Updated gnupg packages fix security vulnerability:

The gnupg program before version 1.4.16 is vulnerable to an ELGAMAL
side-channel attack (CVE-2014-5270).

A flaw was found in the way Bash evaluated certain specially crafted
environment variables. An attacker could use this flaw to override or
bypass environment restrictions to execute shell commands. Certain
services and applications allow remote unauthenticated attackers to
provide environment variables, allowing them to exploit this issue
(CVE-2014-6271).

Updated libgadu packages fix security vulnerability:

Libgadu before 1.12.0 was found to not be performing SSL certificate
validation (CVE-2013-4488).

Updated net-snmp packages fix security vulnerabilities:

A remote denial-of-service flaw was found in the way snmptrapd handled
certain SNMP traps when started with the -OQ option. If an attacker
sent an SNMP trap containing a variable with a NULL type where an
integer variable type was expected, it would cause snmptrapd to crash
(CVE-2014-3565).

Updated phpmyadmin package fixes security vulnerability:

In phpMyAdmin before 4.2.9, by deceiving a logged-in user to click on
a crafted URL, it is possible to perform remote code execution and in
some cases, create a root account due to a DOM based XSS vulnerability
in the micro history feature (CVE-2014-6300).

Updated zarafa packages fix security vulnerabilities:

Robert Scheck reported that Zarafa’s WebAccess stored session
information, including login credentials, on-disk in PHP session
files. This session file would contain a user’s username and password
to the Zarafa IMAP server (CVE-2014-0103).

Robert Scheck discovered that the Zarafa Collaboration Platform has
multiple incorrect default permissions (CVE-2014-5447, CVE-2014-5448,
CVE-2014-5449, CVE-2014-5450).

Updated dump packages fix security vulnerability:

An integer overflow in liblzo before 2.07 allows attackers to cause
a denial of service or possibly code execution in applications using
performing LZO decompression on a compressed payload from the attacker
(CVE-2014-4607).

The dump package is built with a bundled copy of minilzo, which is
a part of liblzo containing the vulnerable code.

This is a maintenance and bugfix release that upgrades php to the
latest 5.5.17 version which resolves various upstream bugs in php.

Additionally, the php-timezonedb packages has been upgraded to the
latest 2014.7 version, the php-suhosin packages has been upgraded to
the latest 0.9.36 version which has better support for php-5.5 and
the PECL packages which requires so has been rebuilt for php-5.5.17.

A vulnerability has been discovered and corrected in Mozilla NSS:

Antoine Delignat-Lavaud, security researcher at Inria Paris in
team Prosecco, reported an issue in Network Security Services (NSS)
libraries affecting all versions. He discovered that NSS is vulnerable
to a variant of a signature forgery attack previously published
by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1
values involved in a signature and could lead to the forging of RSA
certificates (CVE-2014-1568).

The updated NSPR packages have been upgraded to the latest 4.10.7
version.

The updated NSS packages have been upgraded to the latest 3.17.1
version which is not vulnerable to this issue.

Additionally the rootcerts package has also been updated to the latest
version as of 2014-08-05.