<br />
<br />
Requirements:<br />
* [[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
* Your internet connected device and the other devices are connected over a suitable ethernet cable (this usually means a cross over cable or a switch in between).<br />
* Internet sharing is not blocked by a [[firewall]].<br />
<br />
Steps:<br />
* Run {{ic|nm-connection-editor}} from terminal.<br />
* Add a new ethernet connection.<br />
* Give it some sensible name. For example "Shared Internet"<br />
* Go to "IPv4 Settings".<br />
* For "Method:" select "Shared to other computers".<br />
* Save<br />
<br />
Now you should have a new option "Shared Internet" under the Wired connections in NetworkManager.<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some ''cron'' jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's ''nm-tool'' and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network.<br />
<br />
{{bc|<nowiki><br />
if [ $(nm-tool|grep State|cut -f2 -d' ') == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
</nowiki>}}<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs ''fpupdate'' for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from ''nm-tool''; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Connect to network with secret on boot ===<br />
<br />
By default, NetworkManager will not connect to networks requiring a secret automatically on boot. This is because it locks such connections to the user who makes it by default, only connecting after they have logged in. To change this, do the following:<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
NetworkManager requires access to the login keyring to connect to networks requiring a secret. Under most circumstances, this keyring is unlocked automatically at login, but if it isn't, and NetworkManager isn't connecting on login, you can try the following.<br />
<br />
==== GNOME ====<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== SLiM login manager ====<br />
<br />
See [[SLiM#Gnome Keyring]].<br />
<br />
==== Troubleshooting ====<br />
<br />
While you may type both values at connection time, {{Pkg|kdeplasma-applets-plasma-nm}}{{Broken package link|{{aur-mirror|kdeplasma-applets-plasma-nm}}}} 0.9.3.2-1 and above are capable of retrieving OpenConnect username and password directly from KWallet.<br />
<br />
Open "KDE Wallet Manager" and look up your OpenConnect VPN connection under "Network Management|Maps". Click "Show values" and <br />
enter your credentials in key "VpnSecrets" in this form (replace ''username'' and ''password'' accordingly):<br />
<br />
form:main:username%SEP%''username''%SEP%form:main:password%SEP%''password''<br />
<br />
Next time you connect, username and password should appear in the "VPN secrets" dialog box.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.You can quickly and easily ignore devices by MAC or interface-name by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}}:<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth0<br />
After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
=== Enable DNS Caching ===<br />
<br />
See [[dnsmasq#NetworkManager]] to enable the plugin that allows DNS caching using [[dnsmasq]].<br />
<br />
=== Configuring MAC Address Randomization === <br />
<br />
As of version 1.4.0, NetworkManager supports two types MAC Address Randomization: randomization during scanning, and stable randomization. Both modes can be configured by modifying {{ic|/etc/networkManager/NetworkManager.conf}}. <br />
<br />
Randomization during Wi-Fi scanning is enabled by default starting on version 1.2.0, and it can be disabled by adding the following lines to {{ic|/etc/NetworkManager/NetworkManager.conf}}:<br />
<br />
[device]<br />
wifi.scan-rand-mac-address=no<br />
<br />
In contrast, stable randomization generates a different MAC address for each different connection. This is specially useful when, for example, a portal remembers your login status based on your MAC address. To enable this mode, you can use the option<br />
<br />
[connection]<br />
wifi.cloned-mac-address=random<br />
<br />
or<br />
<br />
[connection]<br />
ethernet.cloned-mac-address=random<br />
<br />
You can read more about it [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ here]<br />
<br />
=== Enable IPv6 Privacy Extensions ===<br />
<br />
See [[IPv6#NetworkManager]]<br />
<br />
== See also ==<br />
<br />
* [http://blogs.gnome.org/dcbw/2015/02/16/networkmanager-for-administrators-part-1/ NetworkManager for Administrators Part 1]</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=449076
CVE
2016-09-01T23:30:37Z
<p>Sangy: /* Documented CVE's */ changed < to <= for webkit2gtk</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|-<br />
| {{CVE|CVE-2016-5147}} {{CVE|CVE-2016-5148}} {{CVE|CVE-2016-5149}} {{CVE|CVE-2016-5150}} {{CVE|CVE-2016-5151}} {{CVE|CVE-2016-5152}} {{CVE|CVE-2016-5153}} {{CVE|CVE-2016-5154}} {{CVE|CVE-2016-5155}} {{CVE|CVE-2016-5156}} {{CVE|CVE-2016-5157}} {{CVE|CVE-2016-5158}} {{CVE|CVE-2016-5159}} {{CVE|CVE-2016-5160}} {{CVE|CVE-2016-5161}} {{CVE|CVE-2016-5162}} {{CVE|CVE-2016-5163}} {{CVE|CVE-2016-5164}} {{CVE|CVE-2016-5165}} {{CVE|CVE-2016-5166}} {{CVE|CVE-2016-5167}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop_31.html] || {{pkg|chromium}} || 2016-08-31 || <= 52.0.2743.116-1 || 53.0.2785.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000697.html ASA-201609-1]<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || 1.9a-5 || 1d || Fixed ([https://bugs.archlinux.org/task/50590 FS#50590 ]) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000696.html ASA-201608-22] <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{pkg|webkit2gtk}} || 2016-08-24 || <= 2.12.3-1 || 2.12.4-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-September/000698.html ASA-201609-2]<br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Invalid || -<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=448790
Security Advisories
2016-08-30T21:59:41Z
<p>Sangy: Claims mupdf ASA</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
* 31 August 2016 ASA-201608-22 {{pkg|mupdf}}<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== August 2016 ===<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} arbitrary code execution<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=448767
Security Advisories
2016-08-30T15:57:52Z
<p>Sangy: Moved MuPDF from scheduled to Recent advisories.</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== August 2016 ===<br />
* [30 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] {{pkg|mupdf}} arbitrary code execution<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=448766
CVE
2016-08-30T15:56:24Z
<p>Sangy: /* Documented CVE's */ Adds FS link to CVE-2016-6525; MuPDF</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || || || Pending([https://bugs.archlinux.org/task/50590 FS#50590 ]) || <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 45 || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{Pkg|webkit2gtk}} || 2016-08-24 || < 2.12.4 || 2.12.4 || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Invalid || -<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=448762
CVE
2016-08-30T15:44:26Z
<p>Sangy: /* Documented CVE's */ CVE-2016-6265: split mupdf CVE's</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|-<br />
| {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-4 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-6265}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a-3 || 1.9a-4 || 45 || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000695.html ASA-201608-21] <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{Pkg|webkit2gtk}} || 2016-08-24 || < 2.12.4 || 2.12.4 || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Invalid || -<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=448755
Security Advisories
2016-08-30T14:41:46Z
<p>Sangy: Claimed mupdf ASA</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
* ASA-201608-21 {{pkg|mupdf}} Use-after-free<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== August 2016 ===<br />
* [27 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20] {{pkg|wireshark-cli}} denial of service<br />
* [26 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] {{pkg|mediawiki}} multiple issues<br />
* [22 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18] {{pkg|libgcrypt}} information disclosure<br />
* [21 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17] {{pkg|linux-lts}} information disclosure<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16] {{pkg|chromium}} multiple issues<br />
* [17 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15] {{pkg|linux-zen}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14] {{pkg|postgresql}} multiple issues<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13] {{pkg|linux-grsec}} information disclosure<br />
* [14 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12] {{pkg|linux}} information disclosure<br />
* [11 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11] {{pkg|websvn}} cross-site scripting<br />
* [10 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10] {{pkg|jq}} arbitrary code execution<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9] {{pkg|curl}} multiple issues<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8] {{pkg|libupnp}} arbitrary filesystem access<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7] {{pkg|lib32-glibc}} denial of service<br />
* [08 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] {{pkg|glibc}} denial of service<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] {{pkg|jre7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] {{pkg|jdk7-openjdk}} multiple issues<br />
* [05 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2] {{pkg|firefox}} multiple issues<br />
* [02 August 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1] {{pkg|openssh}} information leakage<br />
<br />
=== July 2016 ===<br />
* [30 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14] {{pkg|libidn}} denial of service<br />
* [29 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13] {{pkg|imagemagick}} information leakage<br />
* [24 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12] {{pkg|chromium}} multiple issues<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11] {{pkg|python2-django}} cross site scripting<br />
* [22 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] {{pkg|python-django}} cross site scripting<br />
* [21 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9] {{pkg|drupal}} proxy injection<br />
* [20 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8] {{pkg|bind}} denial of service<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* ensure that every line in the advisory is properly wrapped after 72 characters<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=448420
CVE
2016-08-27T21:10:47Z
<p>Sangy: Fixed wrong date format in webkitgtk2 entry</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|-<br />
| {{CVE|CVE-2016-6265}} {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{Pkg|webkit2gtk}} || 2016-08-24 || < 2.12.4 || 2.12.4 || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Invalid || -<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=448419
CVE
2016-08-27T21:09:27Z
<p>Sangy: /* Documented CVE's */ mupdf CVE-2016-6265 and CVE-2016-6525</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|-<br />
| {{CVE|CVE-2016-6265}} {{CVE|CVE-2016-6525}} [http://bugs.ghostscript.com/show_bug.cgi?id=696941] [http://bugs.ghostscript.com/show_bug.cgi?id=696954] || {{Pkg|mupdf}} || 2016-07-19 || <= 1.9a || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4590}} {{CVE|CVE-2016-4591}} {{CVE|CVE-2016-4622}} {{CVE|CVE-2016-4624}} [https://webkitgtk.org/2016/08/24/webkitgtk2.12.4-released.html] [https://webkitgtk.org/security/WSA-2016-0005.html] || {{Pkg|webkit2gtk}} || 25-08-2016 || < 2.12.4 || 2.12.4 || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-6331}} {{CVE|CVE-2016-6332}} {{CVE|CVE-2016-6333}} {{CVE|CVE-2016-6334}} {{CVE|CVE-2016-6335}} {{CVE|CVE-2016-6336}} {{CVE|CVE-2016-6337}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2016-August/000195.html] || {{pkg|mediawiki}} || 2016-08-23 || <= 1.27.0-1 || 1.27.1-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000693.html ASA-201608-19] <br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|lib32-libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-6313}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html] || {{pkg|libgcrypt}} || 2016-08-17 || <= 1.7.2-1 || 1.7.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000692.html ASA-201608-18]<br />
|-<br />
| {{CVE|CVE-2016-5423}} {{CVE|CVE-2016-5424}} [https://www.postgresql.org/about/news/1688/] || {{pkg|postgresql}} {{pkg|postgresql-libs}} || 2016-08-11 || <= 9.5.3-1 || 9.5.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000688.html ASA-201608-14]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux}} || 2016-07-12 || <= 4.6.4-1 || 4.7-1 || 31d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000686.html ASA-201608-12]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-grsec}} || 2016-07-12 || <= 4.6.5.201607312210-1 || 4.7.201608131240-1 || 33d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000687.html ASA-201608-13]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-lts}} || 2016-07-12 || <= 4.4.16-1 || 4.4.19-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000691.html ASA-201608-17]<br />
|-<br />
| {{CVE|CVE-2016-5696}} [http://seclists.org/oss-sec/2016/q3/44] [https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758] || {{pkg|linux-zen}} || 2016-07-12 || <= 4.6.5-1 || 4.7-1 || 35d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000689.html ASA-201608-15]<br />
|-<br />
| {{CVE|CVE-2016-5139}} {{CVE|CVE-2016-5140}} {{CVE|CVE-2016-5141}} {{CVE|CVE-2016-5142}} {{CVE|CVE-2016-5143}} {{CVE|CVE-2016-5144}} {{CVE|CVE-2016-5145}} {{CVE|CVE-2016-5146}} [https://googlechromereleases.blogspot.fr/2016/08/stable-channel-update-for-desktop.html] || {{pkg|chromium}} || 2016-08-03 || <= 52.0.2743.85-2 || 52.0.2743.116-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000690.html ASA-201608-16]<br />
|-<br />
| {{CVE|CVE-2016-6255}} || {{pkg|libupnp}} || 2016-08-08 || <= 1.6.19-1 || 1.6.20-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000682.html ASA-201608-8]<br />
|-<br />
| {{CVE|CVE-2016-3075}} {{CVE|CVE-2016-5417}} [https://sourceware.org/bugzilla/show_bug.cgi?id=19879] [https://sourceware.org/bugzilla/show_bug.cgi?id=19257] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-08-02 || <= 2.23-5 || 2.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000680.html ASA-201608-6] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000681.html ASA-201608-7]<br />
|-<br />
| {{CVE|CVE-2016-3458}} {{CVE|CVE-2016-3500}} {{CVE|CVE-2016-3508}} {{CVE|CVE-2016-3550}} {{CVE|CVE-2016-3598}} {{CVE|CVE-2016-3606}} {{CVE|CVE-2016-3610}} [http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2016-July/036560.html] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-07-29 || <= 7.u101_2.6.6 || 7.u111_2.6.7 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000677.html ASA-201608-3] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000678.html ASA-201608-4] [https://lists.archlinux.org/pipermail/arch-security/2016-August/000679.html ASA-201608-5]<br />
|-<br />
| {{CVE|CVE-2016-0718}} {{CVE|CVE-2016-2830}} {{CVE|CVE-2016-2835}} {{CVE|CVE-2016-2836}} {{CVE|CVE-2016-2837}} {{CVE|CVE-2016-2838}} {{CVE|CVE-2016-2839}} {{CVE|CVE-2016-5250}} {{CVE|CVE-2016-5251}} {{CVE|CVE-2016-5252}} {{CVE|CVE-2016-5254}} {{CVE|CVE-2016-5255}} {{CVE|CVE-2016-5258}} {{CVE|CVE-2016-5259}} {{CVE|CVE-2016-5260}} {{CVE|CVE-2016-5261}} {{CVE|CVE-2016-5262}} {{CVE|CVE-2016-5263}} {{CVE|CVE-2016-5264}} {{CVE|CVE-2016-5265}} {{CVE|CVE-2016-5266}} {{CVE|CVE-2016-5268}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox48] || {{pkg|firefox}} || 2016-08-02 || <= 47.0.1-1 || 48.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000676.html ASA-201608-2]<br />
|-<br />
| {{CVE|CVE-2016-5419}} {{CVE|CVE-2016-5420}} {{CVE|CVE-2016-5421}} [https://curl.haxx.se/docs/adv_20160803A.html] [https://curl.haxx.se/docs/adv_20160803B.html] [https://curl.haxx.se/docs/adv_20160803C.html] || {{pkg|curl}} || 2016-08-03 || <= 7.50.0-1 || 7.50.1-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000683.html ASA-201608-9]<br />
|-<br />
| {{CVE|CVE-2016-6210}} [http://www.openssh.com/txt/release-7.3] [http://seclists.org/fulldisclosure/2016/Jul/51] || {{pkg|openssh}} || 2016-07-14 || <= 7.2p2-2 || 7.3p1-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000675.html ASA-201608-1]<br />
|-<br />
| {{{CVE|CVE-2016-6503}} {CVE|CVE-2016-6504}} {{CVE|CVE-2016-6507}} [http://seclists.org/oss-sec/2016/q3/217] [[http://www.wireshark.org/security/wnpa-sec-2016-39.html] [http://www.wireshark.org/security/wnpa-sec-2016-40.html] [http://www.wireshark.org/security/wnpa-sec-2016-43.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || - || - || Invalid || -<br />
|-<br />
| {{CVE|CVE-2016-6505}} {{CVE|CVE-2016-6506}} {{CVE|CVE-2016-6508}} {{CVE|CVE-2016-6509}} {{CVE|CVE-2016-6510}} {{CVE|CVE-2016-6511}} {{CVE|CVE-2016-6512}} {{CVE|CVE-2016-6513}} [http://seclists.org/oss-sec/2016/q3/217] [http://www.wireshark.org/security/wnpa-sec-2016-41.html] [http://www.wireshark.org/security/wnpa-sec-2016-42.html] [http://www.wireshark.org/security/wnpa-sec-2016-44.html] [http://www.wireshark.org/security/wnpa-sec-2016-45.html] [http://www.wireshark.org/security/wnpa-sec-2016-46.html] [http://www.wireshark.org/security/wnpa-sec-2016-47.html] [http://www.wireshark.org/security/wnpa-sec-2016-48.html] [http://www.wireshark.org/security/wnpa-sec-2016-49.html] || {{pkg|wireshark-cli}} || 2016-07-28 || <= 2.0.4-1 || 2.0.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000694.html ASA-201608-20]<br />
|-<br />
| {{CVE|CVE-2016-6491}} [http://seclists.org/oss-sec/2016/q3/194] [http://git.imagemagick.org/repos/ImageMagick/commit/5cb6c1acd3e3b12f9260daf207db432df7f792c2] || {{pkg|imagemagick}} || 2016-07-27 || <= 6.9.5.2-1 || 6.9.5.3-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000673.html ASA-201607-13]<br />
|-<br />
| {{CVE|CVE-2015-8948}} {{CVE|CVE-2016-6261}} {{CVE|CVE-2016-6262}} {{CVE|CVE-2016-6263}} || {{Pkg|libidn}} || 2016-07-20 || <= 1.32-1 || 1.33-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000674.html ASA-201607-14]<br />
|-<br />
| {{CVE|CVE-2016-6186}} || {{Pkg|python-django}} {{Pkg|python2-django}}|| 2016-07-18 || <= 1.9.8-1 || 1.9.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000670.html ASA-201607-10] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000671.html ASA-201607-11]<br />
|-<br />
| {{CVE|CVE-2016-1705}} {{CVE|CVE-2016-1706}} {{CVE|CVE-2016-1708}} {{CVE|CVE-2016-1709}} {{CVE|CVE-2016-1710}} {{CVE|CVE-2016-1711}} {{CVE|CVE-2016-5127}} {{CVE|CVE-2016-5128}} {{CVE|CVE-2016-5129}} {{CVE|CVE-2016-5130}} {{CVE|CVE-2016-5131}} {{CVE|CVE-2016-5132}} {{CVE|CVE-2016-5133}} {{CVE|CVE-2016-5134}} {{CVE|CVE-2016-5135}} {{CVE|CVE-2016-5136}} {{CVE|CVE-2016-5137}} [https://googlechromereleases.blogspot.fr/2016/07/stable-channel-update.html] || {{pkg|chromium}} || 2016-07-20 || <= 51.0.2704.106-1 || 52.0.2743.82-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000672.html ASA-201607-12]<br />
|-<br />
| {{CVE|CVE-2016-5385}} [https://www.drupal.org/SA-CORE-2016-003] || {{pkg|drupal}} || 2016-07-18 || <= 8.1.6-1 || 8.1.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000669.html ASA-201607-9]<br />
|-<br />
| {{CVE|CVE-2016-2775}} [https://kb.isc.org/article/AA-01393/74/CVE-2016-2775] || {{pkg|bind}} || 2016-07-19 || <= 9.10.4.P1-2 || 9.10.4.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000668.html ASA-201607-8]<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.1.1-3 || 2.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-6 || 2.3.3-7 || 98d || Fixed ({{bug|50344}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000685.html ASA-201608-11]<br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || 1.5-4 || 109d || Fixed ({{bug|50330}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-August/000684.html ASA-201608-10]<br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.3-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=441964
Security Advisories
2016-07-18T00:36:19Z
<p>Sangy: Added ASA's for flashplugin</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
* [18 July 2016] ASA-201607-6 {{pkg|flashplugin}} multiple vulnerabilities<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== July 2016 ===<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7] {{pkg|lib32-flashplugin}} multiple issues<br />
* [18 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] {{pkg|flashplugin}} multiple issues<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy
https://wiki.archlinux.org/index.php?title=CVE&diff=441963
CVE
2016-07-18T00:34:56Z
<p>Sangy: /* Documented CVE's */ Added ASA for flashplugin (and missing CVE's)</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|Security Advisories}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
This article documents [[Wikipedia:Common_Vulnerabilities_and_Exposures|Common Vulnerabilities and Exposures]] (CVE's) that are found and fixed in Arch Linux. <br />
<br />
== Introduction ==<br />
<br />
CVE's represent critical security vulnerabilities which must be addressed as quickly as possible. <br />
<br />
Once a CVE has been located and fixed, it is added to the CVE documentation table below.<br />
<br />
== Helping ==<br />
<br />
This is a community driven project. Please consider joining the [[Arch CVE Monitoring Team]]. <br />
<br />
Also, join the [https://mailman.archlinux.org/mailman/listinfo/arch-security Arch security mailing list]. There is an IRC on irc://irc.freenode.net/archlinux-security.<br />
<br />
== Procedure ==<br />
<br />
When adding a CVE to the table, add it to the TOP of the table. Use Wiki markup to create links in the "CVE-ID", "Package", and "Status" columns. The following template may be used to ease the process of adding CVE entries into the table. The first line, "|-" represents the creation of a new row in the table, while the second line should be modified per CVE:<br />
<br />
{{hc|CVE Table Addition Template|<nowiki><br />
|-<br />
| {{CVE|CVE-2016-????}} || {{Pkg|pkgname}} || Disclosure date || Affected versions || Fixed in version || Arch Linux response time || Status(Fixed|Pending|Invalid) (Bug reports) || {{ASA|ASA-??????-??}}<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* If the CVE is not found in [http://nvd.nist.gov/home.cfm NVD], just include a link to different database in the first column: {{ic|<nowiki>[http://link.to.cve CVE-2014-????]</nowiki>}}<br />
* The "Disclosure date" field should be expressed in [[Wikipedia:ISO 8601|ISO 8601 format]] to avoid any confusion. Example: 2014-03-22.<br />
* The "Arch Linux response time" field corresponds to the time between the public release of a vulnerability and the date the package update fixing the vulnerability is made available in the official stable repositories. The "Time really vulnerable" is potentially much lengthier but is harder to estimate.<br />
}}<br />
<br />
The above "CVE-template" should be added after the line:<br />
<br />
{{bc|<nowiki>! scope="col" width="125px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID</nowiki>}}<br />
<br />
== Response time ==<br />
<br />
The response time is the time taken to get a fixed package to the stable repositories.<br />
<br />
== Documented CVE's ==<br />
<br />
{{Note|Refer to the [[#Procedure]] section when adding new entries.}}<br />
<br />
{| class="wikitable sortable" style="margin: 1em auto 1em auto; text-align: center;" width="100%"<br />
! height="50px" colspan="8" style="font-size: 125%;"| '''TRACKED CVE's'''<br />
|-<br />
! scope="col" width="130px" data-sort-type="text" | CVE-ID !! Package !! Disclosure date !! Affected versions !! Fixed in Arch Linux package version !! Arch Linux response time !! Status (and related bug reports) !! ASA-ID<br />
|-<br />
|{{CVE|CVE-2016-4173}} {{CVE|CVE-2016-4174}} {{CVE|CVE-2016-4175}} {{CVE|CVE-2016-4176}} {{CVE|CVE-2016-4177}} {{CVE|CVE-2016-4179}} {{CVE|CVE-2016-4180}} {{CVE|CVE-2016-4181}} {{CVE|CVE-2016-4182}} {{CVE|CVE-2016-4183}} {{CVE|CVE-2016-4184}} {{CVE|CVE-2016-4185}} {{CVE|CVE-2016-4186}} {{CVE|CVE-2016-4187}} {{CVE|CVE-2016-4188}} {{CVE|CVE-2016-4189}} {{CVE|CVE-2016-4190}} {{CVE|CVE-2016-4217}} {{CVE|CVE-2016-4218}} {{CVE|CVE-2016-4219}} {{CVE|CVE-2016-4220}} {{CVE|CVE-2016-4221}} {{CVE|CVE-2016-4222}} {{CVE|CVE-2016-4223}} {{CVE|CVE-2016-4224}} {{CVE|CVE-2016-4225}} {{CVE|CVE-2016-4226}} {{CVE|CVE-2016-4227}} {{CVE|CVE-2016-4228}} {{CVE|CVE-2016-4229}} {{CVE|CVE-2016-4230}} {{CVE|CVE-2016-4231}} {{CVE|CVE-2016-4232}} {{CVE|CVE-2016-4233}} {{CVE|CVE-2016-4234}} {{CVE|CVE-2016-4235}} {{CVE|CVE-2016-4236}} {{CVE|CVE-2016-4237}} {{CVE|CVE-2016-4238}} {{CVE|CVE-2016-4239}} {{CVE|CVE-2016-4240}} {{CVE|CVE-2016-4241}} {{CVE|CVE-2016-4242}} {{CVE|CVE-2016-4243}} {{CVE|CVE-2016-4244}} {{CVE|CVE-2016-4245}} {{CVE|CVE-2016-4246}} {{CVE|CVE-2016-4247}} {{CVE|CVE-2016-4248}} || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-07-12 || <= 11.2.202.626-1 || 11.2.202.632-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000666.html ASA-201607-6] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000667.html ASA-201607-7]<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird45.2] || {{pkg|thunderbird}} || 2016-06-30 || <= 45.1.1-2 || 45.2.0-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4]<br />
|-<br />
| {{CVE|CVE-2016-4979}} [https://httpd.apache.org/security/vulnerabilities_24.html] || {{pkg|apache}} || 2016-07-05 || 2.4.18-2.4.20 || 2.4.23 || || Pending ({{bug|49958}}) ||<br />
|-<br />
| {{CVE|CVE-2016-4994}} [https://bugzilla.gnome.org/show_bug.cgi?id=767873] || {{pkg|gimp}} || 2016-06-21 || <= 2.8.16-2 || 2.8.18-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5]<br />
|-<br />
| {{CVE|CVE-2016-4472}} [https://bugzilla.redhat.com/show_bug.cgi?id=1344251] || {{pkg|expat}} || 2016-06-30 || <= 2.2.0-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-3189}} [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3189] || {{pkg|bzip2}} || 2016-06-30 || <= 1.0.6-5 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4463}} [http://seclists.org/bugtraq/2016/Jun/115] || {{pkg|xerces-c}} || 2016-06-29 || <= 3.1.3-2 || 3.1.4-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2]<br />
|-<br />
| {{CVE|CVE-2016-4324}} [http://www.talosintelligence.com/reports/TALOS-2016-0126/] || {{pkg|libreoffice-fresh}} || 2016-06-27 || <= 5.1.3-2 || 5.1.4-1 || <0d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3]<br />
|-<br />
| {{CVE|CVE-2016-5701}} {{CVE|CVE-2016-5702}} {{CVE|CVE-2016-5703}} {{CVE|CVE-2016-5704}} {{CVE|CVE-2016-5705}} {{CVE|CVE-2016-5706}} {{CVE|CVE-2016-5730}} {{CVE|CVE-2016-5731}} {{CVE|CVE-2016-5732}} {{CVE|CVE-2016-5733}} {{CVE|CVE-2016-5734}} {{CVE|CVE-2016-5739}} [https://www.phpmyadmin.net/security/PMASA-2016-17/] [https://www.phpmyadmin.net/security/PMASA-2016-18/] [https://www.phpmyadmin.net/security/PMASA-2016-19/] [https://www.phpmyadmin.net/security/PMASA-2016-20/] [https://www.phpmyadmin.net/security/PMASA-2016-21/] [https://www.phpmyadmin.net/security/PMASA-2016-22/] [https://www.phpmyadmin.net/security/PMASA-2016-23/] [https://www.phpmyadmin.net/security/PMASA-2016-24/] [https://www.phpmyadmin.net/security/PMASA-2016-25/] [https://www.phpmyadmin.net/security/PMASA-2016-26/] [https://www.phpmyadmin.net/security/PMASA-2016-27/] [https://www.phpmyadmin.net/security/PMASA-2016-28/] || {{pkg|phpmyadmin}} || 2016-06-23 || <= 4.6.2-1 || 4.6.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25]<br />
|-<br />
| {{CVE|CVE-2016-1704}} [https://googlechromereleases.blogspot.fr/2016/06/stable-channel-update_16.html] || {{pkg|chromium}} || 2016-01-16 || <= 51.0.2704.84-1 || 51.0.2704.103-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20]<br />
|-<br />
| {{CVE|CVE-2016-2365}} {{CVE|CVE-2016-2366}} {{CVE|CVE-2016-2367}} {{CVE|CVE-2016-2368}} {{CVE|CVE-2016-2369}} {{CVE|CVE-2016-2370}} {{CVE|CVE-2016-2371}} {{CVE|CVE-2016-2372}} {{CVE|CVE-2016-2373}} {{CVE|CVE-2016-2374}} {{CVE|CVE-2016-2375}} {{CVE|CVE-2016-2376}} {{CVE|CVE-2016-2377}} {{CVE|CVE-2016-2378}} {{CVE|CVE-2016-2380}} {{CVE|CVE-2016-4323}} [http://blog.talosintel.com/2016/06/vulnerability-spotlight-pidgin.html] || {{pkg|libpurple}} || 2016-01-21 || <= 2.10.12-4 || 2.11.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24]<br />
|-<br />
| {{CVE|CVE-2016-1541}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541] || {{pkg|libarchive}} || 2016-01-17 || <= 3.1.2-8 || 3.2.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1]<br />
|-<br />
