Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or have other
impacts.

Hanno Boeck discovered multiple vulnerabilities in libidn, the GNU
library for Internationalized Domain Names (IDNs), allowing a remote
attacker to cause a denial of service against an application using the
libidn library (application crash).

Hanno Boeck and Marcin Noga discovered multiple vulnerabilities in
libarchive; processing malformed archives may result in denial of
service or the execution of arbitrary code.

Two vulnerabilities have been discovered in the server for the Tryton
application platform, which may result in information disclosure of
password hashes or file contents.

Two vulnerabilities were discovered in MuPDF, a lightweight PDF viewer.
The Common Vulnerabilities and Exposures project identifies the
following problems:

Two vulnerabilities were discovered in quagga, a BGP/OSPF/RIP routing
daemon.

Andrew Carpenter of Critical Juncture discovered a cross-site scripting
vulnerability affecting Action View in rails, a web application
framework written in Ruby. Text declared as HTML safe will not have
quotes escaped when used as attribute values in tag helpers.

Alexander Sulfrian discovered a buffer overflow in the
yy_get_next_buffer() function generated by Flex, which may result in
denial of service and potentially the execution of code if operating on
data from untrusted sources.

This updates fixes many vulnerabilities in imagemagick: Various memory
handling problems and cases of missing or incomplete input sanitising
may result in denial of service or the execution of arbitrary code if
malformed TIFF, WPG, RLE, RAW, PSD, Sun, PICT, VIFF, HDR, Meta, Quantum,
PDB, DDS, DCM, EXIF, RGF or BMP files are processed.

Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of
Technology discovered a flaw in the mixing functions of Libgcrypt’s
random number generator. An attacker who obtains 4640 bits from the RNG
can trivially predict the next 160 bits of output.