Samsung’s lkmauth feature suffers from a kernel module verification bypass vulnerability.

Red Hat Security Advisory 2017-0002-01 – Node.js is a platform built on Chrome’s JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices. The following packages have been upgraded to a newer upstream version: rh-nodejs4-nodejs, rh-nodejs4-http-parser. Security Fix: It was found that Node.js’ tls.checkServerIdentity() function did not properly validate server certificates containing wildcards. A malicious TLS server could use this flaw to get a specially crafted certificate accepted by a Node.js TLS client.

Gentoo Linux Security Advisory 201701-15 – Multiple vulnerabilities have been found in Mozilla Firefox, SeaMonkey, and Thunderbird the worst of which could lead to the execution of arbitrary code. Versions less than 45.6.0 are affected.

Kaspersky fails to adequately protect its local CA root.

As a part of the KNOX extensions available on Samsung devices, Samsung provides a new service which allows the generation of OTP tokens and suffers from a heap overflow vulnerability.