| {{CVE|CVE-2016-5875}} {{CVE|CVE-2016-5314}} {{CVE|CVE-2016-5315}} {{CVE|CVE-2016-5316}} {{CVE|CVE-2016-5317}} {{CVE|CVE-2016-5320}} {{CVE|CVE-2016-5321}} {{CVE|CVE-2016-5322}} {{CVE|CVE-2016-5323}} {{CVE|CVE-2016-5102}} {{CVE|CVE-2016-3991}} {{CVE|CVE-2016-3990}} {{CVE|CVE-2016-3945}} {{CVE|CVE-2016-3658}} {{CVE|CVE-2016-3634}} {{CVE|CVE-2016-3633}} {{CVE|CVE-2016-3632}} {{CVE|CVE-2016-3631}} {{CVE|CVE-2016-3625}} {{CVE|CVE-2016-3624}} {{CVE|CVE-2016-3623}} {{CVE|CVE-2016-3622}} {{CVE|CVE-2016-3621}} {{CVE|CVE-2016-3620}} {{CVE|CVE-2016-3619}} {{CVE|CVE-2016-3186}} {{CVE|CVE-2015-8668}} {{CVE|CVE-2015-7313}} {{CVE|CVE-2014-8130}} {{CVE|CVE-2014-8127}} {{CVE|CVE-2010-2596}} {{CVE|CVE-2016-6223}} [http://www.openwall.com/lists/oss-security/2016/06/15/1] [http://www.openwall.com/lists/oss-security/2016/06/15/2] [http://www.openwall.com/lists/oss-security/2016/06/15/3] [http://www.openwall.com/lists/oss-security/2016/06/15/5] [http://www.openwall.com/lists/oss-security/2016/06/15/6] [http://www.openwall.com/lists/oss-security/2016/06/15/7] [http://www.openwall.com/lists/oss-security/2016/06/15/8] [http://www.openwall.com/lists/oss-security/2016/06/15/9] [https://security-tracker.debian.org/tracker/source-package/tiff] [http://www.openwall.com/lists/oss-security/2016/07/13/3] || {{pkg|libtiff}} || 2016-06-19 || <= 4.0.6-2 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-4122}} {{CVE|CVE-2016-4123}} {{CVE|CVE-2016-4124}} {{CVE|CVE-2016-4125}} {{CVE|CVE-2016-4127}} {{CVE|CVE-2016-4128}} {{CVE|CVE-2016-4129}} {{CVE|CVE-2016-4130}} {{CVE|CVE-2016-4131}} {{CVE|CVE-2016-4132}} {{CVE|CVE-2016-4133}} {{CVE|CVE-2016-4134}} {{CVE|CVE-2016-4135}} {{CVE|CVE-2016-4136}} {{CVE|CVE-2016-4137}} {{CVE|CVE-2016-4138}} {{CVE|CVE-2016-4139}} {{CVE|CVE-2016-4140}} {{CVE|CVE-2016-4141}} {{CVE|CVE-2016-4142}} {{CVE|CVE-2016-4143}} {{CVE|CVE-2016-4144}} {{CVE|CVE-2016-4145}} {{CVE|CVE-2016-4146}} {{CVE|CVE-2016-4147}} {{CVE|CVE-2016-4148}} {{CVE|CVE-2016-4149}} {{CVE|CVE-2016-4150}} {{CVE|CVE-2016-4151}} {{CVE|CVE-2016-4152}} {{CVE|CVE-2016-4153}} {{CVE|CVE-2016-4154}} {{CVE|CVE-2016-4155}} {{CVE|CVE-2016-4156}} {{CVE|CVE-2016-4166}} {{CVE|CVE-2016-4171}} [https://helpx.adobe.com/security/products/flash-player/apsb16-18.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-06-16 || <= 11.2.202.621-1 || 11.2.202.626-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18]<br />
|-<br />
| {{CVE|CVE-2016-4971}} [https://lists.gnu.org/archive/html/bug-wget/2016-06/msg00033.html] || {{pkg|wget}} || 2016-06-09 || <= 1.17.1-2 || 1.18-1 || 11d || Fixed ({{bug|49730}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19]<br />
|-<br />
| {{CVE|CVE-2012-6702}} {{CVE|CVE-2016-5300}} || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-06-07 || <= 2.1.1-2 || 2.1.1-3 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14]<br />
|-<br />
| {{CVE|CVE-2016-5360}} [http://seclists.org/oss-sec/2016/q2/512] || {{pkg|haproxy}} || 2016-06-09 || <= 1.6.5-3 || 1.6.5-4 || 1d || Fixed ({{bug|49638}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11]<br />
|-<br />
| {{CVE|CVE-2016-2177}} {{CVE|CVE-2016-2178}} [http://eprint.iacr.org/2016/594] [http://seclists.org/oss-sec/2016/q2/500] || {{Pkg|openssl}} || 2016-06-05 || <= 1.0.2.h-1 || || || '''Vulnerable''' ({{bug|49616}}) ||<br />
|-<br />
| {{CVE|CVE-2016-2815}} {{CVE|CVE-2016-2818}} {{CVE|CVE-2016-2819}} {{CVE|CVE-2016-2821}} {{CVE|CVE-2016-2822}} {{CVE|CVE-2016-2825}} {{CVE|CVE-2016-2828}} {{CVE|CVE-2016-2829}} {{CVE|CVE-2016-2831}} {{CVE|CVE-2016-2832}} {{CVE|CVE-2016-2833}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox47] || {{pkg|firefox}} || 2016-06-07 || <= 46.0.1-1 || 47.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7]<br />
|-<br />
| {{CVE|CVE-2016-4456}} [https://marc.ttias.be/oss-security/2016-06/msg00043.php] [http://gnutls.org/security.html#GNUTLS-SA-2016-1] || {{pkg|gnutls}} {{pkg|lib32-gnutls}} || 2016-06-06 || <= 3.4.12-1 || 3.4.13-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12]<br />
|-<br />
| {{CVE|CVE-2015-8899}} [http://www.openwall.com/lists/oss-security/2016/06/04/2] || {{pkg|dnsmasq}} || 2016-06-04 || <= 2.75-1 || 2.76-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4953}} {{CVE|CVE-2016-4954}} {{CVE|CVE-2016-4955}} {{CVE|CVE-2016-4956}} {{CVE|CVE-2016-4957}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi] || {{pkg|ntp}} || 2016-06-02 || <= 4.2.8.p7-1 || 4.2.8.p8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4]<br />
|-<br />
| {{CVE|CVE-2016-4429}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20112] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-05-18 || <= 2.23-4 || 2.23-5 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17]<br />
|-<br />
| {{CVE|CVE-2016-5244}} {{CVE|CVE-2016-5243}} [http://www.openwall.com/lists/oss-security/2016/06/03/5] [http://www.openwall.com/lists/oss-security/2016/06/03/4] || {{pkg|linux}} || 2016-06-03 || <= 4.6.1 || || || Invalid ||<br />
|-<br />
| {{CVE|CVE-2016-1696}} {{CVE|CVE-2016-1697}} {{CVE|CVE-2016-1698}} {{CVE|CVE-2016-1699}} {{CVE|CVE-2016-1700}} {{CVE|CVE-2016-1701}} {{CVE|CVE-2016-1702}} {{CVE|CVE-2016-1703}} [http://googlechromereleases.blogspot.fr/2016/06/stable-channel-update.html] || {{pkg|chromium}} || 2016-06-01 || <= 51.0.2704.63-1 || 51.0.2704.79-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx-mainline}} || 2016-05-31 || <= 1.11-1 || 1.11.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2]<br />
|-<br />
| {{CVE|CVE-2016-4450}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000179.html] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450] || {{pkg|nginx}} || 2016-05-31 || <= 1.10-1 || 1.10.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1]<br />
|-<br />
| {{CVE|CVE-2016-1857}} [http://webkitgtk.org/security/WSA-2016-0004.html] || {{pkg|webkit2gtk}} || 2016-05-30 || <= 2.12.2-1 || 2.12.3-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3]<br />
|-<br />
| {{CVE|CVE-2016-5108}} [http://www.openwall.com/lists/oss-security/2016/05/27/7] || {{pkg|vlc}} || 2016-05-27 || <= 2.2.3-3 || 2.2.4-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21]<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libusbmuxd}} || 2016-05-26 || <= 1.0.10-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5104}} [http://www.openwall.com/lists/oss-security/2016/05/26/6] || {{pkg|libimobiledevice}} || 2016-05-26 || <= 1.2.0-3 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2016-5103}} [http://www.openwall.com/lists/oss-security/2016/05/26/5] || {{pkg|roundcubemail}} || 2016-05-26 || <= 1.2rc-1 || 1.2.0-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1762}} {{CVE|CVE-2016-1833}} {{CVE|CVE-2016-1834}} {{CVE|CVE-2016-1835}} {{CVE|CVE-2016-1836}} {{CVE|CVE-2016-1837}} {{CVE|CVE-2016-1838}} {{CVE|CVE-2016-1839}} {{CVE|CVE-2016-1840}} {{CVE|CVE-2016-3627}} {{CVE|CVE-2016-3705}} {{CVE|CVE-2016-4483}} [https://git.gnome.org/browse/libxml2/log/] || {{pkg|libxml2}} || 2016-05-23 || <= 2.9.3-2 || 2.9.4+0+gbdec218-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27]<br />
|-<br />
| {{CVE|CVE-2016-1672}} {{CVE|CVE-2016-1673}} {{CVE|CVE-2016-1674}} {{CVE|CVE-2016-1675}} {{CVE|CVE-2016-1676}} {{CVE|CVE-2016-1677}} {{CVE|CVE-2016-1678}} {{CVE|CVE-2016-1679}} {{CVE|CVE-2016-1680}} {{CVE|CVE-2016-1681}} {{CVE|CVE-2016-1682}} {{CVE|CVE-2016-1683}} {{CVE|CVE-2016-1684}} {{CVE|CVE-2016-1685}} {{CVE|CVE-2016-1686}} {{CVE|CVE-2016-1687}} {{CVE|CVE-2016-1688}} {{CVE|CVE-2016-1689}} {{CVE|CVE-2016-1690}} {{CVE|CVE-2016-1691}} {{CVE|CVE-2016-1692}} {{CVE|CVE-2016-1693}} {{CVE|CVE-2016-1694}} {{CVE|CVE-2016-1695}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update_25.html] || {{pkg|chromium}} || 2016-05-25 || <= 50.0.2661.102-1 || 51.0.2704.63-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28]<br />
|-<br />
| {{CVE|CVE-2016-5027}} {{CVE|CVE-2016-5028}} {{CVE|CVE-2016-5029}} {{CVE|CVE-2016-5030}} {{CVE|CVE-2016-5031}} {{CVE|CVE-2016-5032}} {{CVE|CVE-2016-5033}} {{CVE|CVE-2016-5034}} {{CVE|CVE-2016-5035}} {{CVE|CVE-2016-5036}} {{CVE|CVE-2016-5037}} {{CVE|CVE-2016-5038}} {{CVE|CVE-2016-5039}} {{CVE|CVE-2016-5040}} {{CVE|CVE-2016-5041}} {{CVE|CVE-2016-5042}} {{CVE|CVE-2016-5043}} {{CVE|CVE-2016-5044}} [http://seclists.org/oss-sec/2016/q2/393] [https://www.prevanders.net/dwarfbug.html] || {{pkg|libdwarf}} || 2016-05-24 || <= 20160507-1 || 20160613-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23]<br />
|-<br />
| {{CVE|CVE-2015-1283}} {{CVE|CVE-2016-0718}} [http://seclists.org/oss-sec/2016/q2/360] || {{pkg|expat}} {{pkg|lib32-expat}} || 2016-05-17 || <= 2.1.1-1 || 2.1.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23]<br />
|-<br />
| {{CVE|CVE-2016-2334}} {{CVE|CVE-2016-2335}} [http://www.talosintel.com/reports/TALOS-2016-0093/] [http://www.talosintel.com/reports/TALOS-2016-0094/] || {{pkg|p7zip}} || 2016-05-10 || <= 15.14.1-1 || 15.14.1-2 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24]<br />
|-<br />
| {{CVE|CVE-2016-3698}} [https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839] || {{pkg|libndp}} || 2016-05-17 || <= 1.5-1 || 1.6-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26]<br />
|-<br />
| {{CVE|CVE-2016-2803}} [http://seclists.org/bugtraq/2016/May/72] || {{pkg|bugzilla}} || 2016-05-16 || <= 5.0.2-1 || 5.0.3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25]<br />
|-<br />
| {{CVE|CVE-2016-2099}} [https://issues.apache.org/jira/browse/XERCESC-2066] [http://www.openwall.com/lists/oss-security/2016/05/09/7] || {{pkg|xerces-c}} || 2016-05-09 || <= 3.1.3-1 || 3.1.3-2 || 46d || Fixed ({{bug|49353}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-22]<br />
|-<br />
| [http://blog.jetbrains.com/blog/2016/05/11/security-update-for-intellij-based-ides-v2016-1-and-older-versions/] || {{pkg|intellij-idea-community-edition}} {{pkg|intellij-idea-libs}} || 2016-05-11 || <= 1:2016.1.1-1 || 1:2016.1.2-1 || 3d || Fixed ({{bug|49329}}) || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/] || {{pkg|thunderbird}} || 2016-05-10 || <= 45.0-1 || 45.1.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21]<br />
|-<br />
| {{CVE|CVE-2016-1667}} {{CVE|CVE-2016-1668}} {{CVE|CVE-2016-1669}} {{CVE|CVE-2016-1670}} [http://googlechromereleases.blogspot.fr/2016/05/stable-channel-update.html] || {{pkg|chromium}} || 2016-05-11 || <= 50.0.2661.94-1 || 50.0.2661.102-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] <br />
|-<br />
| {{CVE|CVE-2016-3706}} {{CVE|CVE-2016-1234}} [https://sourceware.org/bugzilla/show_bug.cgi?id=20010] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2016-04-27 || <= 2.23-2 || 2.23-4 || 17d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20]<br />
|-<br />
| {{CVE|CVE-2016-1096}} {{CVE|CVE-2016-1097}} {{CVE|CVE-2016-1098}} {{CVE|CVE-2016-1099}} {{CVE|CVE-2016-1100}} {{CVE|CVE-2016-1101}} {{CVE|CVE-2016-1102}} {{CVE|CVE-2016-1103}} {{CVE|CVE-2016-1104}} {{CVE|CVE-2016-1105}} {{CVE|CVE-2016-1106}} {{CVE|CVE-2016-1107}} {{CVE|CVE-2016-1108}} {{CVE|CVE-2016-1109}} {{CVE|CVE-2016-1110}} {{CVE|CVE-2016-4108}} {{CVE|CVE-2016-4109}} {{CVE|CVE-2016-4110}} {{CVE|CVE-2016-4111}} {{CVE|CVE-2016-4112}} {{CVE|CVE-2016-4113}} {{CVE|CVE-2016-4114}} {{CVE|CVE-2016-4115}} {{CVE|CVE-2016-4116}} {{CVE|CVE-2016-4117}} [https://helpx.adobe.com/security/products/flash-player/apsa16-02.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2016-05-10 || <= 11.2.202.616-2 || 11.2.202.621-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu}} {{pkg|qemu-arch-extra}} || 2016-05-10 || <= 2.5.1-1 || 2.6.0-1 || 28d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9]<br />
|-<br />
| {{CVE|CVE-2015-8558}} {{CVE|CVE-2016-3710}} {{CVE|CVE-2016-3712}} {{CVE|CVE-2016-5105}} {{CVE|CVE-2016-5107}} {{CVE|CVE-2016-5106}} [http://xenbits.xen.org/xsa/advisory-179.html] [http://www.openwall.com/lists/oss-security/2016/05/25/7] || {{pkg|qemu-guest-agent}} {{pkg|qemu-block-gluster}} {{pkg|qemu-block-iscsi}} {{pkg|qemu-block-rbd}} || 2016-05-10 || <= 2.5.1-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-1926}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1926] [http://www.openvas.org/OVSA20160113.html] || {{pkg|greenbone-security-assistant}} || 2016-01-16 || <= 6.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3659}} [http://bugs.cacti.net/view.php?id=2673] || {{pkg|cacti}} || 2016-03-31 || <= 0.8.8_g-3 || 0.8.8_h-1 || 40d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14]<br />
|-<br />
| {{CVE|CVE-2016-4554}} {{CVE|CVE-2016-4555}} {{CVE|CVE-2016-4556}} [http://www.squid-cache.org/Advisories/SQUID-2016_8.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_9.txt] || {{pkg|squid}} || 2016-05-09 || <= 3.5.17-1 || 3.5.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13]<br />
|-<br />
| {{CVE|CVE-2015-8106}} [http://www.openwall.com/lists/oss-security/2015/11/16/39] || {{pkg|latex2rtf}} || 2015-11-16 || <= 2.3.8-1 || 2.3.10-1 || ~6m || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9]<br />
|-<br />
| {{CVE|CVE-2016-3105}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29] || {{pkg|mercurial}} || 2016-05-01 || <= 3.7.3-1 || 3.8.1-1 || 5d || Fixed ({{bug|49239}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] <br />
|-<br />
| {{CVE|CVE-2016-1236}} [http://www.openwall.com/lists/oss-security/2016/05/05/22] || {{pkg|websvn}} || 2016-05-05 || <= 2.3.3-5 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-client}} {{pkg|quassel-monolithic}} || 2016-04-30 || <= 0.12.3-1 || - || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2016-4352}} [http://www.openwall.com/lists/oss-security/2016/04/29/7] || {{pkg|mencoder}} {{pkg|mplayer}} || 2016-05-03 || <= 37379-7 || 37857-1 || 3d || Fixed ({{bug|49195}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12]<br />
|-<br />
| {{CVE|CVE-2016-4574}} [http://www.openwall.com/lists/oss-security/2016/05/10/4] || {{pkg|libksba}} || 2016-05-03 || <= 1.3.3-1 || 1.3.4-1 || 9d || Fixed ({{bug|49289}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17]<br />
|-<br />
| {{CVE|CVE-2016-4354}} {{CVE|CVE-2016-4353}} {{CVE|CVE-2016-4355}} {{CVE|CVE-2016-4356}} [http://www.openwall.com/lists/oss-security/2016/04/29/8] || {{pkg|libksba}} || 2016-04-10 || <= 1.3.2-1 || 1.3.3-1 || 18d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4348}} {{CVE|CVE-2016-4347}} [http://www.openwall.com/lists/oss-security/2016/04/30/3] || {{pkg|librsvg}} || 2016-05-03 || <= 2:2.40.2-2 || 2:2.40.15-2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-4415}} {{CVE|CVE-2016-4416}} {{CVE|CVE-2016-4417}} {{CVE|CVE-2016-4418}} {{CVE|CVE-2016-4419}} {{CVE|CVE-2016-4420}} {{CVE|CVE-2016-4421}} {{CVE|CVE-2016-4076}} {{CVE|CVE-2016-4077}} {{CVE|CVE-2016-4078}} {{CVE|CVE-2016-4079}} {{CVE|CVE-2016-4080}} {{CVE|CVE-2016-4081}} {{CVE|CVE-2016-4006}} {{CVE|CVE-2016-4082}} {{CVE|CVE-2016-4083}} {{CVE|CVE-2016-4084}} {{CVE|CVE-2016-4085}} [http://www.openwall.com/lists/oss-security/2016/04/25/2] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-05-03 || <= 2.0.2-1 || 2.0.3-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-3714}} [http://www.openwall.com/lists/oss-security/2016/05/03/13] [http://www.openwall.com/lists/oss-security/2016/05/03/14]|| {{pkg|imagemagick}} || 2016-05-03 || <= 6.9.3.8-1 || 6.9.3.10-1 || 3d || Fixed ({{bug|49203}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6]<br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|hostapd}} || 2016-05-03 || <= 2.5-2 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-4477}} {{CVE|CVE-2016-4476}} [http://www.openwall.com/lists/oss-security/2016/05/03/2] || {{pkg|wpa_supplicant}} || 2016-05-03 || <= 1:2.5-3 || || || '''Vulnerable''' ({{bug|49196}}) || <br />
|-<br />
| {{CVE|CVE-2016-2105}} {{CVE|CVE-2016-2106}} {{CVE|CVE-2016-2107}} {{CVE|CVE-2016-2109}} {{CVE|CVE-2016-2176}} [https://www.openssl.org/news/secadv/20160503.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-05-03 || <= 1.0.2.g-3 || 1.0.2.h-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4]<br />
|-<br />
| {{CVE|CVE-2016-4425}} [https://github.com/akheron/jansson/issues/282] [http://marc.info/?l=oss-security&m=146219323703639&w=2] || {{pkg|jansson}} || 2016-05-02 || <= 2.7-1 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-1660}} {{CVE|CVE-2016-1661}} {{CVE|CVE-2016-1662}} {{CVE|CVE-2016-1663}} {{CVE|CVE-2016-1664}} {{CVE|CVE-2016-1665}} {{CVE|CVE-2016-1666}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_28.html] || {{pkg|chromium}} || 2016-04-28 || <= 50.0.2661.75-1 || 50.0.2661.94-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7]<br />
|-<br />
| {{CVE|CVE-2015-8869}} || {{pkg|ocaml}} || 2016-04-29 || <= 4.02.3-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-4414}} [http://marc.info/?l=oss-security&m=146204310020229&w=2] || {{pkg|quassel-core}} || 2016-04-30 || <= 0.12.3-1 || 0.12.4-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5]<br />
|-<br />
| {{CVE|CVE-2016-2167}} {{CVE|CVE-2016-2168}} [https://mail-archives.apache.org/mod_mbox/subversion-announce/201604.mbox/%3CCAP_GPNgfn1iKueW51EpmXzXi_URNfGNofZSgOyW1_jnSeNm5DQ@mail.gmail.com%3E] || {{pkg|subversion}} || 2016-04-28 || <= 1.9.3-2 || 1.9.4-1 || 38d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6]<br />
|-<br />
| {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-8138}} {{CVE|CVE-2016-1547}} {{CVE|CVE-2016-1548}} {{CVE|CVE-2016-1549}} {{CVE|CVE-2016-1550}} {{CVE|CVE-2016-1551}} {{CVE|CVE-2016-2516}} {{CVE|CVE-2016-2517}} {{CVE|CVE-2016-2518}} {{CVE|CVE-2016-2519}} [http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security] || {{pkg|ntp}} || 2016-04-26 || <= 4.2.8.p6-3 || 4.2.8.p7-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-2804}} {{CVE|CVE-2016-2805}} {{CVE|CVE-2016-2806}} {{CVE|CVE-2016-2807}} {{CVE|CVE-2016-2808}} {{CVE|CVE-2016-2811}} {{CVE|CVE-2016-2812}} {{CVE|CVE-2016-2814}} {{CVE|CVE-2016-2816}} {{CVE|CVE-2016-2817}} {{CVE|CVE-2016-2820}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox46] || {{pkg|firefox}} || 2016-04-26 || <= 45.0.2-1 || 46.0-2 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15]<br />
|-<br />
| {{CVE|CVE-2015-8863}} [http://seclists.org/oss-sec/2016/q2/134] || {{pkg|jq}} || 2016-04-23 || <= 1.5-3 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2016-3074}} [http://seclists.org/oss-sec/2016/q2/128] || {{pkg|gd}} || 2016-04-21 || <= 2.1.1-3 || 2.1.1-4 || 15d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8]<br />
|-<br />
| {{CVE|CVE-2016-4051}} {{CVE|CVE-2016-4052}} {{CVE|CVE-2016-4053}} {{CVE|CVE-2016-4054}} [http://www.squid-cache.org/Advisories/SQUID-2016_5.txt] [http://www.squid-cache.org/Advisories/SQUID-2016_6.txt] || {{pkg|squid}} || 2016-04-20 || <= 3.5.16-1 || 3.5.17-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14]<br />
|-<br />
| {{CVE|CVE-2016-4021}} [https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2016-030.txt] || {{pkg|pgpdump}} || 2016-04-12 || <= 0.29-2 || 0.30-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11]<br />
|-<br />
| {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-18/] [https://www.mozilla.org/en-US/security/advisories/mfsa2016-19/] || {{pkg|thunderbird}} || 2016-04-12 || <= 38.7.2-1 || 45.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12]<br />
|-<br />
| {{CVE|CVE-2016-2347}} [http://www.talosintel.com/reports/TALOS-2016-0095/] || {{pkg|lhasa}} || 2016-04-14 || <= 0.3.0-1 || 0.3.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8]<br />
|-<br />
| {{CVE|CVE-2016-1651}} {{CVE|CVE-2016-1652}} {{CVE|CVE-2016-1653}} {{CVE|CVE-2016-1654}} {{CVE|CVE-2016-1655}} {{CVE|CVE-2016-1656}} {{CVE|CVE-2016-1657}} {{CVE|CVE-2016-1658}} {{CVE|CVE-2016-1659}} [http://googlechromereleases.blogspot.fr/2016/04/stable-channel-update_13.html] || {{pkg|chromium}} || 2016-04-13|| <= 49.0.2623.112-1 || 50.0.2661.75-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10]<br />
|-<br />
| {{CVE|CVE-2015-5370}} {{CVE|CVE-2016-2110}} {{CVE|CVE-2016-2111}} {{CVE|CVE-2016-2112}} {{CVE|CVE-2016-2113}} {{CVE|CVE-2016-2114}} {{CVE|CVE-2016-2115}} {{CVE|CVE-2016-2118}} [https://www.samba.org/samba/history/security.html] [http://badlock.org/] || {{pkg|samba}} || 2016-04-12|| <= 4.4.0-1 || 4.4.2-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13]<br />
|-<br />
| {{CVE|CVE-2016-4008}} [http://article.gmane.org/gmane.comp.security.oss.general/19286] || {{pkg|libtasn1}} || 2016-04-11|| <= 4.7-1 || 4.8-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9]<br />
|-<br />
| {{CVE|CVE-2011-5326}} {{CVE|CVE-2016-3993}} {{CVE|CVE-2016-3994}} {{CVE|CVE-2016-4024}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369] [http://article.gmane.org/gmane.comp.security.oss.general/19276] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.8-1 || 1.4.9-1 || 23d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1]<br />
|-<br />
| {{CVE|CVE-2014-9771}} [http://www.openwall.com/lists/oss-security/2016/04/09/3] || {{pkg|imlib2}} || 2016-04-09 || <= 1.4.5-6 || 1.4.6-1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1006}} {{CVE|CVE-2016-1011}} {{CVE|CVE-2016-1012}} {{CVE|CVE-2016-1013}} {{CVE|CVE-2016-1014}} {{CVE|CVE-2016-1015}} {{CVE|CVE-2016-1016}} {{CVE|CVE-2016-1017}} {{CVE|CVE-2016-1018}} {{CVE|CVE-2016-1019}} {{CVE|CVE-2016-1020}} {{CVE|CVE-2016-1021}} {{CVE|CVE-2016-1022}} {{CVE|CVE-2016-1023}} {{CVE|CVE-2016-1024}} {{CVE|CVE-2016-1025}} {{CVE|CVE-2016-1026}} {{CVE|CVE-2016-1027}} {{CVE|CVE-2016-1028}} {{CVE|CVE-2016-1029}} {{CVE|CVE-2016-1030}} {{CVE|CVE-2016-1031}} {{CVE|CVE-2016-1032}} {{CVE|CVE-2016-1033}} [https://helpx.adobe.com/security/products/flash-player/apsa16-01.html] [https://helpx.adobe.com/security/products/flash-player/apsb16-10.html] || {{pkg|flashplugin}} || 2016-04-05 || <= 11.2.202.577-1 || 11.2.202.616-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7]<br />
|-<br />
| {{CVE|CVE-2016-3630}} {{CVE|CVE-2016-3068}} {{CVE|CVE-2016-3069}} [https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29] || {{pkg|mercurial}} || 2016-03-29 || <= 3.7.2-1 || 3.7.3-1 || 8d || Fixed ({{bug|48821}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6]<br />
|-<br />
| {{CVE|CVE-2016-2191}} [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2191] [https://sourceforge.net/p/optipng/bugs/59/] [http://www.openwall.com/lists/oss-security/2016/04/04/2]|| {{Pkg|optipng}} || 2016-04-04 || <= 0.7.5-2 || 0.7.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5]<br />
|-<br />
| {{CVE|CVE-2016-3947}} [http://www.squid-cache.org/Advisories/SQUID-2016_3.txt] || {{Pkg|squid}} || 2016-04-01 || <= 3.5.15-2 || 3.5.16 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] [http://blog.fuseyism.com/index.php/2016/03/25/security-icedtea-2-6-5-for-openjdk-7-released/] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2016-03-24 || <= 7.u95_2.6.4-1 || 7.u99_2.6.5-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3]<br />
|-<br />
| {{CVE|CVE-2016-0636}} [http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2016-03-23 || <= 8.u74-1 || 8.u77-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27]<br />
|-<br />
| {{CVE|CVE-2016-1646}} {{CVE|CVE-2016-1647}} {{CVE|CVE-2016-1648}} {{CVE|CVE-2016-1649}} {{CVE|CVE-2016-1650}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update_24.html] || {{pkg|chromium}} || 2016-03-24 || <= 49.0.2623.87-1 || 49.0.2623.108-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24]<br />
|-<br />
| {{CVE|CVE-2016-2849}} {{CVE|CVE-2016-2850}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-03-20 || <= 1.11.28-1 || 1.11.29-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.7] || {{pkg|thunderbird}} || 2016-03-14 || <= 38.6.0-1 || 38.7.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21]<br />
|-<br />
| {{CVE|CVE-2016-2324}} [http://seclists.org/oss-sec/2016/q1/653] || {{pkg|git}} || 2016-03-15 || <= 2.7.3-1 || 2.7.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20]<br />
|-<br />
| {{CVE|CVE-2016-3116}} [https://matt.ucc.asn.au/dropbear/CHANGES] || {{pkg|dropbear}} || 2016-03-13 || <= 2015.71-1 || 2016.72-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19]<br />
|-<br />
| {{CVE|CVE-2015-1283}} [https://sourceforge.net/p/expat/bugs/528/] || {{pkg|expat}} || 2016-03-12 || <= 2.1.0-4 || 2.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23]<br />
|-<br />
| {{CVE|CVE-2016-2088}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2088] {{CVE|CVE-2016-1286}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1286] {{CVE|CVE-2016-1285}} [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1285] || {{pkg|bind}} || 2016-03-10 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|lib32-flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11]<br />
|-<br />
| {{CVE|CVE-2016-0960}} {{CVE|CVE-2016-0961}} {{CVE|CVE-2016-0962}} {{CVE|CVE-2016-0963}} {{CVE|CVE-2016-0986}} {{CVE|CVE-2016-0987}} {{CVE|CVE-2016-0988}} {{CVE|CVE-2016-0989}} {{CVE|CVE-2016-0990}} {{CVE|CVE-2016-0991}} {{CVE|CVE-2016-0992}} {{CVE|CVE-2016-0993}} {{CVE|CVE-2016-0994}} {{CVE|CVE-2016-0995}} {{CVE|CVE-2016-0996}} {{CVE|CVE-2016-0997}} {{CVE|CVE-2016-0998}} {{CVE|CVE-2016-0999}} {{CVE|CVE-2016-1000}} {{CVE|CVE-2016-1001}} {{CVE|CVE-2016-1002}} {{CVE|CVE-2016-1005}} {{CVE|CVE-2016-1010}} [https://helpx.adobe.com/security/products/flash-player/apsb16-08.html] || {{pkg|flashplugin}} || 2016-03-10 || <= 11.2.202.569-1 || 11.2.202.577-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10]<br />
|-<br />
| {{CVE|CVE-2016-3115}} [http://www.openssh.com/txt/x11fwd.adv] || {{pkg|openssh}} || 2016-03-10 || <= 7.2p1-1 || 7.2p2-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12]<br />
|-<br />
| {{CVE|CVE-2015-8833}} [http://seclists.org/oss-sec/2016/q1/572] || {{pkg|pidgin-otr}} || 2016-03-09 || <= 4.0.1-2 || 4.0.2-1 || 3d || Fixed ({{bug|48537}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14]<br />
|-<br />
| {{CVE|CVE-2016-2774}} [https://kb.isc.org/article/AA-01354] || {{pkg|dhcp}} || 2016-03-09 || <= 4.3.3.p1-1 || 4.3.4-1 || 21d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1531}} [http://www.exim.org/static/doc/CVE-2016-1531.txt] || {{pkg|exim}} || 2016-03-06 || <= 4.86.1-1 || 4.86.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8]<br />
|-<br />
| {{CVE|CVE-2016-1577}} {{CVE|CVE-2016-2089}} {{CVE|CVE-2016-2116}} || {{pkg|jasper}} || 2016-03-06 || <= 1.900.1-14 || 1.900.1-15 || ~2m || Fixed ({{bug|48511}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2]<br />
|-<br />
| {{CVE|CVE-2016-1285}} {{CVE|CVE-2016-1286}} [https://kb.isc.org/article/AA-01352/] [https://kb.isc.org/article/AA-01353/] || {{pkg|bind}} || 2016-03-09 || <= 9.10.3.P3-3 || 9.10.3.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7]<br />
|-<br />
| {{CVE|CVE-2016-2851}} [https://otr.cypherpunks.ca/] || {{pkg|libotr}} || 2016-03-09 || <= 4.1.0-1 || 4.1.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6]<br />
|-<br />
| {{CVE|CVE-2016-1643}} {{CVE|CVE-2016-1644}} {{CVE|CVE-2016-1645}} || {{pkg|chromium}} || 2016-03-09 || <= 49.0.2623.75-1 || 49.0.2623.87-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5]<br />
|-<br />
| {{CVE|CVE-2016-1952}} {{CVE|CVE-2016-1953}} {{CVE|CVE-2016-1954}} {{CVE|CVE-2016-1955}} {{CVE|CVE-2016-1956}} {{CVE|CVE-2016-1957}} {{CVE|CVE-2016-1958}} {{CVE|CVE-2016-1959}} {{CVE|CVE-2016-1960}} {{CVE|CVE-2016-1961}} {{CVE|CVE-2016-1962}} {{CVE|CVE-2016-1963}} {{CVE|CVE-2016-1964}} {{CVE|CVE-2016-1965}} {{CVE|CVE-2016-1966}} {{CVE|CVE-2016-1967}} {{CVE|CVE-2016-1968}} {{CVE|CVE-2016-1970}} {{CVE|CVE-2016-1971}} {{CVE|CVE-2016-1972}} {{CVE|CVE-2016-1973}} {{CVE|CVE-2016-1974}} {{CVE|CVE-2016-1975}} {{CVE|CVE-2016-1976}} {{CVE|CVE-2016-1977}} {{CVE|CVE-2016-2790}} {{CVE|CVE-2016-2791}} {{CVE|CVE-2016-2792}} {{CVE|CVE-2016-2793}} {{CVE|CVE-2016-2794}} {{CVE|CVE-2016-2795}} {{CVE|CVE-2016-2796}} {{CVE|CVE-2016-2797}} {{CVE|CVE-2016-2798}} {{CVE|CVE-2016-2799}} {{CVE|CVE-2016-2800}} {{CVE|CVE-2016-2801}} {{CVE|CVE-2016-2802}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox45] || {{pkg|firefox}} || 2016-03-08 || <= 44.0.2-2 || 45.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4]<br />
|-<br />
| {{CVE|CVE-2016-2532}} {{CVE|CVE-2016-2531}} {{CVE|CVE-2016-2530}} {{CVE|CVE-2016-2529}} {{CVE|CVE-2016-2528}} {{CVE|CVE-2016-2527}} {{CVE|CVE-2016-2526}} {{CVE|CVE-2016-2525}} {{CVE|CVE-2016-2524}} {{CVE|CVE-2016-2523}} {{CVE|CVE-2016-2522}} {{CVE|CVE-2016-2521}} || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2016-03-07 || <= 2.0.1-2 || 2.0.2-1 || 5d || Fixed ({{bug|48536}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17]<br />
|-<br />
| {{CVE|CVE-2016-2381}} [https://www.debian.org/security/2016/dsa-3501] || {{pkg|perl}} || 2016-03-07 || <= 5.22.1-1 || 5.22.1-2 || 3d || Fixed ({{Bug|48482}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9]<br />
|-<br />
| {{CVE|CVE-2015-8126}} {{CVE|CVE-2016-1630}} {{CVE|CVE-2016-1631}} {{CVE|CVE-2016-1632}} {{CVE|CVE-2016-1633}} {{CVE|CVE-2016-1634}} {{CVE|CVE-2016-1635}} {{CVE|CVE-2016-1636}} {{CVE|CVE-2016-1637}} {{CVE|CVE-2016-1638}} {{CVE|CVE-2016-1639}} {{CVE|CVE-2016-1640}} {{CVE|CVE-2016-1641}} {{CVE|CVE-2016-1642}} [http://googlechromereleases.blogspot.fr/2016/03/stable-channel-update.html] || {{pkg|chromium}} || 2016-03-02 || <= 48.0.2564.116-1 || 49.0.2623.75-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-3 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2]<br />
|-<br />
| {{CVE|CVE-2016-0702}} {{CVE|CVE-2016-0705}} {{CVE|CVE-2016-0797}} {{CVE|CVE-2016-0798}} {{CVE|CVE-2016-0799}} {{CVE|CVE-2016-0800}} [https://www.openssl.org/news/secadv/20160301.txt] || {{pkg|lib32-openssl}} || 2016-03-01 || <= 1.0.2.f-1 || 1.0.2.g-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3]<br />
|-<br />
| {{CVE|CVE-2015-7511}} [https://lists.gnupg.org/pipermail/gnupg-announce/2016q1/000384.html] || {{pkg|libgcrypt}} || 2016-02-09 || <= 1.6.4-1 || 1.6.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19]<br />
|-<br />
| {{CVE|CVE-2016-0739}} [https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/] || {{pkg|libssh}} || 2016-02-23 || <= 0.7.2-1 || 0.7.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20]<br />
|-<br />
| {{CVE|CVE-2016-0787}} [https://www.libssh2.org/adv_20160223.html] || {{pkg|lib32-libssh2}} || 2016-02-23 || <= 1.6.0-1 || 1.7.0-1 ||3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21]<br />
|-<br />
| {{CVE|CVE-2016-1629}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_18.html] || {{pkg|chromium}} || 2016-02-18 || <= 48.0.2564.109-1 || 48.0.2564.116-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17]<br />
|-<br />
