Debian Linux Security Advisory 3046-1 – It was reported that MediaWiki, a website engine for collaborative work, allowed to load user-created CSS on pages where user-created JavaScript is not allowed. A wiki user could be tricked into performing actions by manipulating the interface from CSS, or JavaScript code being executed from CSS, on security-wise sensitive pages like Special:Preferences and Special:UserLogin. This update removes the separation of CSS and JavaScript module allowance.

Gentoo Linux Security Advisory 201410-1 – Multiple parsing flaws in Bash could allow remote attackers to inject code or cause a Denial of Service condition. Versions less than 4.2_p52 are affected.

Debian Linux Security Advisory 3042-1 – Stefano Zacchiroli discovered a vulnerability in exuberant-ctags, a tool files cause ctags to enter an infinite loop until it runs out of disk space, resulting in denial of service.

Debian Linux Security Advisory 3044-1 – Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.

Debian Linux Security Advisory 3045-1 – Several vulnerabilities were discovered in qemu, a fast processor emulator.