Debian Linux Security Advisory 3672-1 – Gabriel Campana and Adrien Guinet from Quarkslab discovered two remotely exploitable crash and heap corruption vulnerabilities in the format parsing code in Irssi, a terminal based IRC client.

Slackware Security Advisory – New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.

HP Security Bulletin HPSBGN03645 2 – Potential vulnerabilities have been identified in HPE Helion OpenStack Glance. The vulnerabilities can be remotely exploited to allow access restriction bypass and unauthorized access. A malicious tenant is able to reuse deleted Glance image IDs to share malicious images with other tenants in a manner that is undetectable to the victim tenant if the Helion OpenStack administrators have both: 1. Edited the policy.json file to allow non-admin tenants to share images with other tenants or edited policy.json to allow non-admin tenants to create public images. 2. Deleted image IDs from the Glance database, either manually or using the purge tool (“glance-manage db purge”). Revision 2 of this advisory.

HP Security Bulletin HPSBHF03646 1 – Potential security vulnerabilities in NTP have been addressed with HPE Comware 7 (CW7) network products. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or other impacts affecting integrity. Revision 1 of this advisory.