| {{CVE|CVE-2015-7575}} {{CVE|CVE-2016-1523}} {{CVE|CVE-2016-1930}} {{CVE|CVE-2016-1931}} {{CVE|CVE-2016-1935}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.6] || {{pkg|thunderbird}} || 2016-02-11 || <= 38.5.1-1 || 38.6.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|glibc}} || 2016-02-16 || <= 2.22-3 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15]<br />
|-<br />
| {{CVE|CVE-2015-7547}} {{CVE|CVE-2015-8776}} {{CVE|CVE-2015-8777}} {{CVE|CVE-2015-8778}} {{CVE|CVE-2015-8779}} [https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html] [https://googleonlinesecurity.blogspot.de/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html] || {{pkg|lib32-glibc}} || 2016-02-16 || <= 2.22-3.1 || 2.22-4 || 1d || Fixed ({{Bug|48213}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14]<br />
|-<br />
| {{CVE|CVE-2016-1622}} {{CVE|CVE-2016-1623}} {{CVE|CVE-2016-1624}} {{CVE|CVE-2016-1625}} {{CVE|CVE-2016-1626}} {{CVE|CVE-2016-1627}} [http://googlechromereleases.blogspot.fr/2016/02/stable-channel-update_9.html]|| {{pkg|chromium}} || 2016-02-09 || <= 48.0.2564.103-1 || 48.0.2564.109-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1949}} [https://www.mozilla.org/en-US/security/advisories/mfsa2016-13/]|| {{pkg|firefox}} || 2016-02-11 || <= 44.0.1-1 || 44.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12]<br />
|-<br />
| {{CVE|CVE-2016-1544}} [https://nghttp2.org/blog/2016/02/11/nghttp2-v1-7-1/]|| {{pkg|nghttp2}} || 2016-02-11 || <= 1.7.0-1 || 1.7.1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13]<br />
|-<br />
| {{CVE|CVE-2014-2312}} [https://www.kde.org/info/security/advisory-20160209-1.txt]|| {{pkg|kscreenlocker}} || 2016-02-10 || <= 5.5.4-1 || 5.5.4-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10]<br />
|-<br />
| {{CVE|CVE-2014-9496}} {{CVE|CVE-2014-9756}} {{CVE|CVE-2015-7805}} || {{pkg|libsndfile}} {{pkg|lib32-libsndfile}} || 2016-02-01 || <= 1.0.25-3 || 1.0.26-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9]<br />
|-<br />
| {{CVE|CVE-2015-8803}} {{CVE|CVE-2015-8804}} {{CVE|CVE-2015-8805}} [https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html] || {{pkg|nettle}} {{pkg|lib32-nettle}} || 2016-02-03 || <= 3.1-1 || 3.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6]<br />
|-<br />
| {{CVE|CVE-2016-2194}} {{CVE|CVE-2016-2195}} {{CVE|CVE-2016-2196}} [http://botan.randombit.net/security.html#id1] || {{pkg|botan}} || 2016-02-01 || <= 1.11.25-2 || 1.11.28-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|lib32-glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23]<br />
|-<br />
| {{CVE|CVE-2014-9761}} [http://seclists.org/oss-sec/2016/q1/153] || {{pkg|glibc}} || 2016-02-01 || <= 2.22-4 || 2.23-1 || 27d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22]<br />
|-<br />
| {{CVE|CVE-2016-2048}} [https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/] || {{pkg|python-django}} {{pkg|python2-django}} || 2016-02-01 || <= 1.9.1-1 || 1.9.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2]<br />
|-<br />
| {{CVE|CVE-2016-2090}} [http://article.gmane.org/gmane.comp.security.oss.general/18715] [http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7] [https://bugs.freedesktop.org/show_bug.cgi?id=93881] [https://blog.fuzzing-project.org/36-Heap-buffer-overflow-in-fgetwln-function-of-libbsd.html] || {{pkg|libbsd}} || 2016-01-27 || <= 0.8.1-1 || 0.8.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7]<br />
|-<br />
| {{CVE|CVE-2015-3197}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2016-0701}} [https://openssl.org/news/secadv/20160128.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2016-01-28 || <= 1.0.2.e-1 || 1.0.2.f-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33]<br />
|-<br />
| {{CVE|CVE-2016-0755}} [http://curl.haxx.se/docs/adv_20160127A.html] || {{pkg|curl}} {{pkg|lib32-curl}} || 2016-01-27 || <= 7.46.0-1 || 7.47.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4]<br />
|-<br />
| {{CVE|CVE-2016-0742}} {{CVE|CVE-2016-0746}} {{CVE|CVE-2016-0747}} [http://mailman.nginx.org/pipermail/nginx-announce/2016/000168.html] || {{pkg|nginx}} || 2016-01-26 || <= 1.8.0-2 || 1.8.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31]<br />
|-<br />
| {{CVE|CVE-2016-1982}} {{CVE|CVE-2016-1983}} [http://seclists.org/oss-sec/2016/q1/179] || {{pkg|privoxy}} || 2016-01-21 || <= 3.0.23-1 || 3.0.24-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27]<br />
|-<br />
| {{CVE|CVE-2016-1572}} [https://bugs.launchpad.net/ecryptfs/+bug/1530566] || {{pkg|ecryptfs-utils}} || 2016-01-21 || <= 108-1 || 108-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25]<br />
|-<br />
| {{CVE|CVE-2016-1612}} {{CVE|CVE-2016-1613}} {{CVE|CVE-2016-1614}} {{CVE|CVE-2016-1615}} {{CVE|CVE-2016-1616}} {{CVE|CVE-2016-1617}} {{CVE|CVE-2016-1618}} {{CVE|CVE-2016-1619}} {{CVE|CVE-2016-1620}} [http://googlechromereleases.blogspot.fr/2016/01/stable-channel-update_20.html] || {{pkg|chromium}} || 2016-01-20 || <= 47.0.2526.111-1 || 48.0.2564.82-1 || 1d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28]<br />
|-<br />
| {{CVE|CVE-2015-8704}} {{CVE|CVE-2015-8705}} [https://kb.isc.org/article/AA-01335] [https://kb.isc.org/article/AA-01336] || {{pkg|bind}} || 2016-01-19 || <= 9.10.3.P2-1 || 9.10.3.P3-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux-lts}} || 2016-01-19 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26]<br />
|-<br />
| {{CVE|CVE-2016-0728}} [http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/] || {{pkg|linux}} || 2016-01-19 || <= 4.3.3-2 || 4.3.3-3 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20]<br />
|-<br />
| {{CVE|CVE-2015-5300}} [http://support.ntp.org/bin/view/Main/NtpBug2956] || {{pkg|ntp}} || 2016-01-07 || <= 4.2.8.p4-1 || 4.2.8.p5-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|syncthing}} || 2016-01-13 || <= 0.12.14-1 || 0.12.14-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|keybase}} || 2016-01-13 || <= 1.0.8.0-1 || 1.0.8.0-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|hub}} || 2016-01-13 || <= 2.2.2-1 || 2.2.2-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go-ipfs}} || 2016-01-13 || <= 0.3.11-1 || 0.3.11-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13]<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|docker}} || 2016-01-13 || <= 1:1.9.1-1 || 1:1.9.1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12]<br />
|-<br />
| {{CVE|CVE-2015-8770}} [http://seclists.org/bugtraq/2016/Jan/60] || {{pkg|roundcubemail}} || 2015-12-26 || <= 1.2beta-1 || 1.2beta-2 || 20d || Fixed ({{bug|47764}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18]<br />
|-<br />
| {{CVE|CVE-2016-1903}} {{CVE|CVE-2016-1904}} [http://seclists.org/oss-sec/2016/q1/100] || {{pkg|php}} || 2016-01-14 || <= 7.0.1-1 || 7.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10]<br />
|-<br />
| {{CVE|CVE-2016-0777}} {{CVE|CVE-2016-0778}} [http://www.openssh.com/txt/release-7.1p2] || {{pkg|openssh}} || 2016-01-14 || <= 7.1p1-1 || 7.1p2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9]<br />
|-<br />
| {{CVE|CVE-2016-2213}} [http://www.openwall.com/lists/oss-security/2016/02/03/2] || {{pkg|ffmpeg}} || 2016-02-03 || <= 2.8.4-1 || 2.8.5-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|ffmpeg}} || 2016-01-13 || <= 1:2.8.4-2 || 1:2.8.4-3 || <1d || Fixed ({{Bug|47738}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17]<br />
|-<br />
| {{CVE|CVE-2016-1897}} {{CVE|CVE-2016-1898}} [http://seclists.org/oss-sec/2016/q1/85] || {{pkg|mplayer}} || 2016-01-13 || <= 37379-6 || 37379-7 || 17d || Fixed ({{Bug|47944}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8618}} [https://groups.google.com/forum/#!topic/golang-dev/MEATuOi_ei4] || {{pkg|go}} || 2016-01-13 || <= 2:1.5.2-1 || 2:1.5.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11]<br />
|-<br />
|{{CVE|CVE-2015-8742}} {{CVE|CVE-2015-8741}} {{CVE|CVE-2015-8740}} {{CVE|CVE-2015-8738}} {{CVE|CVE-2015-8739}} {{CVE|CVE-2015-8737}} {{CVE|CVE-2015-8736}} {{CVE|CVE-2015-8735}} {{CVE|CVE-2015-8734}} {{CVE|CVE-2015-8733}} {{CVE|CVE-2015-8732}} {{CVE|CVE-2015-8730}} {{CVE|CVE-2015-8731}} {{CVE|CVE-2015-8729}} {{CVE|CVE-2015-8728}} {{CVE|CVE-2015-8727}} {{CVE|CVE-2015-8726}} {{CVE|CVE-2015-8725}} {{CVE|CVE-2015-8724}} {{CVE|CVE-2015-8723}} {{CVE|CVE-2015-8722}} {{CVE|CVE-2015-8721}} {{CVE|CVE-2015-8720}} {{CVE|CVE-2015-8718}} {{CVE|CVE-2015-8711}} || {{Pkg|wireshark-cli}} {{Pkg|wireshark-gtk}} {{Pkg|wireshark-qt}} || 2016-01-04 || <= 2.0.0 || 2.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6]<br />
|-<br />
| {{CVE|CVE-2016-1564}} [http://article.gmane.org/gmane.comp.security.oss.general/18527] || {{Pkg|wordpress}} || 2016-01-08 || <= 4.4-1 || 4.4.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2]<br />
|-<br />
| {{CVE|CVE-2015-8751}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294039] [http://article.gmane.org/gmane.comp.security.oss.general/18523] || {{Pkg|jasper}} || 2016-01-07 || 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-8750}} [https://bugzilla.redhat.com/show_bug.cgi?id=1294264] [https://github.com/tomhughes/libdwarf/commit/11750a2838e52953013e3114ef27b3c7b1780697] || {{Pkg|libdwarf}} || 2016-01-07 || 20150507-1 || 20160115-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22]<br />
|-<br />
| {{CVE|CVE-2016-1503}} {{CVE|CVE-2016-1504}} [http://article.gmane.org/gmane.comp.security.oss.general/18516] || {{Pkg|dhcpcd}} || 2016-01-07 || <= 6.9.4-1 || 6.10.0-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7]<br />
|-<br />
| {{CVE|CVE-2015-7575}} [http://www.mitls.org/pages/attacks/SLOTH] [https://tls.mbed.org/tech-updates/releases/mbedtls-2.2.1-2.1.4-1.3.16-and-polarssl.1.2.19-released] || {{pkg|mbedtls}} || 2016-01-04 || 2.2.0-1 || 2.2.1-1 || 21d || Fixed ({{bug|47783}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29]<br />
|-<br />
| {{CVE|CVE-2015-8688}} [http://gultsch.de/gajim_roster_push_and_message_interception.html] || {{pkg|gajim}} || 2015-12-20 || <= 0.16.4-1 || 0.16.5-1 || 20d || Fixed ({{bug|47647}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3]<br />
|-<br />
| {{CVE|CVE-2016-1494}} [https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff] [https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/] || {{pkg|python-rsa}} {{pkg|python2-rsa}} || 2016-01-05 || <= 3.2.3-1 || 3.3-1 || 13d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24]<br />
|-<br />
| {{CVE|CVE-2016-1283}} [https://bugs.exim.org/show_bug.cgi?id=1767] [http://article.gmane.org/gmane.comp.security.oss.general/18481] || {{pkg|pcre}} || 2016-01-02 || <= 8.38-2 || 8.38-3 || 71d|| Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18]<br />
|-<br />
|[http://article.gmane.org/gmane.comp.security.oss.general/18466] || {{Pkg|rtmpdump}} || 2015-12-23 || <= 20140918-2 || 1:2.4.r96.fa8646d-1 || 7d || Fixed ({{bug|47564}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1]<br />
|-<br />
| {{CVE|CVE-2015-8472}} [http://seclists.org/oss-sec/2015/q4/439] || {{pkg|libpng}} || 2015-12-03 || <= 1.6.19-1 || 1.6.20-1 || 25d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-18]<br />
|-<br />
| {{CVE|CVE-2015-8459}} {{CVE|CVE-2015-8460}} {{CVE|CVE-2015-8634}} {{CVE|CVE-2015-8635}} {{CVE|CVE-2015-8636}} {{CVE|CVE-2015-8638}} {{CVE|CVE-2015-8639}} {{CVE|CVE-2015-8640}} {{CVE|CVE-2015-8641}} {{CVE|CVE-2015-8642}} {{CVE|CVE-2015-8643}} {{CVE|CVE-2015-8644}} {{CVE|CVE-2015-8645}} {{CVE|CVE-2015-8646}} {{CVE|CVE-2015-8647}} {{CVE|CVE-2015-8648}} {{CVE|CVE-2015-8649}} {{CVE|CVE-2015-8650}} {{CVE|CVE-2015-8651}} [https://helpx.adobe.com/security/products/flash-player/apsb16-01.html] || {{pkg|flashplugin}} {{pkg|lib32-flashplugin}} || 2015-12-28 || <= 11.2.202.554-1 || 11.2.202.559-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17]<br />
|-<br />
| {{CVE|CVE-2015-7554}} {{CVE|CVE-2015-8683}} [http://seclists.org/oss-sec/2015/q4/584] [http://seclists.org/oss-sec/2015/q4/590] || {{pkg|libtiff}} || 2015-12-25 || <= 4.0.6-2 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.5] || {{pkg|thunderbird}} || 2015-12-23 || <= 38.4.0-2 || 38.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14]<br />
|-<br />
| {{CVE|CVE-2015-8612}} [http://seclists.org/oss-sec/2015/q4/541] || {{pkg|blueman}} || 2015-12-18 || <= 2.0.2-1 || 2.0.3-1 || 38d || Fixed ({{bug|47784}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30]<br />
|-<br />
| {{CVE|CVE-2015-8659}} [http://seclists.org/oss-sec/2015/q4/576] || {{pkg|nghttp2}} || 2015-12-23 || <= 1.5.0-2 || 1.6.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16]<br />
|-<br />
| {{CVE|CVE-2015-7555}} [http://seclists.org/oss-sec/2015/q4/548] || {{pkg|giflib}} || 2015-12-21 || <= 5.1.1-1 || 5.2.1-1 || 43d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-7557}} {{CVE|CVE-2015-7558}} [http://seclists.org/oss-sec/2015/q4/549] || {{pkg|librsvg}} || 2015-12-21 || <= 2:2.40.11-1 || 2:2.40.13-1 || 45d || Fixed ({{bug|47785}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8622}} {{CVE|CVE-2015-8623}} {{CVE|CVE-2015-8624}} {{CVE|CVE-2015-8625}} {{CVE|CVE-2015-8626}} {{CVE|CVE-2015-8627}} {{CVE|CVE-2015-8628}} [http://seclists.org/oss-sec/2015/q4/552] || {{pkg|mediawiki}} || 2015-12-17 || <= 1.26.0-1 || 1.26.2-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15]<br />
|-<br />
| {{CVE|CVE-2015-8614}} [http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3557] || {{pkg|claws-mail}} || 2015-12-21 || <= 3.13.0-1 || 3.13.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13]<br />
|-<br />
| {{CVE|CVE-2015-8369}} {{CVE|CVE-2015-8604}} {{CVE|CVE-2015-8377}} {{CVE|CVE-2016-2313}} [http://www.openwall.com/lists/oss-security/2016/02/09/3] [https://bugs.mageia.org/show_bug.cgi?id=17352] [http://www.openwall.com/lists/oss-security/2016/01/04/8] || {{pkg|cacti}} || 2015-12-17 || <= 0.8.8_f-3 || 0.8.8_g-2 || 72d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24]<br />
|-<br />
| [https://blog.fuzzing-project.org/32-Out-of-bounds-read-in-OpenVPN.html] || {{pkg|openvpn}} || 2015-12-18 || <= 2.3.8-2 || 2.3.9-1 || 9d || Fixed ({{bug|47498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19]<br />
|-<br />
| {{CVE|CVE-2015-8549}} [http://www.ocert.org/advisories/ocert-2015-011.html] || {{pkg|python2-pyamf}} || 2015-12-17 || <= 0.7.2-1 || 0.8.0-2 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12]<br />
|-<br />
| {{CVE|CVE-2015-7551}} [https://www.ruby-lang.org/en/news/2015/12/16/unsafe-tainted-string-usage-in-fiddle-and-dl-cve-2015-7551/] || {{pkg|ruby}} || 2015-12-16 || <= 2.2.3-1 || 2.2.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11]<br />
|-<br />
| {{CVE|CVE-2015-7201}} {{CVE|CVE-2015-7202}} {{CVE|CVE-2015-7203}} {{CVE|CVE-2015-7204}} {{CVE|CVE-2015-7205}} {{CVE|CVE-2015-7207}} {{CVE|CVE-2015-7208}} {{CVE|CVE-2015-7210}} {{CVE|CVE-2015-7211}} {{CVE|CVE-2015-7212}} {{CVE|CVE-2015-7213}} {{CVE|CVE-2015-7214}} {{CVE|CVE-2015-7215}} {{CVE|CVE-2015-7216}} {{CVE|CVE-2015-7217}} {{CVE|CVE-2015-7218}} {{CVE|CVE-2015-7219}} {{CVE|CVE-2015-7220}} {{CVE|CVE-2015-7221}} {{CVE|CVE-2015-7222}} {{CVE|CVE-2015-7223}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox43] || {{pkg|firefox}} || 2015-12-15 || <= 42.0-3 || 43.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9]<br />
|-<br />
| {{CVE|CVE-2015-8000}} [https://kb.isc.org/article/AA-01317] || {{pkg|bind}} || 2015-12-15 || <= 9.10.3-2 || 9.10.3.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10]<br />
|-<br />
| {{CVE|CVE-2015-8370}} [http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html#fix] || {{pkg|grub}} || 2015-12-15 || <= 1:2.02.beta2-5 || 1:2.02.beta2-6 || 3d || Fixed ({{bug|47386}}) || None<br />
|-<br />
| {{CVE|CVE-2015-8378}} [https://www.keepassx.org/news/2015/12/551] || {{pkg|keepassx}} || 2015-12-08 || <= 0.4.3-7 || 0.4.4-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8]<br />
|-<br />
| {{CVE|CVE-2015-8045}} {{CVE|CVE-2015-8047}} {{CVE|CVE-2015-8048}} {{CVE|CVE-2015-8049}} {{CVE|CVE-2015-8050}} {{CVE|CVE-2015-8055}} {{CVE|CVE-2015-8056}} {{CVE|CVE-2015-8057}} {{CVE|CVE-2015-8058}} {{CVE|CVE-2015-8059}} {{CVE|CVE-2015-8060}} {{CVE|CVE-2015-8061}} {{CVE|CVE-2015-8062}} {{CVE|CVE-2015-8063}} {{CVE|CVE-2015-8064}} {{CVE|CVE-2015-8065}} {{CVE|CVE-2015-8066}} {{CVE|CVE-2015-8067}} {{CVE|CVE-2015-8068}} {{CVE|CVE-2015-8069}} {{CVE|CVE-2015-8070}} {{CVE|CVE-2015-8071}} {{CVE|CVE-2015-8401}} {{CVE|CVE-2015-8402}} {{CVE|CVE-2015-8403}} {{CVE|CVE-2015-8404}} {{CVE|CVE-2015-8405}} {{CVE|CVE-2015-8406}} {{CVE|CVE-2015-8407}} {{CVE|CVE-2015-8408}} {{CVE|CVE-2015-8409}} {{CVE|CVE-2015-8410}} {{CVE|CVE-2015-8411}} {{CVE|CVE-2015-8412}} {{CVE|CVE-2015-8413}} {{CVE|CVE-2015-8414}} {{CVE|CVE-2015-8415}} {{CVE|CVE-2015-8416}} {{CVE|CVE-2015-8417}} {{CVE|CVE-2015-8418}} {{CVE|CVE-2015-8419}} {{CVE|CVE-2015-8420}} {{CVE|CVE-2015-8421}} {{CVE|CVE-2015-8422}} {{CVE|CVE-2015-8423}} {{CVE|CVE-2015-8424}} {{CVE|CVE-2015-8425}} {{CVE|CVE-2015-8426}} {{CVE|CVE-2015-8427}} {{CVE|CVE-2015-8428}} {{CVE|CVE-2015-8429}} {{CVE|CVE-2015-8430}} {{CVE|CVE-2015-8431}} {{CVE|CVE-2015-8432}} {{CVE|CVE-2015-8433}} {{CVE|CVE-2015-8434}} {{CVE|CVE-2015-8435}} {{CVE|CVE-2015-8436}} {{CVE|CVE-2015-8437}} {{CVE|CVE-2015-8438}} {{CVE|CVE-2015-8439}} {{CVE|CVE-2015-8440}} {{CVE|CVE-2015-8441}} {{CVE|CVE-2015-8442}} {{CVE|CVE-2015-8443}} {{CVE|CVE-2015-8444}} {{CVE|CVE-2015-8445}} {{CVE|CVE-2015-8446}} {{CVE|CVE-2015-8447}} {{CVE|CVE-2015-8448}} {{CVE|CVE-2015-8449}} {{CVE|CVE-2015-8450}} {{CVE|CVE-2015-8451}} {{CVE|CVE-2015-8452}} {{CVE|CVE-2015-8453}} {{CVE|CVE-2015-8454}} {{CVE|CVE-2015-8455}} [https://helpx.adobe.com/security/products/flash-player/apsb15-32.html] || {{pkg|flashplugin}} || 2015-12-08 || <= 11.2.202.548-1 || 11.2.202.554-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7]<br />
|-<br />
| {{CVE|CVE-2015-6788}} {{CVE|CVE-2015-6789}} {{CVE|CVE-2015-6790}} {{CVE|CVE-2015-6791}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update_8.html] || {{pkg|chromium}} || 2015-12-08 || <= 47.0.2526.73-1 || 47.0.2526.80-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5]<br />
|-<br />
| {{CVE|CVE-2015-3193}} {{CVE|CVE-2015-3194}} {{CVE|CVE-2015-3195}} {{CVE|CVE-2015-3196}} {{CVE|CVE-2015-1794}} [https://www.openssl.org/news/secadv/20151203.txt] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-12-03 || <= 1.0.2.d-1 || 1.0.2.e-1 || <3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-6765}} {{CVE|CVE-2015-6766}} {{CVE|CVE-2015-6767}} {{CVE|CVE-2015-6768}} {{CVE|CVE-2015-6769}} {{CVE|CVE-2015-6770}} {{CVE|CVE-2015-6771}} {{CVE|CVE-2015-6772}} {{CVE|CVE-2015-6773}} {{CVE|CVE-2015-6774}} {{CVE|CVE-2015-6775}} {{CVE|CVE-2015-6776}} {{CVE|CVE-2015-6777}} {{CVE|CVE-2015-6778}} {{CVE|CVE-2015-6779}} {{CVE|CVE-2015-6780}} {{CVE|CVE-2015-6781}} {{CVE|CVE-2015-6782}} {{CVE|CVE-2015-6783}} {{CVE|CVE-2015-6784}} {{CVE|CVE-2015-6785}} {{CVE|CVE-2015-6786}} {{CVE|CVE-2015-6787}} [http://googlechromereleases.blogspot.fr/2015/12/stable-channel-update.html] || {{pkg|chromium}} || 2015-12-01 || <= 46.0.2490.86-1 || 47.0.2526.73-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1]<br />
|-<br />
| {{CVE|CVE-2015-6764}} {{CVE|CVE-2015-8027}} [https://nodejs.org/en/blog/vulnerability/cve-2015-8027_cve-2015-6764/] || {{pkg|nodejs}} || 2015-11-25 || <= 5.1.0-1 || 5.1.1-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4]<br />
|-<br />
| {{CVE|CVE-2015-8213}} [https://www.djangoproject.com/weblog/2015/nov/24/security-releases-issued/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-11-24 || <= 1.8.6-1 || 1.8.7-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3]<br />
|-<br />
| {{CVE|CVE-2015-1819}} {{CVE|CVE-2015-5312}} {{CVE|CVE-2015-7941}} {{CVE|CVE-2015-7942}} {{CVE|CVE-2015-7497}} {{CVE|CVE-2015-7498}} {{CVE|CVE-2015-7499}} {{CVE|CVE-2015-7500}} {{CVE|CVE-2015-8035}} {{CVE|CVE-2015-8242}} [https://mail.gnome.org/archives/xml/2015-November/msg00012.html templink] || {{pkg|libxml2}} || 2015-11-20 || <= 2.9.2-2 || 2.9.3-1 || 19d || Fixed ({{bug|47095}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6]<br />
|-<br />
| {{CVE|CVE-2015-7981}} {{CVE|CVE-2015-8126}} [http://seclists.org/oss-sec/2015/q4/264 templink] [http://seclists.org/oss-sec/2015/q4/161 templink] || {{pkg|libpng}} {{pkg|lib32-libpng}} || 2015-11-12 || <= 1.6.18-1 || 1.6.19-1 || 5d || Fixed ({{bug|47069}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10]<br />
|-<br />
| {{CVE|CVE-2015-5309}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html templink] || {{pkg|putty}} || 2015-11-12 || <= 0.65-1 || 0.66-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7]<br />
|-<br />
| {{CVE|CVE-2015-7651}} {{CVE|CVE-2015-7652}} {{CVE|CVE-2015-7653}} {{CVE|CVE-2015-7654}} {{CVE|CVE-2015-7655}} {{CVE|CVE-2015-7656}} {{CVE|CVE-2015-7657}} {{CVE|CVE-2015-7658}} {{CVE|CVE-2015-7659}} {{CVE|CVE-2015-7660}} {{CVE|CVE-2015-7661}} {{CVE|CVE-2015-7662}} {{CVE|CVE-2015-7663}} {{CVE|CVE-2015-8042}} {{CVE|CVE-2015-8043}} {{CVE|CVE-2015-8044}} {{CVE|CVE-2015-8046}} [https://helpx.adobe.com/security/products/flash-player/apsb15-28.html templink] || {{pkg|flashplugin}} || 2015-11-10 || <= 11.2.202.540-1 || 11.2.202.548-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5]<br />
|-<br />
| {{CVE|CVE-2015-1302}} [http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-11-10 || <= 46.0.2490.80-2 || 46.0.2490.86-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8]<br />
|-<br />
| {{CVE|CVE-2015-5311}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-03/ templink] || {{pkg|powerdns}} || 2015-11-09 || <= 3.4.6-2 || 3.4.7-1 || 3d || Fixed ({{bug|47014}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6]<br />
|-<br />
| {{CVE|CVE-2015-4513}} {{CVE|CVE-2015-4514}} {{CVE|CVE-2015-4515}} {{CVE|CVE-2015-4518}} {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} {{CVE|CVE-2015-7183}} {{CVE|CVE-2015-7187}} {{CVE|CVE-2015-7188}} {{CVE|CVE-2015-7189}} {{CVE|CVE-2015-7193}} {{CVE|CVE-2015-7194}} {{CVE|CVE-2015-7195}} {{CVE|CVE-2015-7196}} {{CVE|CVE-2015-7197}} {{CVE|CVE-2015-7198}} {{CVE|CVE-2015-7199}} {{CVE|CVE-2015-7200}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-11-03 || <= 41.0.2-2 || 42.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2]<br />
|-<br />
| {{CVE|CVE-2015-7183}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nspr}} || 2015-11-03 || <= 4.10.9-1 || 4.10.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4]<br />
|-<br />
| {{CVE|CVE-2015-7181}} {{CVE|CVE-2015-7182}} [http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg12386.html templink] || {{pkg|nss}} || 2015-11-03 || <= 3.20-1 || 3.20.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3]<br />
|-<br />
| {{CVE|CVE-2015-7696}} {{CVE|CVE-2015-7697}} [http://seclists.org/oss-sec/2015/q3/512 templink] || {{pkg|unzip}} || 2015-10-30 || <= 6.0-10 || 6.0-11 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1]<br />
|-<br />
| {{CVE|CVE-2015-8011}} {{CVE|CVE-2015-8012}} [http://seclists.org/oss-sec/2015/q4/198 templink] || {{pkg|lldpd}} || 2015-10-17 || <= 0.7.18-1 || 0.7.19-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} {{CVE|CVE-2015-7989}} [https://codex.wordpress.org/Version_4.3.1 templink] || {{pkg|wordpress}} || 2015-10-18 || <= 4.3.0-1 || 4.3.1-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24]<br />
|-<br />
| {{CVE|CVE-2015-7873}} [https://www.phpmyadmin.net/security/PMASA-2015-5/ templink] || {{pkg|phpmyadmin}} || 2015-10-23 || <= 4.5.0-1 || 4.5.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23]<br />
|-<br />
| {{CVE|CVE-2015-7995}} [https://bugzilla.redhat.com/show_bug.cgi?id=1257962 templink] || {{pkg|libxslt}} || 2015-10-27 || <= 1.1.28-3 || 1.1.28-4 || 73d || Fixed ({{bug|47681}}) || [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8]<br />
|-<br />
| {{CVE|CVE-2015-7943}} [https://www.drupal.org/SA-CORE-2015-004 templink] || {{pkg|drupal}} || 2015-10-21 || <= 7.40-1 || 7.41-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21]<br />
|-<br />
| {{CVE|CVE-2015-4913}} {{CVE|CVE-2015-4870}} {{CVE|CVE-2015-4861}} {{CVE|CVE-2015-4858}} {{CVE|CVE-2015-4836}} {{CVE|CVE-2015-4830}} {{CVE|CVE-2015-4826}} {{CVE|CVE-2015-4815}} {{CVE|CVE-2015-4802}} {{CVE|CVE-2015-4792}} || {{pkg|mariadb}} || 2015-10-22 || <= 10.0.21-3 || 10.0.22-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] <br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4868}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4901}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4906}} {{CVE|CVE-2015-4908}} {{CVE|CVE-2015-4911}} {{CVE|CVE-2015-4916}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-09-22 || <= 8.u60-1 || 8.u65-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20]<br />
|-<br />
| {{CVE|CVE-2015-4734}} {{CVE|CVE-2015-4803}} {{CVE|CVE-2015-4805}} {{CVE|CVE-2015-4806}} {{CVE|CVE-2015-4810}} {{CVE|CVE-2015-4835}} {{CVE|CVE-2015-4840}} {{CVE|CVE-2015-4842}} {{CVE|CVE-2015-4843}} {{CVE|CVE-2015-4844}} {{CVE|CVE-2015-4860}} {{CVE|CVE-2015-4871}} {{CVE|CVE-2015-4872}} {{CVE|CVE-2015-4881}} {{CVE|CVE-2015-4882}} {{CVE|CVE-2015-4883}} {{CVE|CVE-2015-4893}} {{CVE|CVE-2015-4902}} {{CVE|CVE-2015-4903}} {{CVE|CVE-2015-4911}} || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-09-22 || <= 7.u85_2.6.1-2 || 7.u91_2.6.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17]<br />
|-<br />
| {{CVE|CVE-2015-7691}} {{CVE|CVE-2015-7692}} {{CVE|CVE-2015-7701}} {{CVE|CVE-2015-7702}} {{CVE|CVE-2015-7703}} {{CVE|CVE-2015-7704}} {{CVE|CVE-2015-7705}} {{CVE|CVE-2015-7848}} {{CVE|CVE-2015-7849}} {{CVE|CVE-2015-7850}} {{CVE|CVE-2015-7851}} {{CVE|CVE-2015-7852}} {{CVE|CVE-2015-7853}} {{CVE|CVE-2015-7854}} {{CVE|CVE-2015-7855}} {{CVE|CVE-2015-7871}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] [http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html templink] || {{pkg|ntp}} || 2015-10-21 || <= 4.2.8.p3-1 || 4.2.8.p4-1 || 1d || Fixed ({{bug|46826}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14]<br />
|-<br />
| {{CVE|CVE-2015-6031}} [http://talosintel.com/reports/TALOS-2015-0035/ templink] || {{pkg|miniupnpc}} || 2015-09-15 || <= 1.9.20150730-1 || 1.9.20151008-1 || 30d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11]<br />
|-<br />
| {{CVE|CVE-2015-7645}} {{CVE|CVE-2015-7647}} {{CVE|CVE-2015-7648}} [https://helpx.adobe.com/security/products/flash-player/apsa15-05.html templink] [https://helpx.adobe.com/security/products/flash-player/apsb15-27.html templink] || {{pkg|flashplugin}} || 2015-10-14 || <= 11.2.202.535-1 || 11.2.202.540-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12]<br />
|-<br />
| {{CVE|CVE-2015-7184}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/ templink] || {{pkg|firefox}} || 2015-10-15 || <= 41.0.1-1 || 41.0.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10]<br />
|-<br />
| {{CVE|CVE-2015-5260}} {{CVE|CVE-2015-5261}} {{CVE|CVE-2015-3247}} [http://lists.freedesktop.org/archives/spice-devel/2015-October/022168.html templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1260822 templink] [https://bugzilla.redhat.com/show_bug.cgi?id=1261889 templink] [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=797976;msg=21 templink] || {{pkg|spice}} || 2015-09-08 || <= 0.12.5-1 || 0.12.6-1 || 41d || Fixed ({{bug|46738}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13]<br />
|-<br />
| {{CVE|CVE-2015-6755}} {{CVE|CVE-2015-6756}} {{CVE|CVE-2015-6757}} {{CVE|CVE-2015-6758}} {{CVE|CVE-2015-6759}} {{CVE|CVE-2015-6760}} {{CVE|CVE-2015-6761}} {{CVE|CVE-2015-6762}} {{CVE|CVE-2015-6763}} [http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-10-13 || <= 45.0.2454.101-2 || 46.0.2490.71-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-5569}} {{CVE|CVE-2015-7625}} {{CVE|CVE-2015-7626}} {{CVE|CVE-2015-7627}} {{CVE|CVE-2015-7628}} {{CVE|CVE-2015-7629}} {{CVE|CVE-2015-7630}} {{CVE|CVE-2015-7631}} {{CVE|CVE-2015-7632}} {{CVE|CVE-2015-7633}} {{CVE|CVE-2015-7634}} {{CVE|CVE-2015-7643}} {{CVE|CVE-2015-7644}} [https://helpx.adobe.com/security/products/flash-player/apsb15-25.html templink] || {{pkg|flashplugin}} || 2015-10-13 || <= 11.2.202.521-1 || 11.2.202.535-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-5291}} [https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01 templink] || {{pkg|mbedtls}} || 2015-10-05 || <= 2.1.1-1 || 2.1.2-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9]<br />
|-<br />
| {{CVE|CVE-2015-7384}} [https://nodejs.org/en/blog/release/v4.1.2/ templink] || {{pkg|nodejs}} || 2015-10-05 || <= 4.1.1-1 || 4.1.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3]<br />
|-<br />
| {{CVE|CVE-2015-7687}} [http://seclists.org/oss-sec/2015/q4/17 templink] [https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f8e2fe24f3ff174d8515b82607e951e054f68f6 templink] || {{pkg|opensmtpd}} || 2015-10-02 || <= 5.7.1p1-1 || 5.7.3p1-1 || 6d || Fixed ({{bug|46605}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5]<br />
|-<br />
| {{CVE|CVE-2015-7673}} {{CVE|CVE-2015-7674}} [http://seclists.org/oss-sec/2015/q4/18 templink] [http://seclists.org/oss-sec/2015/q4/19 templink] || {{pkg|gdk-pixbuf2}} || 2015-10-01 || <= 2.31.7-1 || 2.32.1-1 || 9d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6]<br />
|-<br />
| {{CVE|CVE-2015-1335}} [https://github.com/lxc/lxc/commit/6de26af93d3dd87c8b21a42fdf20f30fa1c1948d templink] || {{pkg|lxc}} || 2015-09-29 || <= 1:1.1.3-2 || - || - || Rejected ({{bug|46574}}) || None<br />
|-<br />
| {{CVE|CVE-2015-6972}} {{CVE|CVE-2015-6973}} [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-XSS.txt templink] [http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt templink] [https://igniterealtime.org/issues/browse/OF-942] || {{pkg|openfire}} || 2015-09-14 || <= 4.0.2-1 || || || '''Vulnerable''' ||<br />
|-<br />
| {{CVE|CVE-2015-4499}} [https://www.bugzilla.org/security/4.2.14/ templink] || {{pkg|bugzilla}} || 2015-09-10 || <= 5.0-1 || 5.0.1-1 || 28d || Fixed ({{bug|46573}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4]<br />
|-<br />
