FreeBSD Security Advisory – During certificate verification, OpenSSL will attempt to find an alternative certificate chain if the first attempt to build such a chain fails, unless the application explicitly specifies X509_V_FLAG_NO_ALT_CHAINS. An error in the implementation of this logic could erroneously mark certificate as trusted when they should not. An attacker could cause certain checks on untrusted certificates, such as the CA (certificate authority) flag, to be bypassed, which would enable them to use a valid leaf certificate to act as a CA and issue an invalid certificate.

VMware Security Advisory 2015-0005 – VMware Workstation, Player, and Horizon View Client for Windows updates address a host privilege escalation vulnerability.

Debian Linux Security Advisory 3307-1 – Toshifumi Sakaguchi discovered that the patch applied to pdns-recursor, a recursive DNS server, fixing CVE-2015-1868, was insufficient in some cases, allowing remote attackers to cause a denial of service (service-affecting CPU spikes and in some cases a crash).

HP Security Bulletin HPSBGN03371 1 – Potential security vulnerabilities have been identified with HP IceWall Products running OpenSSL. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

Gentoo Linux Security Advisory 201507-10 – A buffer overflow in t1utils could result in execution of arbitrary code or Denial of Service. Versions less than 1.39 are affected.

Gentoo Linux Security Advisory 201507-11 – A vulnerability in Perl allows a remote attacker to cause Denial of Service. Versions less than 5.20.1-r4 are affected.

Gentoo Linux Security Advisory 201507-13 – Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.481 are affected.