The InCommon Shibboleth Training team discovered that XMLTooling, a
C++ XML parsing library, did not properly handle an exception when
parsing well-formed but schema-invalid XML. This could allow remote
attackers to cause a denial of service (crash) via crafted XML data.

It was discovered that OpenAFS, the implementation of the distributed
filesystem AFS, contained several flaws that could result in
information leak, denial-of-service or kernel panic.

Jonathan Foote discovered that the BIND DNS server does not properly
handle TKEY queries. A remote attacker can take advantage of this flaw
to mount a denial of service via a specially crafted query triggering an
assertion failure and causing BIND to exit.

Multiple integer overflows have been discovered in Expat, an XML parsing
C library, which may result in denial of service or the execution of
arbitrary code if a malformed XML file is processed.

Several vulnerabilities have been discovered in LXC, the Linux
Containers userspace tools. The Common Vulnerabilities and Exposures
project identifies the following problems:

Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, breakouts of the Java sandbox, information disclosure,
denial of service or insecure cryptography.

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation or denial of service.

Upstream security support for Typo3 4.5.x ended three months ago and the
same now applies to the Debian packages as well.

Several vulnerabilities were discovered in the chromium web browser.

Multiple SQL injection vulnerabilities were discovered in cacti, a web
interface for graphing of monitoring systems.