| {{CVE|CVE-2015-4141}} {{CVE|CVE-2015-4142}} {{CVE|CVE-2015-4143}} {{CVE|CVE-2015-4144}} {{CVE|CVE-2015-4145}} {{CVE|CVE-2015-4146}} [http://w1.fi/security/2015-2/ templink] [http://w1.fi/security/2015-3/ templink] [http://w1.fi/security/2015-4/ templink] [http://w1.fi/security/2015-5/ templink] || {{pkg|hostapd}} || 2015-05-04 || <= 2.4-2 || 2.5-1 || ~150d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2]<br />
|-<br />
| {{CVE|CVE-2015-3239}} [https://bugzilla.redhat.com/show_bug.cgi?id=1232265 templink] || {{pkg|libunwind}} || 2015-06-16 || <= 1.1-2 || 1.1-3 || ~110d || Fixed ({{bug|46474}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1]<br />
|-<br />
| {{CVE|CVE-2015-1303}} {{CVE|CVE-2015-1304}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update_24.html templink] || {{pkg|chromium}} || 2015-09-24 || <= 45.0.2454.99-1 || 45.0.2454.101-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11]<br />
|-<br />
| {{CVE|CVE-2015-4500}} {{CVE|CVE-2015-4501}} {{CVE|CVE-2015-4502}} {{CVE|CVE-2015-4504}} {{CVE|CVE-2015-4506}} {{CVE|CVE-2015-4507}} {{CVE|CVE-2015-4508}} {{CVE|CVE-2015-4509}} {{CVE|CVE-2015-4510}} {{CVE|CVE-2015-4511}} {{CVE|CVE-2015-4512}} {{CVE|CVE-2015-4516}} {{CVE|CVE-2015-4517}} {{CVE|CVE-2015-4519}} {{CVE|CVE-2015-4520}} {{CVE|CVE-2015-4521}} {{CVE|CVE-2015-4522}} {{CVE|CVE-2015-7174}} {{CVE|CVE-2015-7175}} {{CVE|CVE-2015-7176}} {{CVE|CVE-2015-7177}} {{CVE|CVE-2015-7180}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox41 templink] || {{pkg|firefox}} || 2015-09-22 || <= 40.0.3-1 || 41.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9]<br />
|-<br />
| {{CVE|CVE-2015-5567}} {{CVE|CVE-2015-5568}} {{CVE|CVE-2015-5570}} {{CVE|CVE-2015-5571}} {{CVE|CVE-2015-5572}} {{CVE|CVE-2015-5573}} {{CVE|CVE-2015-5574}} {{CVE|CVE-2015-5575}} {{CVE|CVE-2015-5576}} {{CVE|CVE-2015-5577}} {{CVE|CVE-2015-5578}} {{CVE|CVE-2015-5579}} {{CVE|CVE-2015-5580}} {{CVE|CVE-2015-5581}} {{CVE|CVE-2015-5582}} {{CVE|CVE-2015-5584}} {{CVE|CVE-2015-5587}} {{CVE|CVE-2015-5588}} {{CVE|CVE-2015-6676}} {{CVE|CVE-2015-6677}} {{CVE|CVE-2015-6678}} {{CVE|CVE-2015-6679}} {{CVE|CVE-2015-6682}} [https://helpx.adobe.com/security/products/flash-player/apsb15-23.html templink] || {{pkg|flashplugin}} || 2015-09-21 || <= 11.2.202.508-1 || 11.2.202.521-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201510-8]<br />
|-<br />
| {{CVE|CVE-2015-7236}} [http://seclists.org/oss-sec/2015/q3/561 templink] || {{pkg|rpcbind}} || 2015-09-17 || <= 0.2.3-1 || 0.2.3-2 || 7d || Fixed ({{bug|46341}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10]<br />
|-<br />
| {{CVE|CVE-2015-5714}} {{CVE|CVE-2015-5715}} [https://wordpress.org/news/2015/09/wordpress-4-3-1/ templink] || {{pkg|wordpress}} || 2015-09-15 || <= 4.3-1 || 4.3.1-1 || 5d || Fixed ({{bug|46340}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201510-7]<br />
|-<br />
| {{CVE|CVE-2015-6908}} [http://www.openwall.com/lists/oss-security/2015/09/11/5 templink] || {{pkg|openldap}} || 2015-09-09 || <= 2.4.42-1 || 2.4.42-2 || 3d || Fixed ({{bug|46265}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4]<br />
|-<br />
| {{CVE|CVE-2015-5722}} {{CVE|CVE-2015-5986}} [https://www.isc.org/blogs/cve-2015-5986-an-incorrect-boundary-check-can-trigger-a-require-assertion-failure-in-openpgpkey_61-c/ templink] [https://www.isc.org/blogs/cve-2015-5722-parsing-malformed-keys-may-cause-bind-to-exit-due-to-a-failed-assertion-in-buffer-c/ templink] || {{pkg|bind}} || 2015-09-02 || <= 9.10.2.P3-1 || 9.10.2.P4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2]<br />
|-<br />
| {{CVE|CVE-2015-5198}} {{CVE|CVE-2015-5199}} {{CVE|CVE-2015-5200}} [http://lists.x.org/archives/xorg-announce/2015-August/002630.html templink] || {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} || 2015-08-31 || <= 1.1-1 || 1.1.1-1 || 13d || Fixed ({{bug|46266}}) ({{bug|46267}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5]<br />
|-<br />
| {{CVE|CVE-2015-1291}} {{CVE|CVE-2015-1292}} {{CVE|CVE-2015-1293}} {{CVE|CVE-2015-1294}} {{CVE|CVE-2015-1295}} {{CVE|CVE-2015-1296}} {{CVE|CVE-2015-1297}} {{CVE|CVE-2015-1298}} {{CVE|CVE-2015-1299}} {{CVE|CVE-2015-1300}} {{CVE|CVE-2015-1301}} [http://googlechromereleases.blogspot.fr/2015/09/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-09-01 || <= 44.0.2403.157-1 || 45.0.2454.85-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1]<br />
|-<br />
| {{CVE|CVE-2015-5230}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-02/ templink] || {{pkg|powerdns}} || 2015-09-02 || <= 3.4.5-1 || 3.4.6-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3]<br />
|-<br />
| {{CVE|CVE-2015-5317}} {{CVE|CVE-2015-5318}} {{CVE|CVE-2015-5319}} {{CVE|CVE-2015-5320}} {{CVE|CVE-2015-5321}} {{CVE|CVE-2015-5322}} {{CVE|CVE-2015-5323}} {{CVE|CVE-2015-5324}} {{CVE|CVE-2015-5325}} {{CVE|CVE-2015-5326}} {{CVE|CVE-2015-8103}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 templink] [http://seclists.org/bugtraq/2015/Aug/161 templink] || {{pkg|jenkins}} || 2015-08-28 || <= 1.627-1 || 1.638-1 || 60d || Fixed ({{bug|46268}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11]<br />
|-<br />
| {{CVE|CVE-2015-6749}} [http://seclists.org/oss-sec/2015/q3/457 templink] || {{pkg|vorbis-tools}} || 2015-08-30 || <= 1.4.0-5 || 1.4.0-6 || >60d || Fixed ({{bug|46269}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22]<br />
|-<br />
| {{CVE|CVE-2015-4497}} {{CVE|CVE-2015-4498}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40.0.3 templink] || {{pkg|firefox}} || 2015-08-27 || <= 40.0.2-1 || 40.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12]<br />
|-<br />
| {{CVE|CVE-2015-5949}} [http://www.ocert.org/advisories/ocert-2015-009.html templink] || {{pkg|vlc}} || 2015-08-20 || <= 2.2.1-6 || 2.2.2-1 || 179d || Fixed ({{bug|46037}}) || None<br />
|-<br />
| {{CVE|CVE-2015-5963}} [https://www.djangoproject.com/weblog/2015/aug/18/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-08-18 || <= 1.8.3-1 || 1.8.4-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9]<br />
|-<br />
| {{CVE|CVE-2015-5221}} [http://seclists.org/oss-sec/2015/q3/408 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || <br />
|-<br />
| {{CVE|CVE-2015-5203}} [http://seclists.org/oss-sec/2015/q3/366 templink] || {{pkg|jasper}} || 2015-08-16 || <= 1.900.1-15 || || || '''Vulnerable''' || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10]<br />
|-<br />
| CVE Pending [http://seclists.org/oss-sec/2015/q3/295 templink] || {{pkg|pcre}} || 2015-08-05 || <= 8.37-2 || 8.37-3 || 12d || Fixed ({{bug|45945}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11]<br />
|-<br />
| {{CVE|CVE-2015-4473}} {{CVE|CVE-2015-4474}} {{CVE|CVE-2015-4475}} {{CVE|CVE-2015-4477}} {{CVE|CVE-2015-4478}} {{CVE|CVE-2015-4479}} {{CVE|CVE-2015-4480}} {{CVE|CVE-2015-4482}} {{CVE|CVE-2015-4483}} {{CVE|CVE-2015-4484}} {{CVE|CVE-2015-4485}} {{CVE|CVE-2015-4486}} {{CVE|CVE-2015-4487}} {{CVE|CVE-2015-4488}} {{CVE|CVE-2015-4489}} {{CVE|CVE-2015-4490}} {{CVE|CVE-2015-4491}} {{CVE|CVE-2015-4492}} {{CVE|CVE-2015-4493}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox40 templink] || {{pkg|firefox}} || 2015-08-11 || <= 39.0.3-1 || 40.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4]<br />
|-<br />
| {{CVE|CVE-2014-8121}} [https://access.redhat.com/security/cve/CVE-2014-8121 templink] || {{pkg|glibc}} || 2015-02-23 || <= 2.21-4 || 2.22-1 || ~180d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7]<br />
|-<br />
| {{CVE|CVE-2015-4680}} [http://www.ocert.org/advisories/ocert-2015-008.html templink] || {{pkg|freeradius}} || 2015-06-22 || <= 3.0.8-2 || 3.0.9-1 || ~50d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6]<br />
|-<br />
| {{CVE|CVE-2015-3184}} {{CVE|CVE-2015-3187}} [https://subversion.apache.org/security/CVE-2015-3184-advisory.txt templink] [https://subversion.apache.org/security/CVE-2015-3187-advisory.txt templink] || {{pkg|subversion}} || 2015-08-05 || <= 1.8.13-2 || 1.9.0-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5]<br />
|-<br />
| {{CVE|CVE-2015-6251}} [http://www.gnutls.org/security.html#GNUTLS-SA-2015-3 templink] || {{pkg|gnutls}} || 2015-08-10 || <= 3.4.3-1 || 3.4.4.1-1 || 10d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8]<br />
|-<br />
| {{CVE|CVE-2015-4495}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ templink] || {{pkg|firefox}} || 2015-08-06 || <= 39.0-1 || 39.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1]<br />
|-<br />
| {{CVE|CVE-2015-2213}} {{CVE|CVE-2015-5730}} {{CVE|CVE-2015-5731}} {{CVE|CVE-2015-5732}} {{CVE|CVE-2015-5733}} {{CVE|CVE-2015-5734}} [https://codex.wordpress.org/Version_4.2.4 templink] || {{pkg|wordpress}} || 2015-08-04 || <= 4.2.3-1 || 4.2.4.-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2]<br />
|-<br />
| {{CVE|CVE-2015-3245}} {{CVE|CVE-2015-3246}} [http://seclists.org/oss-sec/2015/q3/185 templink] || {{pkg|libuser}} || 2015-07-22 || <= 0.61-1 || 0.62-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19]<br />
|-<br />
| {{CVE|CVE-2015-5600}} [https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/ templink] || {{pkg|openssh}} || 2015-07-22 || <= 6.9p1-1 || 6.9p1-2 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17]<br />
|-<br />
| {{CVE|CVE-2015-1270}} {{CVE|CVE-2015-1271}} {{CVE|CVE-2015-1272}} {{CVE|CVE-2015-1273}} {{CVE|CVE-2015-1274}} {{CVE|CVE-2015-1276}} {{CVE|CVE-2015-1277}} {{CVE|CVE-2015-1278}} {{CVE|CVE-2015-1279}} {{CVE|CVE-2015-1280}} {{CVE|CVE-2015-1281}} {{CVE|CVE-2015-1282}} {{CVE|CVE-2015-1283}} {{CVE|CVE-2015-1284}} {{CVE|CVE-2015-1285}} {{CVE|CVE-2015-1286}} {{CVE|CVE-2015-1287}} {{CVE|CVE-2015-1288}} {{CVE|CVE-2015-1289}} [http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html templink] || {{pkg|chromium}} || 2015-07-21 || <= 43.0.2357.134-1 || 44.0.2403.89-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18]<br />
|-<br />
| {{CVE|CVE-2015-2590}} {{CVE|CVE-2015-2601}} {{CVE|CVE-2015-2613}} {{CVE|CVE-2015-2621}} {{CVE|CVE-2015-2625}} {{CVE|CVE-2015-2628}} {{CVE|CVE-2015-2632}} {{CVE|CVE-2015-2808}} {{CVE|CVE-2015-4000}} {{CVE|CVE-2015-4731}} {{CVE|CVE-2015-4732}} {{CVE|CVE-2015-4733}} {{CVE|CVE-2015-4748}} {{CVE|CVE-2015-4749}} {{CVE|CVE-2015-4760}} [http://blog.fuseyism.com/index.php/2015/07/21/security-icedtea-2-6-1-for-openjdk-7-released/ templink] || {{pkg|jre7-openjdk}} || 2015-07-21 || <= 7.u80_2.6.0-1 || 7.u85_2.6.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|lib32-flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14]<br />
|-<br />
| {{CVE|CVE-2015-5122}} {{CVE|CVE-2015-5123}} [https://helpx.adobe.com/security/products/flash-player/apsb15-18.html templink] || {{pkg|flashplugin}} || 2015-07-09 || <= 11.2.202.481-1 || 11.2.202.491-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13]<br />
|-<br />
| {{CVE|CVE-2015-0228}} {{CVE|CVE-2015-0253}} {{CVE|CVE-2015-3183}} {{CVE|CVE-2015-3185}} [http://www.apache.org/dist/httpd/CHANGES_2.4.16 templink] || {{pkg|apache}} || 2015-07-15 || <= 2.4.12-4 || 2.4.16-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15]<br />
|-<br />
| {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2738}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird38.1 templink] || {{pkg|thunderbird}} || 2015-07-09 || <= 38.0.1-1 || 38.1.0-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|lib32-openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12]<br />
|-<br />
| {{CVE|CVE-2015-1793}} [https://openssl.org/news/secadv_20150709.txt templink] || {{pkg|openssl}} || 2015-07-09 || <= 1.0.2.c-1 || 1.0.2.d-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8]<br />
|-<br />
| {{CVE|CVE-2014-0578}} {{CVE|CVE-2015-3114}} {{CVE|CVE-2015-3115}} {{CVE|CVE-2015-3116}} {{CVE|CVE-2015-3117}} {{CVE|CVE-2015-3118}} {{CVE|CVE-2015-3119}} {{CVE|CVE-2015-3120}} {{CVE|CVE-2015-3121}} {{CVE|CVE-2015-3122}} {{CVE|CVE-2015-3123}} {{CVE|CVE-2015-3124}} {{CVE|CVE-2015-3125}} {{CVE|CVE-2015-3126}} {{CVE|CVE-2015-3127}} {{CVE|CVE-2015-3128}} {{CVE|CVE-2015-3129}} {{CVE|CVE-2015-3130}} {{CVE|CVE-2015-3131}} {{CVE|CVE-2015-3132}} {{CVE|CVE-2015-3133}} {{CVE|CVE-2015-3134}} {{CVE|CVE-2015-3135}} {{CVE|CVE-2015-3136}} {{CVE|CVE-2015-3137}} {{CVE|CVE-2015-4428}} {{CVE|CVE-2015-4429}} {{CVE|CVE-2015-4430}} {{CVE|CVE-2015-4431}} {{CVE|CVE-2015-4432}} {{CVE|CVE-2015-4433}} {{CVE|CVE-2015-5116}} {{CVE|CVE-2015-5117}} {{CVE|CVE-2015-5118}} {{CVE|CVE-2015-5119}} [https://helpx.adobe.com/security/products/flash-player/apsb15-16.html templink] [https://www.kb.cert.org/vuls/id/561288 templink] || {{pkg|flashplugin}} || 2015-07-07 || <= 11.2.202.468-1 || 11.2.202.481-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7]<br />
|-<br />
| {{CVE|CVE-2015-4620}} [https://kb.isc.org/article/AA-01267/ templink] || {{pkg|bind}} || 2015-07-07 || <= 9.10.2.P1-1 || 9.10.2.P2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6]<br />
|-<br />
| {{CVE|CVE-2015-5382}} [http://www.openwall.com/lists/oss-security/2015/07/07/3 templink] || {{pkg|roundcubemail}} || 2015-07-06 || <= 1.1.1-1 || 1.1.2-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|lib32-krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11]<br />
|-<br />
| {{CVE|CVE-2014-5355}} {{CVE|CVE-2015-2694}} [http://krbdev.mit.edu/rt/NoAuth/krb5-1.13/fixed-1.13.2.html templink] || {{pkg|krb5}} || 2015-05-08 || <= 1.13.1-1 || 1.13.2-1 || 63d || Fixed ({{bug|45575}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10]<br />
|-<br />
| {{CVE|CVE-2015-3281}} [http://marc.info/?l=haproxy&m=143593901506748&w=2 templink] || {{pkg|haproxy}} || 2015-07-03 || <= 1.5.12-1 || 1.5.14-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3]<br />
|-<br />
| {{CVE|CVE-2015-2722}} {{CVE|CVE-2015-2724}} {{CVE|CVE-2015-2725}} {{CVE|CVE-2015-2726}} {{CVE|CVE-2015-2727}} {{CVE|CVE-2015-2728}} {{CVE|CVE-2015-2729}} {{CVE|CVE-2015-2731}} {{CVE|CVE-2015-2733}} {{CVE|CVE-2015-2734}} {{CVE|CVE-2015-2735}} {{CVE|CVE-2015-2736}} {{CVE|CVE-2015-2737}} {{CVE|CVE-2015-2739}} {{CVE|CVE-2015-2740}} {{CVE|CVE-2015-2741}} {{CVE|CVE-2015-2743}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-07-02 || <= 38.0.5 || 39.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2]<br />
|- <br />
| {{CVE|CVE-2015-5352}} [http://www.openwall.com/lists/oss-security/2015/07/01/10 templink] || {{pkg|openssh}} || 2015-06-29 || <= 6.8p1-3 || 6.9p1-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4]<br />
|-<br />
| {{CVE|CVE-2015-5146}} [http://support.ntp.org/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi templink] || {{pkg|ntp}} || 2015-06-29 || <= 4.2.8p2-1 || 4.2.8p3-1 || 8d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5]<br />
|-<br />
| {{CVE|CVE-2015-2141}} [https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2015-June/015585.html templink] [https://github.com/weidai11/cryptopp/commit/9425e16437439e68c7d96abef922167d68fafaff commit] || {{pkg|crypto++}} || 2015-06-28 || <= 5.6.2-2 || 5.6.2-3 || 28d || Fixed ({{bug|45498}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20]<br />
|-<br />
| {{CVE|CVE-2015-5073}} [https://bugs.exim.org/show_bug.cgi?id=1651 templink] [http://vcs.pcre.org/pcre?view=revision&revision=1571 commit] || {{pkg|pcre}} || 2015-06-26 || <= 8.37-2 || 8.37-3 || ~52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-5069}} {{CVE|CVE-2015-5070}} [http://www.openwall.com/lists/oss-security/2015/06/25/12 templink] || {{pkg|wesnoth}} || 2015-06-24 || <= 1.12.2-3 || 1.12.4-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1]<br />
|-<br />
| {{CVE|CVE-2015-3113}} [https://helpx.adobe.com/security/products/flash-player/apsb15-14.html templink] || {{pkg|flashplugin}} || 2015-06-23 || <= 11.2.202.466-1 || 11.2.202.468-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|lib32-curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 47d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2015-3236}} {{CVE|CVE-2015-3237}} [http://curl.haxx.se/docs/adv_20150617A.html templink] [http://curl.haxx.se/docs/adv_20150617B.html templink] || {{pkg|curl}} || 2015-06-17 || <= 7.42.1-1 || 7.43.0-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4]<br />
|-<br />
| {{CVE|CVE-2009-1364}} {{CVE|CVE-2006-3376}} {{CVE|CVE-2007-0455}} {{CVE|CVE-2007-2756}} {{CVE|CVE-2007-3472}} {{CVE|CVE-2007-3473}} {{CVE|CVE-2007-3477}} {{CVE|CVE-2009-3546}} {{CVE|CVE-2015-0848}} {{CVE|CVE-2015-4588}} {{CVE|CVE-2015-4695}} {{CVE|CVE-2015-4696}} [http://www.openwall.com/lists/oss-security/2015/06/16/4 templink] || {{pkg|libwmf}} || 2015-06-01 || <= 0.2.8.4-13 || || || '''Vulnerable''' ({{bug|49162}}) ||<br />
|-<br />
| {{CVE|CVE-2015-2325}} {{CVE|CVE-2015-2326}} {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://php.net/ChangeLog-5.php#5.6.10 templink] || {{pkg|php}} || 2015-06-11 || <= 5.6.9-2 || 5.6.10-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|libraw}} || 2015-05-11 || <= 0.16.0-3 || 0.16.1 || 5d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|dcraw}} || 2015-05-11 || <= 9.25.0-1 || 9.26.0-1 || ~1m || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|gimp-ufraw}} || 2015-05-11 || <= 0.21-1 || 0.22-1 || 45d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawtherapee}} || 2015-05-11 || <= 1:4.2-1 || 1:4.2+448.g26d182d-1 || ~5m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3885}} [http://www.ocert.org/advisories/ocert-2015-006.html templink] || {{pkg|rawstudio}} || 2015-05-11 || <= 2.0-12 || 2.0_git20160107-1 || ~11m || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1158}} {{CVE|CVE-2015-1159}} [http://www.cups.org/str.php?L4609 templink] || {{pkg|cups}} || 2015-06-08 || <= 2.0.2-4 || 2.0.3-1 || 1d || Fixed ({{bug|45279}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2]<br />
|-<br />
| {{CVE|CVE-2015-1788}} {{CVE|CVE-2015-1789}} {{CVE|CVE-2015-1790}} {{CVE|CVE-2015-1791}} {{CVE|CVE-2015-1792}} {{CVE|CVE-2015-4000}} [https://www.openssl.org/news/secadv_20150611.txt templink] [https://git.openssl.org/?p=openssl.git;a=commit;h=98ece4eebfb6cd45cc8d550c6ac0022965071afc templink] || {{pkg|openssl}} || 2015-06-11 || <= 1.0.2.a-1 || 1.0.2.b-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3]<br />
|-<br />
| {{CVE|CVE-2015-3210}} [https://bugs.exim.org/show_bug.cgi?id=1636 templink] || {{pkg|pcre}} || 2015-05-29 || <= 8.37-1 || 8.37-2 || 7d || Fixed ({{bug|45207}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1]<br />
|-<br />
| {{CVE|CVE-2015-3165}} {{CVE|CVE-2015-3166}} {{CVE|CVE-2015-3167}} [http://www.postgresql.org/about/news/1587/ templink] || {{pkg|postgresql}} || 2015-05-22 || <= 9.4.1-1 || 9.4.2-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17]<br />
|-<br />
| {{CVE|CVE-2015-4054}} [http://www.openwall.com/lists/oss-security/2015/05/22/5 templink] || {{pkg|pgbouncer}} || 2015-04-09 || <= 1.5.4-6 || 1.5.5-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16]<br />
|-<br />
| {{CVE|CVE-2015-1251}} {{CVE|CVE-2015-1252}} {{CVE|CVE-2015-1253}} {{CVE|CVE-2015-1254}} {{CVE|CVE-2015-1255}} {{CVE|CVE-2015-1256}} {{CVE|CVE-2015-1257}} {{CVE|CVE-2015-1258}} {{CVE|CVE-2015-1259}} {{CVE|CVE-2015-1260}} {{CVE|CVE-2015-1263}} {{CVE|CVE-2015-1264}} {{CVE|CVE-2015-1265}} [http://googlechromereleases.blogspot.fr/2015/05/stable-channel-update_19.html templink] || {{pkg|chromium}} || 2015-05-19 || <= 42.0.2311.135-1 || 43.0.2357.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14]<br />
|-<br />
| {{CVE|CVE-2015-3808}} {{CVE|CVE-2015-3809}} {{CVE|CVE-2015-3810}} {{CVE|CVE-2015-3811}} {{CVE|CVE-2015-3812}} {{CVE|CVE-2015-3813}} {{CVE|CVE-2015-3814}} {{CVE|CVE-2015-3815}} [https://wireshark.org/docs/relnotes/wireshark-1.12.5.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-qt}} {{pkg|wireshark-gtk}} || 2015-05-11 || <= 1.12.4-4 || 1.12.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12]<br />
|-<br />
| {{CVE|CVE-2015-3456}} [https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/ templink] || {{pkg|qemu}} || 2015-05-13 || <= 2.2.1-4 || 2.2.1-5 || 1d || Fixed ({{bug|44958}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9]<br />
|-<br />
| {{CVE|CVE-2014-0230}} [https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.44 templink] || {{pkg|tomcat6}} || 2015-04-09 || <= 6.0.43-2 || 6.0.44-1 || 34d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2716}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7 templink] || {{pkg|thunderbird}} || 2015-05-12 || <= 31.6.0-2 || 31.7.0-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13]<br />
|-<br />
| {{CVE|CVE-2015-2708}} {{CVE|CVE-2015-2709}} {{CVE|CVE-2015-2710}} {{CVE|CVE-2015-2711}} {{CVE|CVE-2015-2712}} {{CVE|CVE-2015-2713}} {{CVE|CVE-2015-2715}} {{CVE|CVE-2015-2716}} {{CVE|CVE-2015-2717}} {{CVE|CVE-2015-2718}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/#firefox38 templink] || {{pkg|firefox}} || 2015-05-12 || <= 37.0.2-1 || 38.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] <br />
|-<br />
| {{CVE|CVE-2015-3622}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=f979435 templink] || {{pkg|libtasn1}} || 2015-04-20 || <= 4.5-1 || 4.4-1 || 16d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb-clients}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4]<br />
|-<br />
| {{CVE|CVE-2014-8964}} {{CVE|CVE-2015-0499}} {{CVE|CVE-2015-0501}} {{CVE|CVE-2015-0505}} {{CVE|CVE-2015-2571}} [https://mariadb.com/kb/en/mariadb/mariadb-10018-release-notes/ templink] || {{pkg|mariadb}} || 2015-05-07 || <= 10.0.17-1 || 10.0.18-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3]<br />
|-<br />
| {{CVE|CVE-2015-3627}} {{CVE|CVE-2015-3629}} {{CVE|CVE-2015-3630}} {{CVE|CVE-2015-3631}} [http://seclists.org/oss-sec/2015/q2/389 templink] || {{pkg|docker}} || 2015-05-07 || <= 1:1.6.0-1 || 1:1.6.1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6]<br />
|-<br />
| {{CVE|CVE-2015-0847}} [http://sourceforge.net/p/nbd/mailman/message/34091218/ templink] || {{pkg|nbd}} || 2015-05-07 || <= 3.10-1 || 3.11-1 || 19d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15]<br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt5-base}} || 2015-04-13 || <= 5.4.1-5 || 5.4.2-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-1858}} {{CVE|CVE-2015-1859}} {{CVE|CVE-2015-1860}} [http://lists.qt-project.org/pipermail/announce/2015-April/000067.html templink] || {{pkg|qt4}} || 2015-04-13 || <= 4.8.6-6 || 4.8.7-1 || 50d || Fixed || None <br />
|-<br />
| {{CVE|CVE-2015-3414}} {{CVE|CVE-2015-3415}} {{CVE|CVE-2015-3416}} [http://seclists.org/fulldisclosure/2015/Apr/31 templink] || {{pkg|sqlite}} || 2015-04-24 || <= 3.8.8.3-1 || 3.8.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-2170}} {{CVE|CVE-2015-2221}} {{CVE|CVE-2015-2222}} {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2668}} [http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html templink] || {{pkg|clamav}} || 2015-04-29 || <= 0.98.6-1 || 0.98.7-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2]<br />
|-<br />
| {{CVE|CVE-2015-3455}} [http://www.openwall.com/lists/oss-security/2015/04/30/2 templink] || {{pkg|squid}} || 2015-04-29 || <= 3.5.3-2 || 3.5.4-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1]<br />
|-<br />
| {{CVE|CVE-2015-3451}} [http://www.openwall.com/lists/oss-security/2015/04/30/1 templink] || {{pkg|perl-xml-libxml}} || 2015-04-30 || <= 2.0118-3 || 2.0119-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32]<br />
|-<br />
| {{CVE|CVE-2015-3152}} [http://www.openwall.com/lists/oss-security/2015/04/29/4 templink] || {{pkg|mariadb}} {{pkg|mariadb-clients}} || 2015-04-29 || <= 10.0.17-2 || 10.0.20-1 || 52d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-3153}} [http://curl.haxx.se/docs/adv_20150429.html templink] || {{pkg|curl}} || 2015-04-29 || <= 7.42.0-1 || 7.42.1-1 || 29d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20]<br />
|-<br />
| {{CVE|CVE-2015-1243}} {{CVE|CVE-2015-1250}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_28.html templink] || {{pkg|chromium}} || 2015-04-28 || <= 42.0.2311.90-1 || 42.0.2311.135-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30]<br />
|-<br />
| {{CVE|CVE-2015-3420}} [http://seclists.org/oss-sec/2015/q2/288 templink] || {{pkg|dovecot}} || 2015-04-24 || <= 2.2.16-1 || 2.2.16-2 || 4d || Fixed ({{bug|44757}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns-recursor}} || 2015-04-23 || <= 3.7.1-1 || 3.7.2-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27]<br />
|-<br />
| {{CVE|CVE-2015-1868}} [https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/ templink] || {{pkg|powerdns}} || 2015-04-23 || <= 3.4.3-2 || 3.4.4-1 || 1d || Fixed ({{Bug|44708}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26]<br />
|-<br />
| {{CVE|CVE-2015-1863}} [http://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt templink] || {{pkg|wpa_supplicant}} || 2015-04-22 || <= 2.3-1 || 2.4-1 (1:2.3-1) || 2d || Fixed ({{Bug|44695}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29]<br />
|-<br />
| {{CVE|CVE-2015-1781}} [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2959eda9272a033863c271aff62095abd01bd4e3;hp=7bf8fb104226407b75103b95525364c4667c869f templink] || {{pkg|glibc}} || 2015-04-21 || <= 2.21-2 || 2.21-3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25]<br />
|-<br />
| {{CVE|CVE-2015-3143}} {{CVE|CVE-2015-3144}} {{CVE|CVE-2015-3145}} {{CVE|CVE-2015-3148}} [http://curl.haxx.se/docs/vuln-7.41.0.html templink] || {{pkg|curl}} || 2015-04-22 || <= 7.41.0-1 || 7.42.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28]<br />
|-<br />
| {{CVE|CVE-2015-2706}} [https://www.mozilla.org/en-US/security/advisories/mfsa2015-45/ templink] || {{pkg|firefox}} || 2015-04-20 || <= 37.0.1-3 || 37.0.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24]<br />
|-<br />
| {{CVE|CVE-2015-3138}} [https://github.com/the-tcpdump-group/tcpdump/issues/446 templink] || {{pkg|tcpdump}} || 2015-03-24 || <= 4.7.3-1 || 4.7.3-2 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20]<br />
|-<br />
| {{CVE|CVE-2015-0346}} {{CVE|CVE-2015-0347}} {{CVE|CVE-2015-0348}} {{CVE|CVE-2015-0349}} {{CVE|CVE-2015-0350}} {{CVE|CVE-2015-0351}} {{CVE|CVE-2015-0352}} {{CVE|CVE-2015-0353}} {{CVE|CVE-2015-0354}} {{CVE|CVE-2015-0355}} {{CVE|CVE-2015-0356}} {{CVE|CVE-2015-0357}} {{CVE|CVE-2015-0358}} {{CVE|CVE-2015-0359}} {{CVE|CVE-2015-0360}} {{CVE|CVE-2015-3038}} {{CVE|CVE-2015-3039}} {{CVE|CVE-2015-3040}} {{CVE|CVE-2015-3041}} {{CVE|CVE-2015-3042}} {{CVE|CVE-2015-3043}} {{CVE|CVE-2015-3044}} [https://helpx.adobe.com/security/products/flash-player/apsb15-06.html templink] || {{pkg|flashplugin}} || 2015-04-14 || <= 11.2.202.451-1 || 11.2.202.457-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18]<br />
|-<br />
| {{CVE|CVE-2015-1351}} {{CVE|CVE-2015-1352}} {{CVE|CVE-2015-2783}} {{CVE|CVE-2015-3330}} {{CVE|CVE-2015-3329}} [https://php.net/ChangeLog-5.php#5.6.8 templink] || {{pkg|php}} || 2015-04-17 || <= 5.6.7.-2 || 5.6.8-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0470}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-04-14 || <= 8.u40-1 || 8.u45-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23]<br />
|-<br />
| {{CVE|CVE-2015-0460}} {{CVE|CVE-2015-0469}} {{CVE|CVE-2015-0477}} {{CVE|CVE-2015-0478}} {{CVE|CVE-2015-0480}} {{CVE|CVE-2015-0488}} [http://blog.fuseyism.com/index.php/2015/04/15/security-icedtea-2-5-5-for-openjdk-7-released/ templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-04-14 || <= 7.u75_2.5.4-1 || 7.u79_2.5.5-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17]<br />
|-<br />
| {{CVE|CVE-2015-3310}} [http://www.openwall.com/lists/oss-security/2015/04/16/7 templink] || {{pkg|ppp}} || 2015-04-13 || <= 2.4.7-1 || 2.4.7-2 || ~4m || Fixed ({{bug|44607}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3]<br />
|-<br />
| {{CVE|CVE-2015-3308}} [http://www.openwall.com/lists/oss-security/2015/04/16/6 templink] || {{pkg|gnutls}} || 2015-03-30 || <= 3.3.13-1 || 3.3.14-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-1235}} {{CVE|CVE-2015-1236}} {{CVE|CVE-2015-1237}} {{CVE|CVE-2015-1238}} {{CVE|CVE-2015-1240}} {{CVE|CVE-2015-1241}} {{CVE|CVE-2015-1242}} {{CVE|CVE-2015-1244}} {{CVE|CVE-2015-1245}} {{CVE|CVE-2015-1246}} {{CVE|CVE-2015-1247}} {{CVE|CVE-2015-1248}} {{CVE|CVE-2015-1249}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update_14.html templink] || {{pkg|chromium}} || 2015-04-14 || <= 41.0.2272.118-2 || 42.0.2311.90-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19]<br />
|-<br />
| {{CVE|CVE-2015-1855}} [https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/ templink] || {{pkg|ruby}} || 2015-04-13 || <= 2.2.1-1 || 2.2.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13]<br />
|-<br />
| {{CVE|CVE-2015-3026}} [http://seclists.org/oss-sec/2015/q2/80 templink] || {{pkg|icecast}} || 2015-04-08 || <= 2.4.1-1 || 2.4.2-1 || 3d || Fixed ({{bug|44503}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12]<br />
|-<br />
| {{CVE|CVE-2015-1798}} [http://seclists.org/oss-sec/2015/q2/63 templink] || {{pkg|chrony}} || 2015-04-08 || <= 1.31-2 || 1.31.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9]<br />
|-<br />
| {{CVE|CVE-2015-1798}} {{CVE|CVE-2015-1799}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities templink] || {{pkg|ntp}} || 2015-04-07 || <= 4.2.8p1 || 4.2.8p2-1 || <1d || Fixed ({{bug|44492}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8]<br />
|-<br />
| {{CVE|CVE-2015-2931}} {{CVE|CVE-2015-2932}} {{CVE|CVE-2015-2933}} {{CVE|CVE-2015-2934}} {{CVE|CVE-2015-2935}} {{CVE|CVE-2015-2936}} {{CVE|CVE-2015-2937}} {{CVE|CVE-2015-2938}} {{CVE|CVE-2015-2939}} {{CVE|CVE-2015-2940}} {{CVE|CVE-2015-2941}} {{CVE|CVE-2015-2942}} [http://seclists.org/oss-sec/2015/q2/61 templink] || {{pkg|mediawiki}} || 2015-04-07 || <= 1.24.1-1 || 1.24.2-1 || 0d || Fixed ({{bug|44489}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11]<br />
|-<br />
| {{CVE|CVE-2015-2928}} {{CVE|CVE-2015-2929}} [http://seclists.org/oss-sec/2015/q2/56 templink] || {{pkg|tor}} || 2015-04-06 || <= 0.2.5.11-1 || 0.2.5.12-1 || <1d || Fixed ({{bug|44482}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7]<br />
