Several vulnerabilities have been discovered in the chromium web browser.

Pyry Hakulinen and Ashish Shakla at Automattic discovered that pdns,
an authoritative DNS server, was incorrectly processing some DNS
packets; this would enable a remote attacker to trigger a DoS by
sending specially crafted packets causing the server to crash.

Several vulnerabilities were discovered in qemu-kvm, a full
virtualization solution on x86 hardware.

Hanno Boeck discovered that incorrect validation of DNSSEC-signed records
in the Bind DNS server could result in denial of service.

Several vulnerabilities were discovered in qemu, a fast processor
emulator.

Several vulnerabilities were discovered in Drupal, a content management
framework:

Multiple security issues have been found in Iceweasel, Debian’s version
of the Mozilla Firefox web browser. The Common Vulnerabilities and
Exposures project identifies the following problems:

Multiple vulnerabilities have been discovered in the PHP language:

James Kettle, Alain Tiemblo, Christophe Coevoet and Fabien Potencier
discovered that twig, a templating engine for PHP, did not correctly
process its input. End users allowed to submit twig templates could
use specially crafted code to trigger remote code execution, even in
sandboxed templates.

It was discovered that in certain configurations, if the relevant
conntrack kernel module is not loaded, conntrackd will crash when
handling DCCP, SCTP or ICMPv6 packets.