|-<br />
| {{CVE|CVE-2015-0799}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-04-03 || <= 37.0-1 || 37.0.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4]<br />
|-<br />
| {{CVE|CVE-2015-1233}} {{CVE|CVE-2015-1234}} [http://googlechromereleases.blogspot.fr/2015/04/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-04-01 || <= 41.0.2272.101-1 || 41.0.2272.118-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-03-31 || <= 31.5.0-1 || 31.6.0-1|| 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6]<br />
|-<br />
| {{CVE|CVE-2015-0801}} {{CVE|CVE-2015-0802}} {{CVE|CVE-2015-0803}} {{CVE|CVE-2015-0804}} {{CVE|CVE-2015-0805}} {{CVE|CVE-2015-0806}} {{CVE|CVE-2015-0807}} {{CVE|CVE-2015-0808}} {{CVE|CVE-2015-0811}} {{CVE|CVE-2015-0812}} {{CVE|CVE-2015-0813}} {{CVE|CVE-2015-0814}} {{CVE|CVE-2015-0815}} {{CVE|CVE-2015-0816}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-31 || <= 36.0.4-1 || 37.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1]<br />
|-<br />
| {{CVE|CVE-2015-1817}} [http://www.openwall.com/lists/oss-security/2015/03/30/3 templink] || {{pkg|musl}} || 2015-03-29 || <= 1.1.7-1 || 1.1.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26]<br />
|-<br />
| {{CVE|CVE-2015-2782}} {{CVE|CVE-2015-0556}} {{CVE|CVE-2015-0557}} [http://www.openwall.com/lists/oss-security/2015/03/29/1 templink] || {{pkg|arj}} || 2015-03-28 || <= 3.10.22-8 || 3.10.22-10 || 10d || Fixed ({{bug|44411}}) ({{bug|44488}}) || None<br />
|-<br />
| {{CVE|CVE-2015-0250}} [http://seclists.org/fulldisclosure/2015/Mar/142 templink] || {{pkg|java-batik}} || 2015-03-17 || <= 1.7-12 || 1.8-1 || 17d || Fixed ({{bug|44410}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5]<br />
|-<br />
| {{CVE|CVE-2015-2806}} [http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=4d4f992826a4962790ecd0cce6fbba4a415ce149 templink] || {{pkg|libtasn1}} || 2015-03-29 || <= 4.3-1 || 4.4-1 || 5d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3]<br />
|-<br />
| {{CVE|CVE-2015-0817}} {{CVE|CVE-2015-0818}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-03-20 || <= 36.0.1-1 || 36.0.3-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21]<br />
|-<br />
| {{CVE|CVE-2015-2559}} [https://www.drupal.org/SA-CORE-2015-001 templink] || {{pkg|drupal}} || 2015-03-19 || <= 7.34-1 || 7.35-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18]<br />
|-<br />
| {{CVE|CVE-2015-0252}} [https://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt templink] || {{pkg|xerces-c}} || 2015-03-19 || <= 3.1.1-5 || 3.2.1-1 || 1d || Fixed ({{bug|44272}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19]<br />
|-<br />
| {{CVE|CVE-2015-2330}} [http://www.openwall.com/lists/oss-security/2015/03/18/4 templink] || {{pkg|webkitgtk}} {{pkg|webkitgtk2}} || 2015-03-17 || <= 2.4.8-1 || 2.4.9-1 || 30d || Fixed ({{bug|44237}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19]<br />
|-<br />
| {{CVE|CVE-2015-2305}} {{CVE|CVE-2015-2331}} {{CVE|CVE-2015-2348}} {{CVE|CVE-2015-2787}} [https://bugs.php.net/bug.php?id=69253 templink] || {{pkg|php}} || 2015-03-18 || <= 5.6.6-1 || 5.6.7-1 || 10d || Fixed ({{bug|44236}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25]<br />
|-<br />
| {{CVE|CVE-2015-0204}} {{CVE|CVE-2015-0207}} {{CVE|CVE-2015-0208}} {{CVE|CVE-2015-0209}} {{CVE|CVE-2015-0285}} {{CVE|CVE-2015-0286}} {{CVE|CVE-2015-0287}} {{CVE|CVE-2015-0288}} {{CVE|CVE-2015-0289}} {{CVE|CVE-2015-0290}} {{CVE|CVE-2015-0291}} {{CVE|CVE-2015-0293}} {{CVE|CVE-2015-1787}} [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=28a00bcd8e318da18031b2ac8778c64147cd54f9 commit-0288] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2b31fcc0b5e7329e13806822a5709dbd51c5c8a4 commit-0285] [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ba5d0113e8bcb26857ae58a11b219aeb7bc2408a commit-0209] [https://security-tracker.debian.org/tracker/CVE-2015-0288 Debian-Bug-tracker] [https://www.openssl.org/news/secadv_20150319.txt advisory] || {{pkg|openssl}} {{pkg|lib32-openssl}} || 2015-03-17 || <= 1.0.2-1 || 1.0.2.a-1 || 2d || Fixed ({{bug|44227}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17]<br />
|-<br />
| {{CVE|CVE-2015-1802}} {{CVE|CVE-2015-1803}} {{CVE|CVE-2015-1804}} [http://www.openwall.com/lists/oss-security/2015/03/17/5 templink] || {{pkg|libxfont}} || 2015-03-17 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed ({{bug|44226}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15]<br />
|-<br />
| {{CVE|CVE-2015-0332}} {{CVE|CVE-2015-0333}} {{CVE|CVE-2015-0334}} {{CVE|CVE-2015-0335}} {{CVE|CVE-2015-0336}} {{CVE|CVE-2015-0337}} {{CVE|CVE-2015-0338}} {{CVE|CVE-2015-0339}} {{CVE|CVE-2015-0340}} {{CVE|CVE-2015-0341}} {{CVE|CVE-2015-0342}} [https://helpx.adobe.com/security/products/flash-player/apsb15-05.html templink] || {{pkg|flashplugin}} || 2015-03-12 || <= 11.2.202.442-1 || 11.2.202.451-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11]<br />
|-<br />
| {{CVE|CVE-2014-9687}} [http://www.openwall.com/lists/oss-security/2015/02/10/10 templink] || {{pkg|ecryptfs-utils}} || 2015-02-10 || <= 104-1 || 106-1 || 37d || Fixed ({{bug|44157}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14]<br />
|-<br />
| {{CVE|CVE-2015-1782}} [http://www.libssh2.org/adv_20150311.html templink] || {{pkg|libssh2}} || 2015-03-11 || <= 1.4.3-1 || 1.5.0-1 || 29d || Fixed ({{bug|44146}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10]<br />
|-<br />
| {{CVE|CVE-2015-2241}} [https://www.djangoproject.com/weblog/2015/mar/09/security-releases/ templink] || {{pkg|python-django}} {{pkg|python2-django}} || 2015-03-09 || <= 1.7.5-1 || 1.7.6-1 || 2d || Fixed ({{bug|44122}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7]<br />
|-<br />
| {{CVE|CVE-2015-1212}} {{CVE|CVE-2015-1213}} {{CVE|CVE-2015-1214}} {{CVE|CVE-2015-1215}} {{CVE|CVE-2015-1216}} {{CVE|CVE-2015-1217}} {{CVE|CVE-2015-1218}} {{CVE|CVE-2015-1219}} {{CVE|CVE-2015-1220}} {{CVE|CVE-2015-1221}} {{CVE|CVE-2015-1222}} {{CVE|CVE-2015-1223}} {{CVE|CVE-2015-1224}} {{CVE|CVE-2015-1225}} {{CVE|CVE-2015-1226}} {{CVE|CVE-2015-1227}} {{CVE|CVE-2015-1228}} {{CVE|CVE-2015-1229}} {{CVE|CVE-2015-1230}} {{CVE|CVE-2015-1231}} [http://googlechromereleases.blogspot.fr/2015/03/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-03-03 || <= 40.0.2214.115-1 || 41.0.2272.76-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5]<br />
|-<br />
| {{CVE|CVE-2015-1572}} [https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 templink] || {{pkg|e2fsprogs}} || 2015-02-06 || <= 1.42.12-1 || 1.42.12-2 || 6d || Fixed ({{bug|44015}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8]<br />
|-<br />
| {{CVE|CVE-2015-2157}} [http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html templink] || {{pkg|putty}} || 2015-03-02 || <= 0.63-1 || 0.64-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1]<br />
|-<br />
| {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-02-24 || <= 31.4.0-1 || 31.5.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15]<br />
|-<br />
| {{CVE|CVE-2015-0819}} {{CVE|CVE-2015-0821}} {{CVE|CVE-2015-0822}} {{CVE|CVE-2015-0823}} {{CVE|CVE-2015-0824}} {{CVE|CVE-2015-0825}} {{CVE|CVE-2015-0826}} {{CVE|CVE-2015-0827}} {{CVE|CVE-2015-0829}} {{CVE|CVE-2015-0830}} {{CVE|CVE-2015-0831}} {{CVE|CVE-2015-0832}} {{CVE|CVE-2015-0834}} {{CVE|CVE-2015-0835}} {{CVE|CVE-2015-0836}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-02-24 || <= 35.0.1-1 || 36.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14]<br />
|-<br />
| {{CVE|CVE-2015-0240}} [https://www.samba.org/samba/history/samba-4.1.17.html templink] || {{pkg|samba}} || 2015-02-23 || <= 4.1.16-1 || 4.1.17-1 || <1d || Fixed ({{bug|43923}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13]<br />
|-<br />
| {{CVE|CVE-2014-9636}} [http://www.openwall.com/lists/oss-security/2014/11/02/2 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-10 || 75d || Fixed ({{bug|44171}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9]<br />
|-<br />
| {{CVE|CVE-2015-1315}} [http://www.openwall.com/lists/oss-security/2015/02/17/4 templink] || {{pkg|unzip}} || 2014-11-02 || <= 6.0-9 || 6.0-9 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9680}} [http://www.sudo.ws/sudo/alerts/tz.html templink] || {{pkg|sudo}} || 2015-02-09 || <= 1.8.12-1 || 1.8.12-1 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5352}} {{CVE|CVE-2014-5353}} {{CVE|CVE-2014-5354}} {{CVE|CVE-2014-9421}} {{CVE|CVE-2014-9422}} {{CVE|CVE-2014-9423}} [http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2015-001.txt templink] [http://www.openwall.com/lists/oss-security/2014/12/16/1 templink] || {{pkg|krb5}} || 2015-02-03 || <= 1.13-1 || 1.13.1-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] <br />
|-<br />
| {{CVE|CVE-2015-0255}} [http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/ templink] || {{pkg|xorg-server}} || 2015-02-10 || <= 1.16.3-2|| 1.16.4-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11]<br />
|-<br />
| {{CVE|CVE-2015-1191}} [http://www.openwall.com/lists/oss-security/2015/01/18/3 templink] || {{pkg|pigz}} || 2015-01-18 || <= 2.3.1-1 || 2.3.3-1 || 21d || Fixed ({{bug|43748}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9]<br />
|-<br />
| {{CVE|CVE-2015-0245}} [http://lists.freedesktop.org/archives/dbus/2015-February/016553.html templink] || {{pkg|dbus}} || 2015-02-09 || <= 1.8.14-1 || 1.8.16-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10]<br />
|-<br />
| {{CVE|CVE-2015-1472}} {{CVE|CVE-2015-1473}} || {{pkg|glibc}} || 2015-02-05 || <= 2.20-6 || 2.21-1 ||4d || Fixed ({{bug|43747}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8]<br />
|-<br />
| {{CVE|CVE-2014-9297}} {{CVE|CVE-2014-9298}} [http://support.ntp.org/bin/view/Main/SecurityNotice#vallen_is_not_validated_in_sever templink] [http://support.ntp.org/bin/view/Main/SecurityNotice#1_can_be_spoofed_on_some_OSes_so templink]|| {{pkg|ntp}} || 2015-02-04 || <= 4.2.8-1 || 4.2.8.p1-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7]<br />
|-<br />
| {{CVE|CVE-2014-9328}} || {{pkg|clamav}} || 2015-01-28 || <= 0.98.5-1 || 0.98.6-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6]<br />
|-<br />
| {{CVE|CVE-2015-1209}} {{CVE|CVE-2015-1210}} {{CVE|CVE-2015-1211}} {{CVE|CVE-2015-1212}} [http://googlechromereleases.blogspot.fr/2015/02/stable-channel-update.html templink] || {{pkg|chromium}} || 2015-02-05 || <= 40.0.2214.94-1 || 40.0.2214.111-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5]<br />
|-<br />
| {{CVE|CVE-2015-0313}} {{CVE|CVE-2015-0314}} {{CVE|CVE-2015-0315}} {{CVE|CVE-2015-0316}} {{CVE|CVE-2015-0317}} {{CVE|CVE-2015-0318}} {{CVE|CVE-2015-0319}} {{CVE|CVE-2015-0320}} {{CVE|CVE-2015-0321}} {{CVE|CVE-2015-0322}} {{CVE|CVE-2015-0323}} {{CVE|CVE-2015-0324}} {{CVE|CVE-2015-0325}} {{CVE|CVE-2015-0326}} {{CVE|CVE-2015-0327}} {{CVE|CVE-2015-0328}} {{CVE|CVE-2015-0329}} {{CVE|CVE-2015-0330}} [https://helpx.adobe.com/security/products/flash-player/apsb15-04.html templink] || {{pkg|flashplugin}} || 2015-02-05 || <= 11.2.202.440-1 || 11.2.202.442-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2]<br />
|-<br />
| {{CVE|CVE-2014-8161}} {{CVE|CVE-2015-0241}} {{CVE|CVE-2015-0243}} {{CVE|CVE-2015-0244}} [http://www.postgresql.org/docs/9.4/static/release-9-4-1.html templink] || {{pkg|postgresql}} || 2015-02-05 || <= 9.4.0-1 || 9.4.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4]<br />
|-<br />
| {{CVE|CVE-2015-1380}} {{CVE|CVE-2015-1381}} {{CVE|CVE-2015-1382}} [http://seclists.org/oss-sec/2015/q1/285 templink] || {{pkg|privoxy}} || 2015-01-26 || <= 3.0.22-1 || 3.0.23-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1]<br />
|-<br />
| {{CVE|CVE-2015-0235}} [https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-0235 templink] || {{pkg|glibc}} || 2015-01-27 || < 2.18-1 || 2.18-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2015-0311}} {{CVE|CVE-2015-0301}} {{CVE|CVE-2015-0302}} {{CVE|CVE-2015-0303}} {{CVE|CVE-2015-0304}} {{CVE|CVE-2015-0305}} {{CVE|CVE-2015-0306}} {{CVE|CVE-2015-0307}} {{CVE|CVE-2015-0308}} {{CVE|CVE-2015-0309}} [https://helpx.adobe.com/security/products/flash-player/apsb15-01.html templink] || {{pkg|flashplugin}} || 2015-01-23 || <= 11.2.202.438-1 || 11.2.202.440-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22]<br />
|-<br />
| {{CVE|CVE-2015-0231}} {{CVE|CVE-2014-9427}} {{CVE|CVE-2015-0232}} [https://bugs.php.net/bug.php?id=68710 templink] [https://bugs.php.net/bug.php?id=68618 templink] [https://bugs.php.net/bug.php?id=68799 templink] || {{pkg|php}} || 2015-01-22 || <= 5.6.4-1 || 5.6.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17]<br />
|-<br />
| {{CVE|CVE-2014-9638}} {{CVE|CVE-2014-9639}} {{CVE|CVE-2014-9640}} [http://www.openwall.com/lists/oss-security/2015/01/22/9 templink] || {{pkg|vorbis-tools}} || 2015-01-21 || <= 1.4.0-4 || 1.4.0-5 || 64d || Fixed ({{bug|44172}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24]<br />
|-<br />
| {{CVE|CVE-2015-1345}} [http://seclists.org/oss-sec/2015/q1/179 templink] || {{pkg|grep}} || 2015-01-18 || <= 2.21-1 || 2.21-2 || 46d || Fixed ({{bug|44017}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4]<br />
|-<br />
| {{CVE|CVE-2014-7923}} {{CVE|CVE-2014-7924}} {{CVE|CVE-2014-7925}} {{CVE|CVE-2014-7926}} {{CVE|CVE-2014-7927}} {{CVE|CVE-2014-7928}} {{CVE|CVE-2014-7930}} {{CVE|CVE-2014-7931}} {{CVE|CVE-2014-7929}} {{CVE|CVE-2014-7932}} {{CVE|CVE-2014-7933}} {{CVE|CVE-2014-7934}} {{CVE|CVE-2014-7935}} {{CVE|CVE-2014-7936}} {{CVE|CVE-2014-7937}} {{CVE|CVE-2014-7938}} {{CVE|CVE-2014-7939}} {{CVE|CVE-2014-7940}} {{CVE|CVE-2014-7941}} {{CVE|CVE-2014-7942}} {{CVE|CVE-2014-7943}} {{CVE|CVE-2014-7944}} {{CVE|CVE-2014-7945}} {{CVE|CVE-2014-7946}} {{CVE|CVE-2014-7947}} {{CVE|CVE-2014-7948}} {{CVE|CVE-2015-1205}} [http://googlechromereleases.blogspot.fr/2015/01/stable-update.html templink] || {{pkg|chromium}} || 2015-01-22 || <= 39.0.2171.99-1 || 40.0.2214.91-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6549}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0400}} {{CVE|CVE-2015-0403}} {{CVE|CVE-2015-0406}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} {{CVE|CVE-2015-0413}} {{CVE|CVE-2015-0421}} {{CVE|CVE-2015-0437}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk8-openjdk}} {{pkg|jre8-openjdk}} {{pkg|jre8-openjdk-headless}} || 2015-01-22 || <= 8.u25-2 || 8.u31-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16]<br />
|-<br />
| {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-6585}} {{CVE|CVE-2014-6587}} {{CVE|CVE-2014-6591}} {{CVE|CVE-2014-6593}} {{CVE|CVE-2014-6601}} {{CVE|CVE-2015-0383}} {{CVE|CVE-2015-0395}} {{CVE|CVE-2015-0407}} {{CVE|CVE-2015-0408}} {{CVE|CVE-2015-0410}} {{CVE|CVE-2015-0412}} [http://www.oracle.com/technetwork/topics/security/cpujan2015verbose-1972976.html#JAVA templink] || {{pkg|jdk7-openjdk}} {{pkg|jre7-openjdk}} {{pkg|jre7-openjdk-headless}} || 2015-01-22 || <= 7.u71_2.5.3-3 || || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20]<br />
|-<br />
| {{CVE|CVE-2014-8157}} {{CVE|CVE-2014-8158}} [http://seclists.org/oss-sec/2015/q1/210 templink] || {{pkg|jasper}} || 2015-01-22 || <= 1.900.1-12 || 1.900.1-13 || 5d || Fixed ({{bug|43592}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23]<br />
|-<br />
| {{CVE|CVE-2014-8132}} [http://www.libssh.org/2014/12/19/libssh-0-6-4-security-and-bugfix-release/ templink] || {{pkg|libssh}} || 2014-12-19 || <= 0.6.3-1 || 0.6.4-1 || 26d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12]<br />
|-<br />
| {{CVE|CVE-2015-1182}} [https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 templink] || {{pkg|polarssl}} || 2012-09-19 || <= 1.3.9-1 || 1.3.9-2 || 1d || Fixed ({{bug|43508}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13]<br />
|-<br />
| {{CVE|CVE-2012-3505}} [http://www.openwall.com/lists/oss-security/2012/08/18/1 templink] || {{pkg|tinyproxy}} || 2012-09-10 || <= 1.8.3-1 || 1.8.4-1 || > 740d || Fixed ({{bug|38400}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|elfutils}} || 2015-01-19 || <= 0.161-2 || 0.161-3 || 42d || Fixed ({{bug|44019}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2]<br />
|-<br />
| {{CVE|CVE-2014-9447}} [https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e templink] || {{pkg|lib32-elfutils}} || 2015-01-19 || <= 0.161-1 || 0.161-2 || 42d || Fixed ({{bug|44020}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3]<br />
|-<br />
| {{CVE|CVE-2014-8143}} [https://www.samba.org/samba/security/CVE-2014-8143 templink] || {{pkg|samba}} || 2015-01-15 || <= 4.1.15-1 || 4.1.16-1 || 4d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10]<br />
|-<br />
| {{CVE|CVE-2015-1197}} [http://www.openwall.com/lists/oss-security/2015/01/18/7 templink] || {{pkg|cpio}} || 2015-01-16 || <= 2.11-5 || 2.11-6 || 65d || Fixed ({{bug|44173}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22]<br />
|-<br />
| {{CVE|CVE-2015-1196}} {{CVE|CVE-2014-9637}} [http://www.openwall.com/lists/oss-security/2015/01/18/6 templink] [https://savannah.gnu.org/bugs/?44051 templink] || {{pkg|patch}} || 2015-01-14 || <= 2.7.1-3 || 2.7.3-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24]<br />
|-<br />
| {{CVE|CVE-2014-9571}} {{CVE|CVE-2014-9572}} {{CVE|CVE-2014-9573}} {{CVE|CVE-2014-9624}} {{CVE|CVE-2015-1042}} [http://www.openwall.com/lists/oss-security/2015/01/17/1 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/3 templink] [http://www.openwall.com/lists/oss-security/2015/01/17/2 templink] [http://www.openwall.com/lists/oss-security/2015/01/18/11 templink] || {{pkg|mantisbt}} || 2015-01-17 || <= 1.2.18-1 || 1.2.19-1 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ templink] || {{pkg|thunderbird}} || 2015-01-13 || <= 31.3.0-1 || 31.4.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7]<br />
|-<br />
| {{CVE|CVE-2014-8634}} {{CVE|CVE-2014-8635}} {{CVE|CVE-2014-8636}} {{CVE|CVE-2014-8637}} {{CVE|CVE-2014-8638}} {{CVE|CVE-2014-8639}} {{CVE|CVE-2014-8640}} {{CVE|CVE-2014-8641}} {{CVE|CVE-2014-8642}} [https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2015-01-13 || <= 34.0.5-1 || 35.0-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6]<br />
|-<br />
| {{CVE|CVE-2014-3571}} {{CVE|CVE-2015-0206}} {{CVE|CVE-2014-3569}} {{CVE|CVE-2014-3572}} {{CVE|CVE-2015-0205}} {{CVE|CVE-2014-8275}} {{CVE|CVE-2014-3570}} [https://www.openssl.org/news/secadv_20150108.txt templink] || {{pkg|openssl}} || 2015-01-08 || <= 1.0.1.j-1 || 1.0.1.k-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2]<br />
|-<br />
| {{CVE|CVE-2014-8150}} [http://curl.haxx.se/docs/adv_20150108B.html templink] || {{pkg|curl}} || 2015-01-08 || <= 7.39.0-1 || 7.40.0-1 || 10d || Fixed ({{bug|43379}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9]<br />
|-<br />
| {{CVE|CVE-2014-6272}} [http://archives.seul.org/libevent/users/Jan-2015/msg00010.html templink] || {{pkg|libevent}} || 2015-01-05 || <= 2.0.21-3 || 2.0.22-1 || 7d || Fixed ({{bug|43366}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] <br />
|-<br />
| {{CVE|CVE-2014-8139}} {{CVE|CVE-2014-8140}} {{CVE|CVE-2014-8141}} [http://www.ocert.org/advisories/ocert-2014-011.html templink] || {{pkg|unzip}} || 2014-12-22 || <= 6.0-7 || 6.0-9 || 17d || Fixed ({{bug|43300}}) ({{bug|43391}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3]<br />
|-<br />
| {{CVE|CVE-2014-6395}} {{CVE|CVE-2014-6396}} {{CVE|CVE-2014-9376}} {{CVE|CVE-2014-9377}} {{CVE|CVE-2014-9378}} {{CVE|CVE-2014-9379}} {{CVE|CVE-2014-9380}} {{CVE|CVE-2014-9381}} [https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/ templink] || {{pkg|ettercap}} {{pkg|ettercap-gtk}} || 2014-12-16 || <= 0.8.1-2 || 0.8.2-1 || 89d || Fixed ({{bug|44174}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13]<br />
|-<br />
| {{CVE|CVE-2014-9425}} [https://bugs.php.net/bug.php?id=68676 templink] || {{pkg|php}} || 2014-12-29 || <= 5.6.4-1 || 5.6.5-1 || 6d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9295}} {{CVE|CVE-2014-9296}} [http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata templink] || {{pkg|ntp}} || 2014-12-19 || < 4.2.8-1 || 4.2.8-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24]<br />
|-<br />
| {{CVE|CVE-2014-8142}} [https://bugzilla.redhat.com/show_bug.cgi?id=1175718 templink] || {{pkg|php}} || 2014-12-18 || <= 5.6.3-1 || 5.6.4-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23]<br />
|-<br />
| {{CVE|CVE-2014-8137}} {{CVE|CVE-2011-4516}} {{CVE|CVE-2011-4517}} [https://marc.info/?l=oss-security&m=141891163026757&w=2 templink] || {{pkg|jasper}} || 2014-12-18 || <= 1.900.1-11 || 1.900.1-12 || 1d || Fixed ({{bug|43155}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2014-9029}} [https://marc.info/?l=oss-security&m=141770163916268&w=2 templink] || {{pkg|jasper}} || 2014-12-04 || <= 1.900.1-10 || 1.900.1-12 || 6d || Fixed ({{bug|43044}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22]<br />
|-<br />
| {{CVE|CVE-2012-3406}} {{CVE|CVE-2014-9402}} [http://www.openwall.com/lists/oss-security/2014/12/18/1 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-12-17 || <= 2.20-4 || 2.20-5 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21]<br />
|-<br />
| {{CVE|CVE-2014-9253}} [http://seclists.org/oss-sec/2014/q4/1050 templink] || {{pkg|dokuwiki}} || 2014-12-15 || <= 20140929_a-1 || 20140929_b-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19]<br />
|-<br />
| {{CVE|CVE-2014-3580}} {{CVE|CVE-2014-8108}} [https://subversion.apache.org/security/CVE-2014-3580-advisory.txt templink] [https://subversion.apache.org/security/CVE-2014-8108-advisory.txt templink] || {{pkg|subversion}} || 2014-12-16 || <= 1.8.10-1 || 1.8.11-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17]<br />
|-<br />
| {{CVE|CVE-2014-9356}} {{CVE|CVE-2014-9357}} {{CVE|CVE-2014-9358}} [http://www.securityfocus.com/archive/1/534215 templink] || {{pkg|docker}} || 2014-12-12 || <= 1:1.3.2-1 || 1:1.4.0-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16]<br />
|-<br />
| {{CVE|CVE-2013-1752}} {{CVE|CVE-2013-1753}} {{CVE|CVE-2014-9365}} [https://hg.python.org/cpython/raw-file/v2.7.9/Misc/NEWS templink] || {{pkg|python2}} || 2014-12-11 || <= 2.7.8-1 || 2.7.9-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15]<br />
|-<br />
| {{CVE|CVE-2014-0580}} {{CVE|CVE-2014-0587}} {{CVE|CVE-2014-8443}} {{CVE|CVE-2014-9162}} {{CVE|CVE-2014-9163}} {{CVE|CVE-2014-9164}} [https://helpx.adobe.com/security/products/flash-player/apsb14-27.html templink] || {{pkg|flashplugin}} || 2014-12-09 || <= 11.2.202.424-1 || 11.2.202.425-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13]<br />
|-<br />
| {{CVE|CVE-2014-8091}} {{CVE|CVE-2014-8092}} {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8094}} {{CVE|CVE-2014-8095}} {{CVE|CVE-2014-8096}} {{CVE|CVE-2014-8097}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8099}} {{CVE|CVE-2014-8100}} {{CVE|CVE-2014-8101}} {{CVE|CVE-2014-8102}} {{CVE|CVE-2014-8103}} [http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ templink] || {{pkg|xorg-server}} || 2014-12-09 || <= 1.16.2-1 || 1.16.2.901-1 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia}} {{pkg|nvidia-lts}} || 2014-12-09 || <= 343.22-6 || 343.36-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-340xx}} {{pkg|nvidia-340xx-lts}} || 2014-12-09 || <= 340.58-3 || 340.65-1 || 3d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11]<br />
|-<br />
| {{CVE|CVE-2014-8093}} {{CVE|CVE-2014-8098}} {{CVE|CVE-2014-8298}} [https://nvidia.custhelp.com/app/answers/detail/a_id/3610 templink] || {{pkg|nvidia-304xx}} {{pkg|nvidia-304xx-lts}} || 2014-12-09 || < 304.125-1 || 304.125-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10]<br />
|-<br />
| {{CVE|CVE-2014-8601}} [http://doc.powerdns.com/md/security/powerdns-advisory-2014-02/ templink] || {{pkg|powerdns-recursor}} || 2014-12-09 || <= 3.6.1-1 || 3.6.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9]<br />
|-<br />
| {{CVE|CVE-2014-8602}} [https://unbound.net/downloads/CVE-2014-8602.txt templink] || {{pkg|unbound}} || 2014-12-09 || <= 1.5.0-1 || 1.5.1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8]<br />
|-<br />
| {{CVE|CVE-2014-8500}} {{CVE|CVE-2014-8680}} [http://svnweb.freebsd.org/ports?view=revision&revision=374305 templink] || {{pkg|bind}} || 2014-12-08 || <= 9.10.1-2 || 9.10.1.P1-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7]<br />
|-<br />
| {{CVE|CVE-2014-9274}} {{CVE|CVE-2014-9275}} [http://seclists.org/oss-sec/2014/q4/904 templink] || {{pkg|unrtf}} || 2014-12-04 || <= 0.21.5-1 || 0.21.7-1 || 10d || Fixed ({{bug|43131}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20]<br />
|-<br />
| {{CVE|CVE-2014-1587}} {{CVE|CVE-2014-1588}} {{CVE|CVE-2014-1589}} {{CVE|CVE-2014-1590}} {{CVE|CVE-2014-1591}} {{CVE|CVE-2014-1592}} {{CVE|CVE-2014-1593}} {{CVE|CVE-2014-1594}} {{CVE|CVE-2014-8631}} {{CVE|CVE-2014-8632}} [https://www.mozilla.org/fr/security/known-vulnerabilities/firefox/ templink] || {{pkg|firefox}} || 2014-12-02 || <= 33.1.1-1 || 34.0.5-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3]<br />
|-<br />
| {{CVE|CVE-2014-9157}} [http://seclists.org/oss-sec/2014/q4/872 templink] || {{pkg|graphviz}} || 2014-11-25 || <= 2.38.0-2 || 2.38.0-3 || 8d || Fixed ({{bug|42983}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4]<br />
|-<br />
| {{CVE|CVE-2014-8123}} [http://seclists.org/oss-sec/2014/q4/874 templink] || {{pkg|antiword}} || 2014-12-01 || <= 0.37-4 || 0.37-5 || 3d || Fixed ({{bug|42982}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5]<br />
|-<br />
| {{CVE|CVE-2014-8104}} [https://forums.openvpn.net/topic17625.html templink] || {{pkg|openvpn}} || 2014-11-30 || <= 2.3.5-1 || 2.3.6-1 || 4d || Fixed ({{bug|42975}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|gnupg}} || 2014-11-25 || <= 2.1.0-5 || 2.1.0-6 || 4d || Fixed ({{bug|42943}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1]<br />
|-<br />
| {{CVE|CVE-2014-9087}} [http://seclists.org/oss-sec/2014/q4/801 templink] || {{pkg|libksba}} || 2014-11-25 || <= 1.3.1-1 || 1.3.2-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31]<br />
|-<br />
| {{CVE|CVE-2014-9114}} [http://seclists.org/oss-sec/2014/q4/819 templink] || {{pkg|util-linux}} || 2014-11-27 || <= 2.25.2-1 || 2.26.1-3 || 117d || Fixed ({{bug|43886}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23]<br />
|-<br />
| {{CVE|CVE-2014-9112}} [http://seclists.org/oss-sec/2014/q4/818 templink] || {{pkg|cpio}} || 2014-11-26 || <= 2.11-4 || 2.11-5 || 20d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5]<br />
|-<br />
| {{CVE|CVE-2014-9116}} [http://seclists.org/oss-sec/2014/q4/835 templink] || {{pkg|mutt}} || 2014-11-27 || <= 1.5.23-1 || 1.5.23-2 || 71d || Fixed ({{bug|44110}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6]<br />
|-<br />
| {{CVE|CVE-2014-9093}} [https://bugs.freedesktop.org/show_bug.cgi?id=86449 templink] || {{pkg|libreoffice-fresh}} || 2014-11-19 || <= 4.3.4-1 ||4.3.5-1 || 31d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-9092}} [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114 templink] || {{pkg|libjpeg-turbo}} || 2014-11-26 || <= 1.3.1-2 || 1.3.1-3 || 2d || Fixed ({{bug|42922}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33]<br />
|-<br />
| {{CVE|CVE-2014-9272}} {{CVE|CVE-2014-9270}} {{CVE|CVE-2014-8987}} {{CVE|CVE-2014-9271}} {{CVE|CVE-2014-9281}} {{CVE|CVE-2014-8986}} {{CVE|CVE-2014-9269}} {{CVE|CVE-2014-9280}} {{CVE|CVE-2014-9089}} {{CVE|CVE-2014-9279}} {{CVE|CVE-2014-8988}} {{CVE|CVE-2014-8553}} {{CVE|CVE-2014-6387}} {{CVE|CVE-2014-6316}} {{CVE|CVE-2014-9117}} [https://www.mantisbt.org/bugs/view.php?id=17841 templink] [https://www.mantisbt.org/bugs/view.php?id=17811 templink] [http://seclists.org/oss-sec/2014/q4/955 templink] || {{pkg|mantisbt}} || 2014-11-25 || <= 1.2.17-4 || 1.2.18-1 || 13d || Fixed ({{bug|42920}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6]<br />
|-<br />
| {{CVE|CVE-2014-9090}} [https://marc.info/?l=oss-security&m=141698775601426&w=2 templink] || {{pkg|linux}} {{pkg|linux-lts}} || 2014-11-26 || <= 3.18-rc6 || 3.19 || - || Invalid || None<br />
|-<br />
| {{CVE|CVE-2014-9018}} {{CVE|CVE-2014-9091}} [http://seclists.org/oss-sec/2014/q4/694 templink] || {{pkg|icecast}} || 2014-11-20 || <= 2.4.0-1 || 2.4.1-1 || 8d || Fixed ({{bug|42912}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32]<br />
|-<br />
| {{CVE|CVE-2014-8964}} [http://bugs.exim.org/show_bug.cgi?id=1546 templink] || {{pkg|pcre}} || 2014-11-18 || <= 8.36-1 || 8.36-2 || 8d || Fixed ({{bug|42860}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29]<br />
|-<br />
| {{CVE|CVE-2014-8962}} {{CVE|CVE-2014-9028}} [http://www.ocert.org/advisories/ocert-2014-008.html templink] || {{pkg|flac}} || 2014-11-25 || <= 1.3.0-4 || 1.3.0-5 || < 1d || Fixed ({{bug|42898}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30]<br />
|-<br />
| {{CVE|CVE-2014-7899}} {{CVE|CVE-2014-7900}} {{CVE|CVE-2014-7901}} {{CVE|CVE-2014-7902}} {{CVE|CVE-2014-7903}} {{CVE|CVE-2014-7904}} {{CVE|CVE-2014-7906}} {{CVE|CVE-2014-7907}} {{CVE|CVE-2014-7908}} {{CVE|CVE-2014-7909}} {{CVE|CVE-2014-7910}} [http://googlechromereleases.blogspot.in/2014/11/stable-channel-update_18.html templink] || {{pkg|chromium}} || 2014-11-20 || <= 38.0.2125.122-1 || 39.0.2171.65-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26]<br />
|-<br />
| {{CVE|CVE-2014-9015}} {{CVE|CVE-2014-9016}} [http://seclists.org/oss-sec/2014/q4/697 templink] || {{pkg|drupal}} || 2014-11-19 || <= 7.33-1 || 7.34-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25]<br />
|-<br />
| {{CVE|CVE-2013-6497}} [http://seclists.org/oss-sec/2014/q4/673 templink] || {{pkg|clamav}} || 2014-11-18 || <= 0.98.4-1 || 0.98.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21]<br />
|-<br />
| {{CVE|CVE-2014-7817}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17625 templink] || {{pkg|glibc}} {{pkg|lib32-glibc}} || 2014-11-19 || <= 2.20-2 || 2.20.3 || 2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27]<br />
|-<br />
| {{CVE|CVE-2014-8600}} [https://www.kde.org/info/security/advisory-20141113-1.txt templink] || {{pkg|kwebkitpart}} || 2014-11-18 || <= 1.3.4-2 || 1.3.4-3 || 4d || Fixed ({{bug|44170}} {{bug|42775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-8767}} {{CVE|CVE-2014-8768}} {{CVE|CVE-2014-8769}} {{CVE|CVE-2014-9140}} {{CVE|CVE-2015-0261}} {{CVE|CVE-2015-2153}} {{CVE|CVE-2015-2154}} {{CVE|CVE-2015-2155}} [http://www.securityfocus.com/archive/1/534011/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534010/30/0/threaded templink] [http://www.securityfocus.com/archive/1/534009/30/0/threaded templink] [https://github.com/the-tcpdump-group/tcpdump/commit/0f95d441e4b5d7512cc5c326c8668a120e048eda templink] || {{pkg|tcpdump}} || 2014-11-18 || <= 4.6.2-1 || 4.7.3-1 || 88d || Fixed ({{bug|44153}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20]<br />
|-<br />
| {{CVE|CVE-2014-8090}} || {{pkg|ruby}} || 2014-11-13 || <= 2.1.4-1 || 2.1.5-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16]<br />
|-<br />
| {{CVE|CVE-2014-7823}} || {{pkg|libvirt}} || 2014-11-13 || <= 1.2.10-1 ||1.2.11-1 ||33d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8710}} {{CVE|CVE-2014-8711}} {{CVE|CVE-2014-8712}} {{CVE|CVE-2014-8713}} {{CVE|CVE-2014-8714}} [https://www.wireshark.org/security/wnpa-sec-2014-20.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-21.html templink] [https://www.wireshark.org/security/wnpa-sec-2014-22.html templink] || {{pkg|wireshark-cli}} {{pkg|wireshark-gtk}} {{pkg|wireshark-qt}} || 2014-11-13 || <= 1.12.1-1 || 1.12.2-1 || 7d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24]<br />
|-<br />
| {{CVE|CVE-2014-0573}} {{CVE|CVE-2014-0574}} {{CVE|CVE-2014-0576}} {{CVE|CVE-2014-0577}} {{CVE|CVE-2014-0581}} {{CVE|CVE-2014-0582}} {{CVE|CVE-2014-0583}} {{CVE|CVE-2014-0584}} {{CVE|CVE-2014-0585}} {{CVE|CVE-2014-0586}} {{CVE|CVE-2014-0588}} {{CVE|CVE-2014-0589}} {{CVE|CVE-2014-0590}} {{CVE|CVE-2014-8437}} {{CVE|CVE-2014-8438}} {{CVE|CVE-2014-8440}} {{CVE|CVE-2014-8441}} {{CVE|CVE-2014-8442}} [https://helpx.adobe.com/security/products/flash-player/apsb14-24.html templink] || {{pkg|flashplugin}} || 2014-11-11 || <= 11.2.202.411-1 || 11.2.202.418-1 || <1d || Fixed ({{bug|42769}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|php}} || 2014-10-29 || <= 5.6.2-2 || 5.6.3-1 || 14d || Fixed ({{bug|42764}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13]<br />
|-<br />
| {{CVE|CVE-2014-8564}} [http://www.gnutls.org/security.html#GNUTLS-SA-2014-5 templink]|| {{pkg|gnutls}} || 2014-11-10 || <= 3.3.9-1 ||3.3.10-1 ||<1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10]<br />
|-<br />
| {{CVE|CVE-2014-8716}} [http://seclists.org/oss-sec/2014/q4/591 templink]|| {{pkg|imagemagick}} || 2014-11-12 || <= 6.8.9.9-1 || 6.8.9.10-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12]<br />
|-<br />
| {{CVE|CVE-2014-3710}} [https://bugzilla.redhat.com/show_bug.cgi?id=1155071 templink] || {{pkg|file}} || 2014-10-29 || <= 5.20-1 || 5.20-2 || 12d || Fixed ({{bug|42759}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9]<br />
|-<br />
| {{CVE|CVE-2014-1569}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1064670 templink] || {{pkg|nss}} || 2014-11-07 || <= 3.17.2-1 || 3.17.3-1 || 22d || Fixed ({{bug|42760}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18]<br />
|-<br />
| {{CVE|CVE-2014-7824}} [http://www.openwall.com/lists/oss-security/2014/11/10/2 templink] || {{pkg|dbus}} || 2014-11-10 || <= 1.8.8-1 || 1.8.10-1 || 14d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28]<br />
|-<br />
| {{CVE|CVE-2014-8598}} {{CVE|CVE-2014-7146}} [http://www.openwall.com/lists/oss-security/2014/11/07/27 templink] [http://www.openwall.com/lists/oss-security/2014/11/07/28 templink]|| {{pkg|mantisbt}} || 2014-11-08 || <= 1.2.17-3 || 1.2.17-4 || <4d || Fixed ({{bug|42761}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8]<br />
|-<br />
| {{CVE|CVE-2014-8483}} [https://www.kde.org/info/security/advisory-20141104-1.txt templink] || {{pkg|konversation}} || 2014-11-04 || <= 1.5-1 || 1.5.1-1 || <4d || Fixed ({{bug|42698}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5]<br />
|-<br />
| {{CVE|CVE-2014-3707}} [http://curl.haxx.se/docs/adv_20141105.html templink]|| {{pkg|curl}} || 2014-11-05 || <= 7.38.0-3 || 7.39.0-1 || 6d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7]<br />
|-<br />
| {{CVE|CVE-2014-8651}} [http://seclists.org/oss-sec/2014/q4/520 templink]|| {{pkg|kdebase-workspace}} || 2014-11-04 || <= 4.11.13-1 || 4.11.13-2 || 6d || Fixed ({{bug|42679}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6]<br />
|-<br />
| {{CVE|CVE-2014-8627}} {{CVE|CVE-2014-8628}} [http://www.openwall.com/lists/oss-security/2014/11/04/6 templink]|| {{pkg|polarssl}} || 2014-10-23 || <= 1.3.8-3 || 1.3.9-1 || 11d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4]<br />
|-<br />
| {{CVE|CVE-2014-8321}} {{CVE|CVE-2014-8322}} {{CVE|CVE-2014-8323}} {{CVE|CVE-2014-8324}} [http://www.securityfocus.com/archive/1/533869/30/0/threaded templink]|| {{pkg|aircrack-ng}} || 2014-11-02 || <= 1.2beta3-1 || 1.2rc1-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2]<br />
|-<br />
| {{CVE|CVE-2014-8554}} [http://www.openwall.com/lists/oss-security/2014/10/30/9 templink]|| {{pkg|mantisbt}} || 2014-10-30 || <= 1.2.17-2 || 1.2.17-3 || 5d || Fixed ({{bug|42683}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3]<br />
|-<br />
| {{CVE|CVE-2014-8354}} {{CVE|CVE-2014-8355}} {{CVE|CVE-2014-8561}} {{CVE|CVE-2014-8562}} [http://seclists.org/oss-sec/2014/q4/466 templink]|| {{pkg|imagemagick}} || 2014-10-29 || <= 6.8.9.8-1 || 6.8.9.9-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-8517}} [http://seclists.org/oss-sec/2014/q4/459 templink]|| {{pkg|tnftp}} || 2014-10-28 || <= 20130505-2 || 20141031-1 || 4d || Fixed ({{bug|42646}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1]<br />
|-<br />
| {{CVE|CVE-2014-4877}} [http://git.savannah.gnu.org/cgit/wget.git/commit/?id=18b0979357ed7dc4e11d4f2b1d7e0f5932d82aa7 templink]|| {{pkg|wget}} || 2014-10-27 || <= 1.15-1 || 1.16-1 || <2d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|avr-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 27d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|mingw-w64-binutils}} || 2014-10-23 || <= 2.24-1 || 2.24-2 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|arm-none-eabi-binutils}} || 2014-10-23 || <= 2.24-2 || 2.24-3 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18]<br />
|-<br />
| {{CVE|CVE-2014-8484}} {{CVE|CVE-2014-8485}} {{CVE|CVE-2014-8501}} {{CVE|CVE-2014-8502}} {{CVE|CVE-2014-8503}} {{CVE|CVE-2014-8504}} {{CVE|CVE-2014-8737}} {{CVE|CVE-2014-8738}} [http://seclists.org/oss-sec/2014/q4/424 templink] [http://seclists.org/oss-sec/2014/q4/599 tmplink] [http://seclists.org/oss-sec/2014/q4/600 templink] || {{pkg|binutils}} || 2014-10-23 || <= 2.24-7 || 2.24-8 || 26d || Fixed ({{bug|42773}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17]<br />
|-<br />
| {{CVE|CVE-2014-8559}} [http://www.openwall.com/lists/oss-security/2014/10/30/7 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-30 || <= 3.17.3-1, <= 3.14.24-1 ||3.17.4-1 3.14.25-1 || ~23d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3610}} {{CVE|CVE-2014-3611}} {{CVE|CVE-2014-3646}} {{CVE|CVE-2014-3647}} {{CVE|CVE-2014-7825}} {{CVE|CVE-2014-7826}} {{CVE|CVE-2014-8369}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] [http://seclists.org/oss-sec/2014/q4/548 templink] || {{pkg|linux}}, {{pkg|linux-lts}} || 2014-10-21 || <= 3.17.2-1, <= 3.14.23-1 || 3.17.3-1, 3.14.24-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15]<br />
|-<br />
| {{CVE|CVE-2014-8480}} {{CVE|CVE-2014-8481}} [http://permalink.gmane.org/gmane.comp.security.oss.general/14526 templink] || {{pkg|linux}} || 2014-10-21 || <= 3.17.2-1 || 3.17.3-1 || || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14]<br />
|-<br />
| {{CVE|CVE-2014-3695}} {{CVE|CVE-2014-3696}} {{CVE|CVE-2014-3698}} [https://pidgin.im/news/security/ templink] || {{pkg|libpurple}} || 2014-10-22 || <= 2.10.9-2 || 2.10.10-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9]<br />
|-<br />
| {{CVE|CVE-2014-8760}} || {{pkg|ejabberd}} || 2014-10-13 || <= 14.07-1 || 14.07-2 || 14d || Fixed ({{bug|42541}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13]<br />
|-<br />
| {{CVE|CVE-2014-3686}} || {{pkg|wpa_supplicant}}, {{pkg|hostapd}} || 2014-10-09 || <= 2.2-2 || 2.3-1 || ~10d || Fixed ({{bug|42401}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8]<br />
|-<br />
| {{CVE|CVE-2014-0191}} {{CVE|CVE-2014-3660}} || {{pkg|libxml2}} || 2014-10-16 || <= 2.9.1-5 || 2.9.2-1 || 8d || Fixed ({{bug|40790}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12]<br />
|-<br />
| {{CVE|CVE-2014-3704}} [https://www.drupal.org/SA-CORE-2014-005 templink] || {{pkg|drupal}} || 2014-10-15 || <= 7.31-2 || 7.32-1 || 1d || Fixed ({{bug|42388}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7]<br />
|-<br />
| {{CVE|CVE-2014-3513}} {{CVE|CVE-2014-3566}} {{CVE|CVE-2014-3567}} {{CVE|CVE-2014-3568}} [https://www.openssl.org/news/secadv_20141015.txt templink] [https://www.openssl.org/~bodo/ssl-poodle.pdf temp link] || {{pkg|openssl}} || 2014-10-15 || <= 1.0.1.i-1 || 1.0.1.j-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6]<br />
|-<br />
| {{CVE|CVE-2014-8242}} [http://www.openwall.com/lists/oss-security/2014/10/13/2 temp link] || {{pkg|librsync}} || 2014-10-12 || <= 0.9.7-7 || 1.0.0-1 || 166d || Fixed ({{bug|44175}}) || [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10]<br />
|-<br />
| {{CVE|CVE-2014-7203}} {{CVE|CVE-2014-7202}} [http://seclists.org/oss-sec/2014/q3/776 temp link] || {{pkg|zeromq}} || 2014-09-27 || <= 4.0.4-4 || 4.0.5-1 || 18d || Fixed ({{bug|42381}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4]<br />
|-<br />
| {{CVE|CVE-2014-6051}} {{CVE|CVE-2014-6052}} {{CVE|CVE-2014-6053}} {{CVE|CVE-2014-6054}} {{CVE|CVE-2014-6055}} [http://seclists.org/oss-sec/2014/q3/639 temp link] || {{pkg|libvncserver}} || 2014-09-23 || <= 0.9.9-3 || 0.9.10-1 || 31d || Fixed ({{bug|42321}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10]<br />
|-<br />
| {{CVE|CVE-2014-3683}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/ temp link] || {{pkg|rsyslog}} || 2014-10-02 || <= 8.4.1-1 || 8.4.2-1 || 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5]<br />
|-<br />
| {{CVE|CVE-2014-7204}} [http://seclists.org/oss-sec/2014/q3/842 temp link] || {{pkg|ctags}} || 2014-09-29 || <= 5.8-4 || 5.8-5 || 26d || Fixed ({{bug|42246}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11]<br />
|-<br />
| {{CVE|CVE-2014-7295}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-October/000163.html temp link] || {{pkg|mediawiki}} || 2014-10-02 || <= 1.23.4-1 || 1.23.5-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3]<br />
|-<br />
| {{CVE|CVE-2014-3661}} {{CVE|CVE-2014-3662}} {{CVE|CVE-2014-3663}} {{CVE|CVE-2014-3664}} {{CVE|CVE-2014-3680}} {{CVE|CVE-2014-3681}} {{CVE|CVE-2014-3666}} {{CVE|CVE-2014-3667}} {{CVE|CVE-2013-2186}} {{CVE|CVE-2014-1869}} {{CVE|CVE-2014-3678}} {{CVE|CVE-2014-3679}} [https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01 temp link] || {{pkg|jenkins}} || 2014-10-01 || <= 1.582-1 || 1.583-1 || <1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2]<br />
|-<br />
| {{CVE|CVE-2014-3634}} [http://www.rsyslog.com/remote-syslog-pri-vulnerability/ temp link] || {{pkg|rsyslog}} || 2014-09-30 || <= 8.4.0-1 || 8.4.1-1 || 1d || Fixed ({{bug|42200}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1]<br />
|-<br />
| {{CVE|CVE-2014-3657}} {{CVE|CVE-2014-3633}} [https://www.debian.org/security/2014/dsa-3038 temp link] || {{pkg|libvirt}} || 2014-09-26 || <= 1.2.8-1 || 1.2.8-2 || 3d || Fixed ({{bug|42159}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5]<br />
|-<br />
| {{CVE|CVE-2014-7199}} [https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-September/000161.html temp link] || {{pkg|mediawiki}} || 2014-09-24 || <= 1.23.3-1 || 1.23.4-1 || 5d || Fixed ({{bug|42161}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4]<br />
|-<br />
| {{CVE|CVE-2014-7185}} [http://bugs.python.org/issue21831 temp link] || {{pkg|python2}} || 2014-09-24 || < 2.7.8 || 2.7.8-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3]<br />
|-<br />
| {{CVE|CVE-2014-1568}} [https://www.mozilla.org/security/announce/2014/mfsa2014-73.html temp link] || {{pkg|nss}} || 2014-09-24 || < 3.17.1 || 3.17.1-1 || < 1d || Fixed || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1]<br />
|-<br />
| {{CVE|CVE-2014-6271}} {{CVE|CVE-2014-7169}} {{CVE|CVE-2014-7186}} {{CVE|CVE-2014-7187}} {{CVE|CVE-2014-6277}} {{CVE|CVE-2014-6278}} [http://seclists.org/oss-sec/2014/q3/649 temp link] || {{pkg|bash}} || 2014-09-24 || <= 4.3.024-1 || 4.3.026-1 || 2d || Fixed ({{bug|42109}}) || [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2]<br />
|-<br />
| {{CVE|CVE-2014-3635}} {{CVE|CVE-2014-3636}} {{CVE|CVE-2014-3637}} {{CVE|CVE-2014-3638}} {{CVE|CVE-2014-3639}} [http://www.openwall.com/lists/oss-security/2014/09/16/9 temp link] || {{pkg|dbus}} {{pkg|libdbus}} {{pkg|lib32-libdbus}} || 2014-09-16 || < 1.8.8 || 1.8.8-1 || 1d || Fixed ({{bug|41993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3613}} {{CVE|CVE-2014-3620}} [http://curl.haxx.se/docs/security.html temp link] || {{pkg|curl}} {{pkg|lib32-curl}}|| 2014-09-10 || < 7.38.0 || 7.38.0-1 || 5d ({{pkg|curl}}), 7d ({{pkg|lib32-curl}}) || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3609}} [http://www.squid-cache.org/Advisories/SQUID-2014_2.txt temp link] || {{pkg|squid}} || 2014-08-28 || < 3.4.7 || 3.4.7-1 || < 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-5119}} [https://sourceware.org/bugzilla/show_bug.cgi?id=17187 temp link] || {{pkg|glibc}} || 2014-07-21 || <= 2.19 || 2.20-2 || 55d || Fixed ({{bug|41713}}) || None<br />
|-<br />
| {{CVE|CVE-2014-3508}} {{CVE|CVE-2014-5139}} {{CVE|CVE-2014-3509}} {{CVE|CVE-2014-3505}} {{CVE|CVE-2014-3506}} {{CVE|CVE-2014-3507}} {{CVE|CVE-2014-3510}} {{CVE|CVE-2014-3511}} {{CVE|CVE-2014-3512}} [https://www.openssl.org/news/secadv_20140806.txt temp link] || {{pkg|openssl}} || 2014-08-06 || < 1.0.1.i || 1.0.1.i-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0226}} [http://www.zerodayinitiative.com/advisories/ZDI-14-236/ temp link] || {{pkg|apache}} || 2014-07-15 || < 2.4.10 || 2.4.10-1 || ~7d || Fixed ({{bug|41244}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4943}} [http://www.openwall.com/lists/oss-security/2014/07/17/1 temp link] || {{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-16 || || 3.15.5.201407170639-1 {{pkg|linux-grsec}}, 3.14.16 ({{pkg|linux-lts}}), 3.16 ({{pkg|linux}}) || 1d ({{pkg|linux-grsec}}), 23d ({{pkg|linux-lts}}), 27d {{pkg|linux}} || Fixed in {{pkg|linux}}, {{pkg|linux-lts}} ({{bug|41231}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-0475}} [http://www.openwall.com/lists/oss-security/2014/07/10/7 temp link] || {{pkg|glibc}} || 2014-07-10 || <=2.19 || 2.20-2 || 66d || Fixed ({{bug|41166}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4699}} [http://www.openwall.com/lists/oss-security/2014/07/04/4 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-07-04 || || 3.15.3.201407060933-1 {{pkg|linux-grsec}}, 3.15.4-1 {{pkg|linux}}, 3.14.11-1 {{pkg|linux-lts}} || 2d ({{pkg|linux-grsec}}), 3d ({{pkg|linux}}, {{pkg|linux-lts}}) || Fixed ({{bug|41115}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4715}} [http://www.openwall.com/lists/oss-security/2014/07/02/13 temp link] || {{Pkg|lz4}} || 2014-07-02 || || 119-1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4611}} [http://www.openwall.com/lists/oss-security/2014/06/26/25 temp link] || {{Pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}), 118-1 {{pkg|lz4}} || <1d ({{pkg|linux}}, {{pkg|linux-grsec}}, {{pkg|lz4}}) || Fixed in {{pkg|linux}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}}, Fixed in {{pkg|lz4}} ({{bug|40997}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4610}} [http://www.openwall.com/lists/oss-security/2014/06/26/23 temp link] || {{Pkg|ffmpeg}} || 2014-06-26 || || 1:2.2.4-1 || <2d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-4609}} [http://www.openwall.com/lists/oss-security/2014/06/26/22 temp link] || {{Pkg|gst-libav}} || 2014-06-26 || 1.2.4-1 || 1.2.4-2 (with libav 9.14) || 2d || Fixed ({{bug|40995}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4608}} [http://www.openwall.com/lists/oss-security/2014/06/26/21 temp link] || {{Pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-06-26 || || 3.15.2-1 ({{pkg|linux}}), 3.10.45-1 ({{pkg|linux-lts}}), 3.15.2.201406262058-1 ({{pkg|linux-grsec}}) || <1d ({{pkg|linux}}, {{pkg|linux-lts}}, {{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} and {{pkg|linux-lts}} ({{bug|40992}}), Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-4607}} [http://www.openwall.com/lists/oss-security/2014/06/26/20 temp link] || {{Pkg|lzo2}} || 2014-06-26 || || 2.07-2 || 3d || Fixed ({{bug|40993}}) || None<br />
|-<br />
| {{CVE|CVE-2014-4617}} [http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html temp link] || {{Pkg|gnupg}} || 2014-06-24 || < 2.0.24 || 2.0.24 || 7d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0244}} {{CVE|CVE-2014-3493}} [https://www.samba.org/samba/history/samba-4.1.9.html temp link] || {{Pkg|samba}} || 2014-06-23 || < 4.1.9 || 4.1.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1545}} [https://www.mozilla.org/security/announce/2014/mfsa2014-55.html temp link] || {{Pkg|nspr}} || 2014-06-10 || < 4.10.6 || 4.10.6 || ~1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3859}} || {{Pkg|bind}} || 2014-06-11 || 9.10.0, 9.10.0-P1 || 9.10.0-P2 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3477}} || {{Pkg|dbus}} || 2014-06-10 || <= 1.8.2 || 1.8.4 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0195}} {{CVE|CVE-2014-0198}} {{CVE|CVE-2010-5298}} {{CVE|CVE-2014-3470}} {{CVE|CVE-2014-0224}} {{CVE|CVE-2014-0221}} [http://www.openssl.org/news/secadv_20140605.txt temp link] || {{Pkg|openssl}} || 2014-06-05 || 1.0.1 - 1.0.1g || 1.0.1h || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-3153}} [http://seclists.org/oss-sec/2014/q2/467 temp link]|| {{Pkg|linux}}, {{pkg|linux-lts}}, {{Pkg|linux-grsec}} || 2014-06-05 || ? || 3.14.6 ({{pkg|linux}}), 3.10.42-1 ({{pkg|linux-lts}}), 3.14.5.201406051310-1 ({{pkg|linux-grsec}})|| 3d ({{pkg|linux}}, {{pkg|linux-lts}}), <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{bug|40715}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-3466}} [https://bugzilla.redhat.com/show_bug.cgi?id=1101932 temp link]|| {{Pkg|gnutls}} || 2014-05-30 || < 3.3.3 || 3.3.3 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0209}} {{CVE|CVE-2014-0210}} {{CVE|CVE-2014-0211}}|| {{Pkg|libxfont}} || 2014-05-13 || < 1.4.18 || 1.4.18 || 3d || Fixed ({{Bug|40409 }}) || None<br />
|-<br />
| {{CVE|CVE-2014-0196}} [https://bugzilla.redhat.com/show_bug.cgi?id=1094232 temp-link] || {{Pkg|linux}}, {{Pkg|linux-lts}}, {{pkg|linux-grsec}} || 2014-05-05 || 2.6.31 - 3.14 || 3.14.3-2 ({{pkg|linux}}), 3.10.39-2 ({{pkg|linux-lts}}), 3.14.3.201405121814-1 ({{pkg|linux-grsec}}) || 7d ({{pkg|linux}}), 8d {{pkg|linux-lts}}, <1d ({{pkg|linux-grsec}}) || Fixed in {{pkg|linux}} ({{Bug|40232}}), Fixed in {{pkg|linux-lts}}, Fixed in {{pkg|linux-grsec}} || None<br />
|-<br />
| {{CVE|CVE-2014-2905}} {{CVE|CVE-2014-2906}} {{CVE|CVE-2014-2914}} [https://bugzilla.redhat.com/show_bug.cgi?id=1092091 temp-link] || {{Pkg|fish}} || 2014-04-28 || 1.16.0 - 2.1.0 || 2.2.1 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0160}} || {{Pkg|openssl}} || 2014-04-07 || 1.0.1 - 1.0.1f || 1.0.1g || ~1d || Fixed ({{Bug|39775}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1700}} {{CVE|CVE-2014-1701}} {{CVE|CVE-2014-1702}} {{CVE|CVE-2014-1703}} {{CVE|CVE-2014-1704}} {{CVE|CVE-2014-1705}} {{CVE|CVE-2014-1713}} {{CVE|CVE-2014-1715}} || {{Pkg|chromium}} {{Pkg|v8}} || 2014-03-11 || 32 || 33 || 4d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0098}} {{CVE|CVE-2013-6438}}|| {{Pkg|apache}} || 2014-03-17 || 2.4.8 || 2.4.9 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1492}} || {{Pkg|nss}} || 2014-03-18 || 3.15.5 || 3.16 || 22d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1493}} {{CVE|CVE-2014-1494}} {{CVE|CVE-2014-1497}} {{CVE|CVE-2014-1498}} {{CVE|CVE-2014-1499}} {{CVE|CVE-2014-1500}} {{CVE|CVE-2014-1502}} {{CVE|CVE-2014-1504}} {{CVE|CVE-2014-1505}} {{CVE|CVE-2014-1508}} {{CVE|CVE-2014-1509}} {{CVE|CVE-2014-1510}} {{CVE|CVE-2014-1511}} {{CVE|CVE-2014-1512}} {{CVE|CVE-2014-1513}} {{CVE|CVE-2014-1514}} || {{Pkg|firefox}} {{Pkg|thunderbird}} || 2014-03-18 || 27 || 28 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2240}} {{CVE|CVE-2014-2241}}|| {{Pkg|freetype2}} || ? || 2.5.2 || 2.5.3 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2029}}|| {{Pkg|xtrabackup}} || 2014-02-16 || 2.1.7 || 2.1.8 || 28d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1958}} {{CVE|CVE-2014-2030}}|| {{Pkg|imagemagick}} || ? || ? || 6.8.8.9-1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}}|| {{Pkg|php}} || 2014-03-06 || 5.5.9 || 5.5.110 || <1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0404}} {{CVE|CVE-2014-0406}} {{CVE|CVE-2014-0407}} || {{Pkg|virtualbox}} || 2014-02-28 || 4.3.4 || 4.3.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2323}} {{CVE|CVE-2014-2324}} || {{Pkg|lighttpd}} || 2014-03-12 || 1.4.34 || 1.4.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0333}} || {{Pkg|libpng}} || 2014-02-28 || 1.6.9 || 1.6.10 || 9d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0017}} || {{Pkg|libssh}} || 2014-03-04 || ? || 3.5.7.29 || 5d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/628 CVE-2013-7339] || {{Pkg|linux}} || 2014-03-20 || < 3.5.7.29 || 3.5.7.29 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2568 CVE-2014-2568] || {{Pkg|linux}} || 2014-03-18 || ? || ? || ? || Invalid ({{Bug|39566}}) ||<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2524 CVE-2014-2524] || {{Pkg|tigervnc}} || 2014-03-19 || ? || 1.3.1 || 1d || Fixed || None<br />
|-<br />
| [http://seclists.org/oss-sec/2014/q1/595 CVE-2013-7338] || {{Pkg|python}} || 2014-03-19 || 3.4beta || 3.4 || ? || Fixed ({{Bug|39540}}) || None<br />
|-<br />
| [http://mailman.nginx.org/pipermail/nginx-announce/2014/000135.html CVE-2014-0133 ] || {{Pkg|nginx}} || 2014-03-18 || ? || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2013-7336 CVE-2013-7336 ] || {{Pkg|libvirt}} || 2013-09-19 || ? || 1.1.1-7 (in RHEL 7) || 0d || Fixed || None<br />
|-<br />
| [https://access.redhat.com/security/cve/CVE-2014-2523 CVE-2014-2523 ] || {{Pkg|linux}} || 2014-03-17 || ? || 3.13-rc5 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0004}} || {{Pkg|udisks2}} & {{Pkg|udisks}} || 2014-03-10 || 2.1.3 / 1.0.5 || 2.1.3 / 1.0.5 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2281}} {{CVE|CVE-2014-2282}} {{CVE|CVE-2014-2283}} {{CVE|CVE-2014-2299}} || {{Pkg|wireshark-cli}} || 2014-03-10 || 1.10.6 || 1.10.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0050}} || {{Pkg|tomcat7}} || 2014-02-06 || 7.0.51 || 7.0.51 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0033}} || {{Pkg|tomcat6}} || 2014-01-10 || 6.0.37 || 6.0.37 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0032}} || {{Pkg|subversion}} || 2014-01-10 || 1.8.6 || 1.8.6 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0060}} {{CVE|CVE-2014-0061}} {{CVE|CVE-2014-0062}} {{CVE|CVE-2014-0063}} {{CVE|CVE-2014-0064}} {{CVE|CVE-2014-0065}} {{CVE|CVE-2014-0066}} {{CVE|CVE-2014-0067}} || {{Pkg|postgresql}} || 2014-02-20 || 9.3.3 || 9.33 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1912}} || {{Pkg|python}} {{Pkg|python2}} || 2014-02-07 || ? || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-4496}} {{CVE|CVE-2013-6442}} || {{Pkg|samba}} || 2014-03-14 || ? || 4.1.6 || 2d || Fixed ({{Bug|39424}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0504}} || {{Pkg|flashplugin}} || 2014-03-12 || ? || 11.2.202.346 || 1d || Fixed ({{Bug|39385}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0106}} || {{Pkg|sudo}} || || 1.8.9.p5 || 1.8.10 || ? || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2285}} {{CVE|CVE-2014-2284}} || {{Pkg|net-snmp}} || 2014-03-05 || ? || ? || 8d || Fixed ({{Bug|39190}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0092}} || {{Pkg|gnutls}} || 2014-03-04 || <3.2.12 || 3.2.12-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2242}} {{CVE|CVE-2014-2243}} {{CVE|CVE-2014-2244}} || {{Pkg|mediawiki}} || 2014-03-14 || <1.22.3 || 1.22.3 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-2093}} {{CVE|CVE-2014-2094}} {{CVE|CVE-2014-2095}} {{CVE|CVE-2014-2096}} || {{Pkg|catfish}} || 2014-02-25 || <1.0.1 || 1.0.1 || 8d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0497}} || {{Pkg|flashplugin}} || 2014-02-04 || ? || ? || 1d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-0015}} || {{Pkg|curl}} || 2014-01-29 || <7.35 || 7.35 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1610}} || {{Pkg|mediawiki}} || 2014-01-29 || <1.22.2 || 1.22.2 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0021}} || {{Pkg|chrony}} || 2014-01-17 || <1.29.1-1 || 1.29.1-1 || 14d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1875}} || {{Pkg|perl-capture-tiny}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38862}}) || None<br />
|-<br />
| {{CVE|CVE-2013-6493}} || {{Pkg|icedtea-web-java7}} || 2014-02-05 || <1.4.2 || 1.4.2 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1858}} {{CVE|CVE-2014-1859}} || {{Pkg|python-numpy}} || 2014-02-06 || ? || ? || 4d || Fixed ({{Bug|38863}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1932}} {{CVE|CVE-2014-1933}} || {{Pkg|python-pillow}} || 2014-02-10 || <2.3.1 || 2.3.1 || ? || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1935}} || {{Pkg|9base}} || 2014-02-10 || ? || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1949}} [http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-1949.html temp link] || {{Pkg|cinnamon-screensaver}} || 2014-02-12 || 2.0.3 || ? || ? || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1959}} || {{Pkg|gnutls}} || 2014-02-13 || <3.2.11 || 3.2.11 || 2d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1943}} {{CVE|CVE-2014-2270}} || {{Pkg|file}} || 2014-02-10 || <5.17 || 5.17-1 || 3d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0001}} {{CVE|CVE-2014-0412}} {{CVE|CVE-2014-0437}} {{CVE|CVE-2014-0420}} {{CVE|CVE-2014-0393}} {{CVE|CVE-2014-0386}} {{CVE|CVE-2014-0401}} {{CVE|CVE-2014-0402}} || {{Pkg|mariadb}} || 2014-01-31 || <5.5.35 || 5.5.35-1 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1447}} || {{Pkg|libvirt}} || 2014-01-16 || <1.2.1 || 1.2.1 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0979}} || lightdm-gtk* || 2014-01-07 || ? || ? || 25d || Fixed ({{Bug|38715}}) || None<br />
|-<br />
| {{CVE|CVE-2014-1475}} {{CVE|CVE-2014-1476}} || {{Pkg|drupal}} || 2014-01-15 || <7.26 || 7.26-1 || 12d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-0019}} || {{Pkg|socat}} || 2014-01-29 || <1.7.2.3 || 1.7.2.3 || 0d || Fixed || None<br />
|- <br />
| {{CVE|CVE-2014-1838}} {{CVE|CVE-2014-1839}} || {{Pkg|python-logilab-common}} || 2014-01-31 || ? || ? || 3d || Fixed [https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051] || None<br />
|-<br />
| {{CVE|CVE-2014-0368}} {{CVE|CVE-2014-0373}} {{CVE|CVE-2014-0376}} {{CVE|CVE-2014-0411}} {{CVE|CVE-2014-0416}} {{CVE|CVE-2014-0422}} {{CVE|CVE-2014-0423}} {{CVE|CVE-2014-0428}} || *-openjdk-* || 2014-01-15 || ? || ? || 2d || ? ||<br />
|-<br />
| {{CVE|CVE-2014-1402}} || {{Pkg|python-jinja}} || 2014-01-10 || <2.7.2 || 2.7.2 || 1d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2013-6462}} || {{Pkg|libxfont}} || 2014-01-07 || <1.4.7 || 1.4.7 || 0d || Fixed || None<br />
|-<br />
| {{CVE|CVE-2014-1235}} || {{Pkg|graphviz}} || 2014-01-07 || ? || ? || 3d || Fixed ({{Bug|38441}}) || None<br />
|-<br />
| {{CVE|CVE-2014-0978}} || {{Pkg|freerdp}} || 2014-01-10 || <1.0.2 || 1.0.2-5 || 67d || Fixed ({{Bug|38802}}) || None<br />
|-<br />
|}</div>
Sangy
https://wiki.archlinux.org/index.php?title=Security_Advisories&diff=441962
Security Advisories
2016-07-17T22:35:59Z
<p>Sangy: /* Scheduled Advisories */ Claims ASA 201607-6 flashplugin</p>
<hr />
<div>[[Category:Arch development]]<br />
[[Category:Security]]<br />
{{Related articles start}}<br />
{{Related|Arch CVE Monitoring Team}}<br />
{{Related|CVE}}<br />
{{Related|Security Advisories/Examples}}<br />
{{Related articles end}}<br />
<br />
Security Advisories are published by the community driven [[Arch CVE Monitoring Team]] to the public [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
All published advisories can be found below, however if you want to be up-to-date its recommended to subscribe to the [https://mailman.archlinux.org/mailman/listinfo/arch-security list]. All assigned CVE's are tracked at the relevant CVE page [[CVE]], by the [[Arch_CVE_Monitoring_Team|ACMT]].<br />
<br />
==Scheduled Advisories==<br />
* [18 July 2016] ASA-201607-6 {{pkg|flashplugin}} multiple vulnerabilities<br />
<br />
==Recent Advisories==<br />
Here is an archive of security advisories posted to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] list.<br />
<br />
=== July 2016 ===<br />
* [17 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000665.html ASA-201607-5] {{pkg|gimp}} arbitrary code execution<br />
* [10 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000664.html ASA-201607-4] {{pkg|thunderbird}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000663.html ASA-201607-3] {{pkg|libreoffice-fresh}} arbitrary code execution<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html ASA-201607-2] {{pkg|xerces-c}} denial of service<br />
* [05 July 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-July/000661.html ASA-201607-1] {{pkg|libarchive}} arbitrary code execution<br />
<br />
=== June 2016 ===<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000660.html ASA-201606-25] {{pkg|phpmyadmin}} multiple issues<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000659.html ASA-201606-24] {{pkg|libpurple}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000658.html ASA-201606-23] {{pkg|libdwarf}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000657.html ASA-201606-22] {{pkg|xerces-c}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000656.html ASA-201606-21] {{pkg|vlc}} arbitrary code execution<br />
* [25 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000655.html ASA-201606-20] {{pkg|chromium}} arbitrary code execution<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000654.html ASA-201606-19] {{pkg|wget}} arbitrary file upload<br />
* [20 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000653.html ASA-201606-18] {{pkg|lib32-flashplugin}} multiple issues<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000652.html ASA-201606-17] {{pkg|lib32-glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000651.html ASA-201606-16] {{pkg|glibc}} denial of service<br />
* [19 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000650.html ASA-201606-15] {{pkg|flashplugin}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000649.html ASA-201606-14] {{pkg|lib32-expat}} multiple issues<br />
* [13 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000648.html ASA-201606-13] {{pkg|expat}} multiple issues<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000647.html ASA-201606-12] {{pkg|lib32-gnutls}} arbitrary file overwrite<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000646.html ASA-201606-11] {{pkg|haproxy}} denial of service<br />
* [10 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000645.html ASA-201606-10] {{pkg|gnutls}} arbitrary file overwrite<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000644.html ASA-201606-9] {{pkg|qemu-arch-extra}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000643.html ASA-201606-8] {{pkg|qemu}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000642.html ASA-201606-7] {{pkg|firefox}} multiple issues<br />
* [8 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000641.html ASA-201606-6] {{pkg|subversion}} multiple issues<br />
* [5 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000640.html ASA-201606-5] {{pkg|chromium}} multiple issues<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000639.html ASA-201606-4] {{pkg|ntp}} distributed denial of service amplification<br />
* [4 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000638.html ASA-201606-3] {{pkg|webkit2gtk}} arbitrary code execution<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000637.html ASA-201606-2] {{pkg|nginx-mainline}} denial of service<br />
* [1 June 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-June/000636.html ASA-201606-1] {{pkg|nginx}} denial of service<br />
<br />
=== May 2016 ===<br />
<br />
* [28 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000635.html ASA-201605-28] {{pkg|chromium}} multiple issues<br />
* [26 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000634.html ASA-201605-27] {{pkg|libxml2}} multiple issues<br />
* [24 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000633.html ASA-201605-26] {{pkg|libndp}} man-in-the-middle<br />
* [19 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000632.html ASA-201605-25] {{pkg|bugzilla}} cross-site scripting<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000631.html ASA-201605-24] {{pkg|p7zip}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000630.html ASA-201605-23] {{pkg|lib32-expat}} arbitrary code execution<br />
* [18 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000629.html ASA-201605-22] {{pkg|expat}} arbitrary code execution<br />
* [15 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000628.html ASA-201605-21] {{pkg|thunderbird}} arbitrary code execution<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000627.html ASA-201605-20] {{pkg|lib32-glibc}} multiple issues<br />
* [13 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000626.html ASA-201605-19] {{pkg|glibc}} multiple issues<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000625.html ASA-201605-18] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000624.html ASA-201605-17] {{pkg|libksba}} denial of service<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000623.html ASA-201605-16] {{pkg|flashplugin}} arbitrary code execution<br />
* [12 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000622.html ASA-201605-15] {{pkg|chromium}} multiple issues<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000621.html ASA-201605-14] {{pkg|cacti}} sql injection<br />
* [10 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000620.html ASA-201605-13] {{pkg|squid}} multiple issues<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000619.html ASA-201605-12] {{pkg|mencoder}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000618.html ASA-201605-11] {{pkg|mplayer}} denial of service<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000617.html ASA-201605-10] {{pkg|mercurial}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000616.html ASA-201605-9] {{pkg|latex2rtf}} arbitrary code execution<br />
* [06 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000615.html ASA-201605-8] {{pkg|gd}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000614.html ASA-201605-7] {{pkg|chromium}} multiple issues<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000613.html ASA-201605-6] {{pkg|imagemagick}} arbitrary code execution<br />
* [05 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000612.html ASA-201605-5] {{pkg|quassel-core}} denial of service<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000611.html ASA-201605-4] {{pkg|lib32-openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000610.html ASA-201605-3] {{pkg|openssl}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000609.html ASA-201605-2] {{pkg|jasper}} multiple issues<br />
* [04 May 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-May/000608.html ASA-201605-1] {{pkg|imlib2}} multiple issues<br />
<br />
=== April 2016 ===<br />
<br />
* [30 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000607.html ASA-201604-15] {{pkg|firefox}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000606.html ASA-201604-14] {{pkg|squid}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000605.html ASA-201604-13] {{pkg|samba}} multiple issues<br />
* [23 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000604.html ASA-201604-12] {{pkg|thunderbird}} multiple issues<br />
* [22 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000603.html ASA-201604-11] {{pkg|pgpdump}} denial of service<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000602.html ASA-201604-10] {{pkg|chromium}} multiple issues<br />
* [17 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000601.html ASA-201604-9] {{pkg|libtasn1}} denial of service<br />
* [14 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000600.html ASA-201604-8] {{pkg|lhasa}} arbitrary code execution<br />
* [10 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000599.html ASA-201604-7] {{pkg|flashplugin}} arbitrary code execution<br />
* [06 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000598.html ASA-201604-6] {{pkg|mercurial}} arbitrary code execution<br />
* [04 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000597.html ASA-201604-5] {{pkg|optipng}} arbitrary code execution<br />
* [02 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000596.html ASA-201604-4] {{pkg|squid}} denial of service<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000595.html ASA-201604-3] {{pkg|jre7-openjdk-headless}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000594.html ASA-201604-2] {{pkg|jre7-openjdk}} sandbox escape<br />
* [01 April 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-April/000593.html ASA-201604-1] {{pkg|jdk7-openjdk}} sandbox escape<br />
<br />
=== March 2016 ===<br />
<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000592.html ASA-201603-27] {{pkg|jre8-openjdk-headless}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000591.html ASA-201603-26] {{pkg|jre8-openjdk}} sandbox escape<br />
* [29 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000590.html ASA-201603-25] {{pkg|jdk8-openjdk}} sandbox escape<br />
* [26 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000589.html ASA-201603-24] {{pkg|chromium}} multiple issues<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000588.html ASA-201603-23] {{pkg|expat}} arbitrary code execution<br />
* [24 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000587.html ASA-201603-22] {{pkg|botan}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000586.html ASA-201603-21] {{pkg|thunderbird}} multiple issues<br />
* [20 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000585.html ASA-201603-20] {{pkg|git}} remote command execution<br />
* [14 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000584.html ASA-201603-19] {{pkg|dropbear}} command injection<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000583.html ASA-201603-18] {{pkg|pcre}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000582.html ASA-201603-17] {{pkg|wireshark-gtk}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000581.html ASA-201603-16] {{pkg|wireshark-qt}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000580.html ASA-201603-15] {{pkg|wireshark-cli}} denial of service<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000579.html ASA-201603-14] {{pkg|pidgin-otr}} arbitrary code execution<br />
* [12 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000578.html ASA-201603-13] {{pkg|bind}} denial of service<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000577.html ASA-201603-12] {{pkg|openssh}} command injection<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000576.html ASA-201603-11] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [11 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000575.html ASA-201603-10] {{pkg|flashplugin}} arbitrary code execution<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000574.html ASA-201603-9] {{pkg|perl}} improper input validation<br />
* [10 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000573.html ASA-201603-8] {{pkg|exim}} privilege escalation<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000572.html ASA-201603-7] {{pkg|bind}} denial of service<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000571.html ASA-201603-6] {{pkg|libotr}} arbitrary code execution<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000570.html ASA-201603-5] {{pkg|chromium}} multiple issues<br />
* [9 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000569.html ASA-201603-4] {{pkg|firefox}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000568.html ASA-201603-3] {{pkg|lib32-openssl}} multiple issues<br />
* [7 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000567.html ASA-201603-2] {{pkg|openssl}} multiple issues<br />
* [3 March 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-March/000566.html ASA-201603-1] {{pkg|chromium}} multiple issues<br />
<br />
=== February 2016 ===<br />
<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000565.html ASA-201602-24] {{pkg|cacti}} SQL injection<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000564.html ASA-201602-23] {{pkg|lib32-glibc}} unbound stack usage<br />
* [28 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000563.html ASA-201602-22] {{pkg|glibc}} unbound stack usage<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000562.html ASA-201602-21] {{pkg|lib32-libssh2}} man-in-the-middle<br />
* [25 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000561.html ASA-201602-20] {{pkg|libssh2}} man-in-the-middle<br />
* [24 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000560.html ASA-201602-19] {{pkg|libgcrypt}} secret key extraction<br />
* [23 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000559.html ASA-201602-18] {{pkg|libssh}} man-in-the-middle<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000558.html ASA-201602-17] {{pkg|chromium}} multiple issues<br />
* [21 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000557.html ASA-201602-16] {{pkg|thunderbird}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000555.html ASA-201602-15] {{pkg|lib32-glibc}} multiple issues<br />
* [17 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000554.html ASA-201602-14] {{pkg|glibc}} multiple issues<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000553.html ASA-201602-13] {{pkg|nghttp2}} denial of service<br />
* [13 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000552.html ASA-201602-12] {{pkg|firefox}} same-origin policy bypass<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000551.html ASA-201602-11] {{pkg|botan}} multiple issues<br />
* [10 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000550.html ASA-201602-10] {{pkg|kscreenlocker}} access restriction bypass<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000549.html ASA-201602-9] {{pkg|lib32-libsndfile}} multiple issues<br />
* [6 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000548.html ASA-201602-8] {{pkg|libsndfile}} multiple issues<br />
* [4 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000547.html ASA-201602-7] {{pkg|libbsd}} denial of service<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000546.html ASA-201602-6] {{pkg|lib32-nettle}} improper cryptographic calculations<br />
* [3 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000545.html ASA-201602-5] {{pkg|nettle}} improper cryptographic calculations<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000544.html ASA-201602-4] {{pkg|lib32-curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000543.html ASA-201602-3] {{pkg|curl}} man-in-the-middle<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000542.html ASA-201602-2] {{pkg|python2-django}} permission bypass<br />
* [2 February 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-February/000540.html ASA-201602-1] {{pkg|python-django}} permission bypass<br />
<br />
=== January 2016 ===<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000539.html ASA-201601-33] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [29 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000538.html ASA-201601-32] {{pkg|openssl}} man-in-the-middle<br />
* [27 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000536.html ASA-201601-31] {{pkg|nginx}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000535.html ASA-201601-30] {{pkg|blueman}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000534.html ASA-201601-29] {{pkg|mbedtls}} man-in-the-middle<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000533.html ASA-201601-28] {{pkg|chromium}} multiple issues<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000532.html ASA-201601-27] {{pkg|privoxy}} denial of service<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000531.html ASA-201601-26] {{pkg|linux-lts}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000530.html ASA-201601-25] {{pkg|ecryptfs-utils}} privilege escalation<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000529.html ASA-201601-24] {{pkg|python2-rsa}} signature forgery<br />
* [25 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000528.html ASA-201601-23] {{pkg|python-rsa}} signature forgery<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000527.html ASA-201601-22] {{pkg|libdwarf}} denial of service<br />
* [21 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000526.html ASA-201601-21] {{pkg|bind}} denial of service<br />
* [20 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000525.html ASA-201601-20] {{pkg|linux}} privilege escalation<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000524.html ASA-201601-19] {{pkg|ntp}} time alteration<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000523.html ASA-201601-18] {{pkg|roundcubemail}} remote code execution<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000522.html ASA-201601-17] {{pkg|ffmpeg}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000521.html ASA-201601-16] {{pkg|syncthing}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000520.html ASA-201601-15] {{pkg|keybase}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000519.html ASA-201601-14] {{pkg|hub}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000518.html ASA-201601-13] {{pkg|go-ipfs}} information leakage<br />
* [17 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000517.html ASA-201601-12] {{pkg|docker}} information leakage<br />
* [16 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000516.html ASA-201601-11] {{pkg|go}} information leakage<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000515.html ASA-201601-10] {{pkg|php}} multiple issues<br />
* [14 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000512.html ASA-201601-9] {{pkg|openssh}} multiple issues<br />
* [13 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000487.html ASA-201601-8] {{pkg|libxslt}} denial of service<br />
* [11 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000486.html ASA-201601-7] {{pkg|dhcpcd}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000485.html ASA-201601-6] {{pkg|wireshark-qt}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000484.html ASA-201601-5] {{pkg|wireshark-gtk}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000483.html ASA-201601-4] {{pkg|wireshark-cli}} denial of service<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000482.html ASA-201601-3] {{pkg|gajim}} man-in-the-middle<br />
* [09 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000481.html ASA-201601-2] {{pkg|wordpress}} cross-side scripting<br />
* [02 January 2016] [https://lists.archlinux.org/pipermail/arch-security/2016-January/000480.html ASA-201601-1] {{pkg|rtmpdump}} multiple issues<br />
<br />
=== December 2015 ===<br />
<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000479.html ASA-201512-19] {{pkg|openvpn}} out-of-bound read<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000478.html ASA-201512-18] {{pkg|libpng}} buffer overflow<br />
* [28 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000477.html ASA-201512-17] {{pkg|flashplugin}}, {{pkg|lib32-flashplugin}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000476.html ASA-201512-16] {{pkg|nghttp2}} use-after-free<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000475.html ASA-201512-15] {{pkg|mediawiki}} multiple issues<br />
* [25 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000474.html ASA-201512-14] {{pkg|thunderbird}} multiple issues<br />
* [22 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000473.html ASA-201512-13] {{pkg|claws-mail}} buffer overflow<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000472.html ASA-201512-12] {{pkg|python2-pyamf}} XML external entity injection<br />
* [17 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000471.html ASA-201512-11] {{pkg|ruby}} unsafe tainted string usage<br />
* [16 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000468.html ASA-201512-10] {{pkg|bind}} denial of service<br />
* [15 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000467.html ASA-201512-9] {{pkg|firefox}} multiple issues<br />
* [10 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000466.html ASA-201512-8] {{pkg|keepassx}} information disclosure<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000465.html ASA-201512-7] {{pkg|flashplugin}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000464.html ASA-201512-6] {{pkg|libxml2}} multiple issues<br />
* [09 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000463.html ASA-201512-5] {{pkg|chromium}} multiple issues<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000462.html ASA-201512-4] {{pkg|nodejs}} denial of service<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000460.html ASA-201512-3] {{pkg|python-django}} {{pkg|python2-django}} information leakage<br />
* [05 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000459.html ASA-201512-2] {{pkg|openssl}} {{pkg|lib32-openssl}} multiple issues<br />
* [02 December 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-December/000440.html ASA-201512-1] {{pkg|chromium}} multiple issues<br />
<br />
=== November 2015 ===<br />
<br />
* [18 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000439.html ASA-201511-11] {{pkg|jenkins}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000438.html ASA-201511-10] {{pkg|lib32-libpng}} multiple issues<br />
* [17 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000437.html ASA-201511-9] {{pkg|libpng}} multiple issues<br />
* [13 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000436.html ASA-201511-8] {{pkg|chromium}} information leakage<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000435.html ASA-201511-7] {{pkg|putty}} arbitrary code execution<br />
* [12 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000434.html ASA-201511-6] {{pkg|powerdns}} denial of service<br />
* [11 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000433.html ASA-201511-5] {{pkg|flashplugin}} multiple issues<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000432.html ASA-201511-4] {{pkg|nspr}} arbitrary code execution<br />
* [06 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000431.html ASA-201511-3] {{pkg|nss}} arbitrary code execution<br />
* [04 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000430.html ASA-201511-2] {{pkg|firefox}} multiple issues<br />
* [03 November 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-November/000429.html ASA-201511-1] {{pkg|unzip}} multiple issues<br />
<br />
=== October 2015 ===<br />
<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000428.html ASA-201510-26] {{pkg|mariadb}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000427.html ASA-201510-25] {{pkg|lldpd}} denial of service<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000426.html ASA-201510-24] {{pkg|wordpress}} multiple issues<br />
* [30 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000425.html ASA-201510-23] {{pkg|phpmyadmin}} content spoofing<br />
* [27 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000424.html ASA-201510-22] {{pkg|vorbis-tools}} denial of service<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000423.html ASA-201510-21] {{pkg|drupal}} open redirect<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000422.html ASA-201510-20] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000421.html ASA-201510-19] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000420.html ASA-201510-18] {{pkg|jdk8-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000419.html ASA-201510-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000418.html ASA-201510-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000417.html ASA-201510-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [22 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000416.html ASA-201510-14] {{pkg|ntp}} multiple issues<br />
* [19 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000415.html ASA-201510-13] {{pkg|spice}} multiple issues<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000414.html ASA-201510-12] {{pkg|flashplugin}} arbitrary code execution<br />
* [18 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000413.html ASA-201510-11] {{pkg|miniupnpc}} arbitrary code execution<br />
* [16 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000412.html ASA-201510-10] {{pkg|firefox}} cross-origin restriction bypass<br />
* [15 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000411.html ASA-201510-9] {{pkg|mbedtls}} arbitrary code execution<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000410.html ASA-201510-8] {{pkg|chromium}} multiple issues<br />
* [14 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000409.html ASA-201510-7] {{pkg|flashplugin}} multiple issues<br />
* [10 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000408.html ASA-201510-6] {{pkg|gdk-pixbuf2}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000407.html ASA-201510-5] {{pkg|opensmtpd}} multiple issues<br />
* [08 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000406.html ASA-201510-4] {{pkg|bugzilla}} unauthorized account creation<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000405.html ASA-201510-3] {{pkg|nodejs}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000404.html ASA-201510-2] {{pkg|hostapd}} denial of service<br />
* [05 October 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-October/000403.html ASA-201510-1] {{pkg|libunwind}} denial of service<br />
<br />
=== September 2015 ===<br />
* [28 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000401.html ASA-201509-11] {{pkg|chromium}} cross-origin bypass<br />
* [25 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000400.html ASA-201509-10] {{pkg|rpcbind}} denial of service<br />
* [23 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000399.html ASA-201509-9] {{pkg|firefox}} multiple issues<br />
* [22 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000398.html ASA-201509-8] {{pkg|flashplugin}} multiple issues<br />
* [21 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000397.html ASA-201509-7] {{pkg|wordpress}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000395.html ASA-201509-6] {{pkg|icedtea-web}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000394.html ASA-201509-5] {{pkg|libvdpau}} {{pkg|lib32-libvdpau}} multiple issues<br />
* [13 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000393.html ASA-201509-4] {{pkg|openldap}} denial of service<br />
* [07 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000392.html ASA-201509-3] {{pkg|powerdns}} denial of service<br />
* [03 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html ASA-201509-2] {{pkg|bind}} denial of service<br />
* [02 September 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-September/000390.html ASA-201509-1] {{pkg|chromium}} multiple issues<br />
<br />
=== August 2015 ===<br />
* [28 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000389.html ASA-201508-12] {{pkg|firefox}} multiple issues<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000388.html ASA-201508-11] {{pkg|pcre}} arbitrary code execution<br />
* [26 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000387.html ASA-201508-10] {{pkg|jasper}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000386.html ASA-201508-9] {{pkg|django}} denial of service<br />
* [25 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000385.html ASA-201508-8] {{pkg|gnutls}} denial of service<br />
* [16 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000384.html ASA-201508-7] {{pkg|glibc}} denial of service<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000383.html ASA-201508-6] {{pkg|freeradius}} insufficient CRL validation<br />
* [14 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000382.html ASA-201508-5] {{pkg|subversion}} authentication bypass<br />
* [12 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000381.html ASA-201508-4] {{pkg|firefox}} multiple issues<br />
* [11 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000380.html ASA-201508-3] {{pkg|ppp}} denial of service<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000379.html ASA-201508-2] {{pkg|wordpress}} multiple issues<br />
* [07 August 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-August/000378.html ASA-201508-1] {{pkg|firefox}} information leakage<br />
<br />
=== July 2015 ===<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000377.html ASA-201507-23] {{pkg|pacman}} silent downgrade<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000376.html ASA-201507-22] {{pkg|bind}} denial of service<br />
* [29 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000375.html ASA-201507-21] {{pkg|qemu}} multiple issues<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000374.html ASA-201507-20] {{pkg|crypto++}} private key recovery<br />
* [24 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000373.html ASA-201507-19] {{pkg|libuser}} privilege escalation<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000371.html ASA-201507-18] {{pkg|chromium}} multiple issues<br />
* [23 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000372.html ASA-201507-17] {{pkg|openssh}} authentication limits bypass<br />
* [22 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000370.html ASA-201507-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000369.html ASA-201507-15] {{pkg|apache}} multiple issues<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000368.html ASA-201507-14] {{pkg|lib32-flashplugin}} arbitrary code execution<br />
* [16 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000367.html ASA-201507-13] {{pkg|flashplugin}} arbitrary code execution<br />
* [13 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000366.html ASA-201507-12] {{pkg|lib32-openssl}} man-in-the-middle<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000365.html ASA-201507-11] {{pkg|lib32-krb5}} multiple issues<br />
* [12 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000364.html ASA-201507-10] {{pkg|krb5}} multiple issues<br />
* [11 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000363.html ASA-201507-9] {{pkg|thunderbird}} multiple issues<br />
* [09 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000362.html ASA-201507-8] {{pkg|openssl}} man-in-the-middle<br />
* [08 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000361.html ASA-201507-7] {{pkg|flashplugin}} remote code execution<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000360.html ASA-201507-6] {{pkg|bind}} denial of service<br />
* [07 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000359.html ASA-201507-5] {{pkg|ntp}} denial of service<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000358.html ASA-201507-4] {{pkg|openssh}} XSECURITY restrictions bypass<br />
* [04 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000357.html ASA-201507-3] {{pkg|haproxy}} information leakage<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000356.html ASA-201507-2] {{pkg|firefox}} remote code execution<br />
* [03 July 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-July/000355.html ASA-201507-1] {{pkg|wesnoth}} information leakage<br />
<br />
=== June 2015 ===<br />
* [24 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000346.html ASA-201506-5] {{pkg|flashplugin}} remote code execution<br />
* [22 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000345.html ASA-201506-4] {{pkg|curl}} information leakage<br />
* [12 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000344.html ASA-201506-3] {{pkg|openssl}} multiple issues<br />
* [10 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000343.html ASA-201506-2] {{pkg|cups}} multiple issues<br />
* [01 June 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-June/000342.html ASA-201506-1] {{pkg|pcre}} buffer overflow<br />
<br />
=== May 2015 ===<br />
* [28 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000341.html ASA-201505-20] {{pkg|curl}} information leakage<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000340.html ASA-201505-19] {{pkg|webkitgtk2}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000339.html ASA-201505-18] {{pkg|webkitgtk}} man-in-the-middle<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000338.html ASA-201505-17] {{pkg|postgresql}} multiple issues<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000337.html ASA-201505-16] {{pkg|pgbouncer}} denial of service<br />
* [26 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000336.html ASA-201505-15] {{pkg|nbd}} denial of service<br />
* [21 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000335.html ASA-201505-14] {{pkg|chromium}} multiple issues<br />
* [18 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000332.html ASA-201505-13] {{pkg|thunderbird}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000331.html ASA-201505-12] {{pkg|wireshark-gtk}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000330.html ASA-201505-11] {{pkg|wireshark-qt}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000329.html ASA-201505-10] {{pkg|wireshark-cli}} multiple issues<br />
* [14 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000328.html ASA-201505-9] {{pkg|qemu}} arbitrary code execution<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000321.html ASA-201505-8] {{pkg|tomcat6}} denial of service<br />
* [13 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000320.html ASA-201505-7] {{pkg|firefox}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000319.html ASA-201505-6] {{pkg|docker}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000318.html ASA-201505-5] {{pkg|libtasn1}} arbitrary code execution<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000317.html ASA-201505-4] {{pkg|mariadb-clients}} multiple issues<br />
* [08 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000316.html ASA-201505-3] {{pkg|mariadb}} multiple issues<br />
* [03 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000315.html ASA-201505-2] {{pkg|clamav}} multiple issues<br />
* [01 May 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-May/000314.html ASA-201505-1] {{pkg|squid}} weak certificate validation<br />
<br />
=== Apr 2015 ===<br />
* [30 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000313.html ASA-201504-32] {{pkg|perl-xml-libxml}} xml external entity injection<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000312.html ASA-201504-31] {{pkg|dovecot}} denial of service<br />
* [29 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000311.html ASA-201504-30] {{pkg|chromium}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000310.html ASA-201504-29] {{pkg|wpa_supplicant}} arbitrary code execution<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000309.html ASA-201504-28] {{pkg|curl}} multiple issues<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000308.html ASA-201504-27] {{pkg|powerdns-recursor}} denial of service<br />
* [24 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000307.html ASA-201504-26] {{pkg|powerdns}} denial of service<br />
* [23 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000305.html ASA-201504-25] {{pkg|glibc}} arbitrary code execution<br />
* [22 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000304.html ASA-201504-24] {{pkg|firefox}} arbitrary code execution<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000302.html ASA-201504-23] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000301.html ASA-201504-22] {{pkg|jre8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000300.html ASA-201504-21] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000299.html ASA-201504-20] {{pkg|tcpdump}} denial of service<br />
* [18 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000298.html ASA-201504-19] {{pkg|chromium}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000297.html ASA-201504-18] {{pkg|flashplugin}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000296.html ASA-201504-17] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000295.html ASA-201504-16] {{pkg|jre7-openjdk}} multiple issues<br />
* [17 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000294.html ASA-201504-15] {{pkg|jdk7-openjdk}} multiple issues<br />
* [15 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000291.html ASA-201504-14] {{pkg|php}} multiple issues<br />
* [14 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000282.html ASA-201504-13] {{pkg|ruby}} permissive certificate matching<br />
* [11 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000281.html ASA-201504-12] {{pkg|icecast}} denial of service<br />
* [10 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000280.html ASA-201504-11] {{pkg|mediawiki}} multiple issues<br />
* [09 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000279.html ASA-201504-10] {{pkg|libssh2}} out-of-bounds read<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000278.html ASA-201504-9] {{pkg|chrony}} denial of service<br />
* [08 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000275.html ASA-201504-8] {{pkg|ntp}} multiple issues<br />
* [07 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000274.html ASA-201504-7] {{pkg|tor}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000272.html ASA-201504-6] {{pkg|thunderbird}} multiple issues<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000273.html ASA-201504-5] {{pkg|java-batik}} xml external entity injection<br />
* [04 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000271.html ASA-201504-4] {{pkg|firefox}} certificate verification bypass<br />
* [03 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000270.html ASA-201504-3] {{pkg|libtasn1}} stack overflow<br />
* [02 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000269.html ASA-201504-2] {{pkg|chromium}} remote code execution<br />
* [01 Apr 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-April/000268.html ASA-201504-1] {{pkg|firefox}} multiple issues<br />
<br />
=== Mar 2015 ===<br />
* [31 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000267.html ASA-201503-26] {{pkg|musl}} arbitrary code execution<br />
* [28 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000266.html ASA-201503-25] {{pkg|php}} zip integer overflow<br />
* [25 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000265.html ASA-201503-24] {{pkg|vorbis-tools}} denial of service<br />
* [24 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000264.html ASA-201503-23] {{pkg|util-linux}} command injection<br />
* [23 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000263.html ASA-201503-22] {{pkg|cpio}} directory traversal<br />
* [21 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000262.html ASA-201503-21] {{pkg|firefox}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000261.html ASA-201503-20] {{pkg|tcpdump}} multiple issues<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html ASA-201503-19] {{pkg|xerces-c}} denial of service<br />
* [20 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000259.html ASA-201503-18] {{pkg|drupal}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000258.html ASA-201503-17] {{pkg|lib32-openssl}} multiple issues<br />
* [19 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000257.html ASA-201503-16] {{pkg|openssl}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000256.html ASA-201503-15] {{pkg|libxfont}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000255.html ASA-201503-14] {{pkg|ecryptfs-utils}} hard-coded passphrase salt<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html ASA-201503-13] {{pkg|ettercap-gtk}} multiple issues<br />
* [17 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html ASA-201503-12] {{pkg|ettercap}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000252.html ASA-201503-11] {{pkg|flashplugin}} multiple issues<br />
* [16 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000251.html ASA-201503-10] {{pkg|librsync}} checksum collision<br />
* [15 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000250.html ASA-201503-9] {{pkg|unzip}} arbitrary code execution<br />
* [12 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000249.html ASA-201503-8] {{pkg|e2fsprogs}} arbitrary code execution<br />
* [11 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000248.html ASA-201503-7] {{pkg|python2-django}} {{pkg|python-django}} cross site scripting<br />
* [09 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000247.html ASA-201503-6] {{pkg|mutt}} denial of service<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000245.html ASA-201503-5] {{pkg|chromium}} multiple issues<br />
* [05 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000244.html ASA-201503-4] {{pkg|grep}} denial of service<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000243.html ASA-201503-3] {{pkg|lib32-elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000242.html ASA-201503-2] {{pkg|elfutils}} directory traversal<br />
* [02 Mar 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-March/000241.html ASA-201503-1] {{pkg|putty}} information disclosure<br />
<br />
=== Feb 2015 ===<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000238.html ASA-201502-15] {{pkg|thunderbird}} multiple issues<br />
* [25 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000237.html ASA-201502-14] {{pkg|firefox}} multiple issues<br />
* [23 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000236.html ASA-201502-13] {{pkg|samba}} arbitrary code execution<br />
* [17 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000235.html ASA-201502-12] {{pkg|krb5}} multiple issues<br />
* [11 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000234.html ASA-201502-11] {{pkg|xorg-server}} information leak and denial of service<br />
* [10 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000233.html ASA-201502-10] {{pkg|dbus}} denial of service<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000232.html ASA-201502-9] {{pkg|pigz}} remote write to arbitrary file<br />
* [09 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000231.html ASA-201502-8] {{pkg|glibc}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000230.html ASA-201502-7] {{pkg|ntp}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html ASA-201502-6] {{pkg|clamav}} arbitrary code execution<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000228.html ASA-201502-5] {{pkg|chromium}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000227.html ASA-201502-4] {{pkg|postgresql}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000226.html ASA-201502-3] {{pkg|mantisbt}} multiple issues<br />
* [05 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000225.html ASA-201502-2] {{pkg|flashplugin}} remote code execution<br />
* [03 Feb 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-February/000224.html ASA-201502-1] {{pkg|privoxy}} denial of service<br />
<br />
=== Jan 2015 ===<br />
* [28 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000223.html ASA-201501-24] {{pkg|patch}} multiple issues<br />
* [27 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000222.html ASA-201501-23] {{pkg|jasper}} arbitrary code execution<br />
* [26 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000220.html ASA-201501-22] {{pkg|flashplugin}} multiple issues<br />
* [25 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000219.html ASA-201501-21] {{pkg|chromium}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000218.html ASA-201501-20] {{pkg|jre7-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000217.html ASA-201501-19] {{pkg|jre7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000216.html ASA-201501-18] {{pkg|jdk7-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000215.html ASA-201501-17] {{pkg|php}} remote code execution<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000212.html ASA-201501-16] {{pkg|jre8-openjdk-headless}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000211.html ASA-201501-15] {{pkg|jre8-openjdk}} multiple issues<br />
* [23 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000210.html ASA-201501-14] {{pkg|jdk8-openjdk}} multiple issues<br />
* [20 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000209.html ASA-201501-13] {{pkg|polarssl}} remote code execution<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000208.html ASA-201501-12] {{pkg|libssh}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000207.html ASA-201501-11] {{pkg|tinyproxy}} denial of service<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000206.html ASA-201501-10] {{pkg|samba}} privilege elevation<br />
* [19 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000205.html ASA-201501-9] {{pkg|curl}} url request injection<br />
* [15 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000204.html ASA-201501-8] {{pkg|flashplugin}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000203.html ASA-201501-7] {{pkg|thunderbird}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000202.html ASA-201501-6] {{pkg|firefox}} multiple issues<br />
* [14 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000201.html ASA-201501-5] {{pkg|cpio}} heap buffer overflow<br />
* [13 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000200.html ASA-201501-4] {{pkg|libevent}} heap overflow<br />
* [10 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000199.html ASA-201501-3] {{pkg|unzip}} arbitrary code execution<br />
* [09 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000198.html ASA-201501-2] {{pkg|openssl}} multiple issues<br />
* [07 Jan 2015] [https://lists.archlinux.org/pipermail/arch-security/2015-January/000192.html ASA-201501-1] {{pkg|imagemagick}} multiple issues<br />
<br />
=== Dec 2014 ===<br />
* [22 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000189.html ASA-201412-24] {{pkg|ntp}} multiple issues<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000183.html ASA-201412-23] {{pkg|php}} use after free<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000182.html ASA-201412-22] {{pkg|jasper}} arbitrary code execution<br />
* [18 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000181.html ASA-201412-21] {{pkg|glibc}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000178.html ASA-201412-20] {{pkg|unrtf}} arbitrary code execution<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000177.html ASA-201412-19] {{pkg|dokuwiki}} cross-site scripting<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000176.html ASA-201412-18] {{pkg|nss}} signature forgery<br />
* [16 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000175.html ASA-201412-17] {{pkg|subversion}} denial of service<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000174.html ASA-201412-16] {{pkg|docker}} multiple issues<br />
* [15 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000173.html ASA-201412-15] {{pkg|python2}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000172.html ASA-201412-14] {{pkg|xorg-server}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000171.html ASA-201412-13] {{pkg|flashplugin}} multiple issues<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000170.html ASA-201412-12] {{pkg|nvidia}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000169.html ASA-201412-11] {{pkg|nvidia-340xx}} arbitrary code execution<br />
* [12 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000168.html ASA-201412-10] {{pkg|nvidia-304xx}} arbitrary code execution<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000167.html ASA-201412-9] {{pkg|powerdns-recursor}} denial of service<br />
* [09 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000166.html ASA-201412-8] {{pkg|unbound}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000165.html ASA-201412-7] {{pkg|bind}} denial of service<br />
* [08 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000164.html ASA-201412-6] {{pkg|mantisbt}} multiple issues<br />
* [04 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000163.html ASA-201412-5] {{pkg|antiword}} buffer overflow<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000162.html ASA-201412-4] {{pkg|graphviz}} format string vulnerability<br />
* [03 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000161.html ASA-201412-3] {{pkg|firefox}} multiple issues<br />
* [02 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000160.html ASA-201412-2] {{pkg|openvpn}} denial of service<br />
* [01 Dec 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-December/000159.html ASA-201412-1] {{pkg|gnupg}} denial of service<br />
<br />
=== Nov 2014 ===<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000156.html ASA-201411-31] {{pkg|libksba}} denial of service<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000157.html ASA-201411-32] {{pkg|icecast}} information leak<br />
* [28 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000158.html ASA-201411-33] {{pkg|libjpeg-turbo}} denial of service <br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000155.html ASA-201411-30] {{pkg|flac}} arbitrary code execution<br />
* [26 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000154.html ASA-201411-29] {{pkg|pcre}} heap buffer overflow<br />
* [23 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000153.html ASA-201411-28] {{pkg|dbus}} denial of service<br />
* [21 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000152.html ASA-201411-27] {{pkg|glibc}} command execution<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000151.html ASA-201411-26] {{pkg|chromium}} multiple issues<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000150.html ASA-201411-25] {{pkg|drupal}} session hijacking and denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000149.html ASA-201411-24] {{pkg|wireshark-qt}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000148.html ASA-201411-23] {{pkg|wireshark-gtk}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000147.html ASA-201411-22] {{pkg|wireshark-cli}} denial of service<br />
* [20 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000146.html ASA-201411-21] {{pkg|clamav}} denial of service<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000145.html ASA-201411-20] {{pkg|avr-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000144.html ASA-201411-19] {{pkg|mingw-w64-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000143.html ASA-201411-18] {{pkg|arm-none-eabi-binutils}} multiple issues<br />
* [19 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000142.html ASA-201411-17] {{pkg|binutils}} multiple issues<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000141.html ASA-201411-16] {{pkg|ruby}} denial of service<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000140.html ASA-201411-15] {{pkg|linux-lts}} local denial of service, privilege escalation<br />
* [17 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000139.html ASA-201411-14] {{pkg|linux}} local denial of service, privilege escalation<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000138.html ASA-201411-13] {{pkg|php}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000137.html ASA-201411-12] {{pkg|imagemagick}} denial of service<br />
* [13 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000136.html ASA-201411-11] {{pkg|flashplugin}} remote code execution<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000135.html ASA-201411-10] {{pkg|gnutls}} out-of-bounds memory write<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000134.html ASA-201411-9] {{pkg|file}} denial of service through out-of-bounds read<br />
* [12 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000133.html ASA-201411-8] {{pkg|mantisbt}} arbitrary code execution and unrestricted access<br />
* [11 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000132.html ASA-201411-7] {{pkg|curl}} out-of-bounds read<br />
* [10 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000131.html ASA-201411-6] {{pkg|kdebase-workspace}} local privilege escalation<br />
* [09 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000130.html ASA-201411-5] {{pkg|konversation}} denial of service<br />
* [06 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000129.html ASA-201411-4] {{pkg|polarssl}} multiple issues<br />
* [05 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000128.html ASA-201411-3] {{pkg|mantisbt}} sql injection<br />
* [03 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000127.html ASA-201411-2] {{pkg|aircrack-ng}} multiple vulnerabilities<br />
* [01 Nov 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-November/000126.html ASA-201411-1] {{pkg|tnftp}} arbitrary command execution<br />
<br />
=== Oct 2014 ===<br />
<br />
* [29 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000125.html ASA-201410-14] {{pkg|wget}} arbitrary filesystem access<br />
* [27 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000124.html ASA-201410-13] {{pkg|ejabberd}} circumvention of encryption<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000123.html ASA-201410-12] {{pkg|libxml2}} Denial of service<br />
* [24 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000122.html ASA-201410-11] {{pkg|ctags}} Denial of service<br />
* [23 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000121.html ASA-201410-10] {{pkg|libvncserver}} Remote code execution and Remote DoS<br />
* [22 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000120.html ASA-201410-9] {{pkg|libpurple}} Remote DoS and Information leakage<br />
* [20 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000119.html ASA-201410-8] {{pkg|wpa_supplicant}}, {{pkg|hostapd}} Arbitrary command execution<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000118.html ASA-201410-7] {{pkg|drupal}} SQL Injection<br />
* [16 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000117.html ASA-201410-6] {{pkg|openssl}} Memory leak and poodle mitigation<br />
* [15 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000116.html ASA-201410-4] {{pkg|zeromq}} Man-in-the-middle downgrade and replay attack<br />
* [8 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000115.html ASA-201410-5] {{pkg|rsyslog}} Denial of service<br />
* [4 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000114.html ASA-201410-3] {{pkg|mediawiki}} Cross-site Scripting (XSS) and UI redressing<br />
* [2 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000113.html ASA-201410-2] {{pkg|jenkins}} Multiple issues<br />
* [1 Oct 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-October/000112.html ASA-201410-1] {{pkg|rsyslog}} Remote denial of service<br />
<br />
=== Sep 2014 ===<br />
<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000111.html ASA-201409-5] {{pkg|libvirt}} Out-of-bounds read access<br />
* [29 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000109.html ASA-201409-4] {{pkg|mediawiki}} Cross-site Scripting (XSS)<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000102.html ASA-201409-3] {{pkg|python2}} Information leakage through integer overflow<br />
* [26 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000099.html ASA-201409-2] {{pkg|bash}} Remote code execution<br />
* [25 Sep 2014] [https://lists.archlinux.org/pipermail/arch-security/2014-September/000097.html ASA-201409-1] {{pkg|nss}} Signature forgery attack<br />
<br />
==Publishing a new advisory==<br />
<br />
We try to always wait for the vulnerability to have been fixed in the corresponding package before issuing an advisory.<br />
In case of an extremely critical vulnerability,<br />
we may issue an advisory before the package has been fixed, but only if a work-around exists. <br />
<br />
If you want to publish a new advisory, please check that:<br />
* the corresponding Arch Linux package is really vulnerable ;<br />
* the tracking [[Arch_CVE_Monitoring_Team#Procedure|Procedure]] has been completed;<br />
* no Arch Linux Security Advisory for this vulnerability has been published yet ;<br />
* no upcoming Security Advisory for this vulnerability has been claimed in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, as it would mean that someone is already working on an advisory ;<br />
* the current maintainer has been notified, either by flagging the package ouf-of-date if an upstream release fixing the issue exists and/or by creating a new [https://bugs.archlinux.org/ bug-tracker] entry (see the exact procedure [[Arch_CVE_Monitoring_Team#Procedure|here]]).<br />
<br />
You may then:<br />
* add a line in the "[[#Scheduled Advisories|Scheduled Advisories]]" list of this page, indicating that you are going to publish an advisory soon ;<br />
* use the following template as an example to write the advisory ;<br />
* send the advisory to the [https://mailman.archlinux.org/mailman/listinfo/arch-security arch-security] mailing-list (note that it would be nice if you could send a PGP-signed e-mail, but it is not required).<br />
* move the published advisory from "[[#Scheduled Advisories|Scheduled Advisories]]" to "[[#Recent Advisories|Recent Advisories]]"<br />
* adapt the [[CVE#Documented_CVE.27s|CVE]] tracking page for the fixed package and add a link to the appropriate ASA.<br />
<br />
===Templates===<br />
<br />
{{bc|<nowiki><br />
Subject:<br />
[ASA-<YYYYMM-N>] <Package>: <Vulnerability Type><br />
<br />
Body:<br />
Arch Linux Security Advisory ASA-YYYYMM-N<br />
=========================================<br />
<br />
Severity: Low, Medium, High, Critical<br />
Date : YYYY-MM-DD<br />
CVE-ID : <CVE-ID><br />
Package : <package><br />
Type : <Vulnerability Type><br />
Remote : <Yes/No><br />
Link : https://wiki.archlinux.org/index.php/CVE<br />
<br />
Summary<br />
=======<br />
<br />
The package <package> before version <Arch Linux fixed version> is vulnerable to <Vulnerability type>.<br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to <Arch Linux fixed version>.<br />
<br />
# pacman -Syu "<package>>=<Arch Linux fixed version>"<br />
<br />
The problem has been fixed upstream in version <upstream fixed version>.<br />
<br />
Workaround<br />
==========<br />
<br />
<Is there a way to mitigate this vulnerability without upgrading?><br />
<br />
Description<br />
===========<br />
<br />
<Long description, for example from original advisory>.<br />
<br />
Impact<br />
======<br />
<br />
<<br />
What is it that an attacker can do? Does this need existing<br />
pre-conditions to be exploited (valid credentials, physical access)?<br />
Is this remotely exploitable?<br />
>.<br />
<br />
References<br />
==========<br />
<br />
<CVE-Link><br />
<Upstream report><br />
<Arch Linux Bug-Tracker><br />
</nowiki>}}<br />
<br />
===Vim-Snippet===<br />
<br />
Vim-Snippet for vim-ultisnips plugin for easy completing the archlinux template. Just install {{pkg|vim-ultisnips}} and copy the text below in your {{ic|~/.vim/UltiSnips/all.snippets}} you can jump through the tabstops with {{ic|CTRL+j}}.<br />
<br />
{{bc|<nowiki><br />
snippet archsec "arch security form" <br />
Arch Linux Security Advisory ASA-`date -I -u | egrep -o '[0-9]{4}'``date -I -u | egrep -o '[0-9]{2}' | sed '3q;d'`-${1}<br />
========================================${1/./=/g} <br />
<br />
Severity: ${2} <br />
Date : `date -I -u` <br />
CVE-ID : $3 <br />
Package : $4 <br />
Type : $5<br />
Remote : ${6} <br />
Link : https://wiki.archlinux.org/index.php/CVE <br />
<br />
Summary<br />
=======<br />
<br />
The package $4 before version $7 is vulnerable to $5 ${8} <br />
<br />
Resolution<br />
==========<br />
<br />
Upgrade to $7.<br />
<br />
# pacman -Syu "$4>=$7" <br />
<br />
${9:The problems have been fixed upstream in version ${7/-\d+$/./}} <br />
<br />
Workaround<br />
========== <br />
<br />
${10:None.} <br />
<br />
Description <br />
=========== <br />
<br />
${3/(CVE-....-....)(\s?)/- $1(?2: : )()\n\n/g} <br />
<br />
Impact<br />
====== <br />
<br />
A${6/(Yes)|(No)/(?1: remote )(?2: local )/}attacker is able to ${12} <br />
<br />
References<br />
========== <br />
<br />
${3/(CVE-....-....)(\s?)/https:\/\/access.redhat.com\/security\/cve\/$1\n/g}<br />
${13}<br />
endsnippet<br />
<br />
</nowiki>}}</div>
Sangy