Mandriva has updated apache-commons-fileupload (BS1.0: denial of service), file (BS1.0: two vulnerabilities), libssh (BS1.0: private key leak), net-snmp (BS1.0: two denial of service flaws), otrs (BS1.0: code execution), and owncloud (BS1.0: multiple unspecified vulnerabilities).
openSUSE has updated otrs (12.3, 13.1: code execution).
Slackware has updated mutt (code execution).
Interpreted, "duck typing" languages often have some idiosyncrasies in their definitions of "truth" and Python is no exception. But Python goes a bit further than some other languages in interpreting the True or False status of non-Boolean values. Even so, it often comes as a big surprise for programmers to find (sometimes by way of a hard-to-reproduce bug) that, unlike any other time value, midnight (i.e. datetime.time(0,0,0)) is False. A long discussion on the python-ideas mailing list shows that, while surprising, that behavior is desirable—at least in some quarters.
openSUSE has updated libpng16 (13.1: denial of service).
Red Hat has updated kernel (RHEL6.4 EUS: multiple vulnerabilities).
Click below (subscribers only) for the full article from this week's Kernel Page.
CentOS has updated sudo (C5: privilege escalation).
Mandriva has updated wireshark (multiple vulnerabilities).
Oracle has updated sudo (OL5: privilege escalation).
Red Hat has updated sudo (RHEL5: privilege escalation).
Scientific Linux has updated sudo (SL5: privilege escalation).
Slackware has updated udisks (privilege escalation).
Fedora has updated freeradius (F20; F19: buffer overflow), imapsync (F19: information leak), kernel (F19: three vulnerabilities), php (F20: code execution), and v8 (F20; F19: incorrect handling of popular pages).
Gentoo has updated libyaml (code execution).
openSUSE has updated SSLCipherSuite (11.4: CRIME attack), fail2ban (13.1, 12.3: three vulnerabilities), freeradius-server (13.1, 12.3: denial of service), gnutls (11.4: two vulnerabilities), phpMyAdmin (13.1, 12.3: cross-site scripting), and postgresql92 (13.1, 12.3: multiple vulnerabilities).
Ubuntu has updated udisks, udisks2 (privilege escalation).
Ubuntu has updated imagemagick (12.04, 12.10, 13.10: multiple vulnerabilities), kernel (12.04; 12.10; 13.10: multiple vulnerabilities), linux-lts-quantal (multiple vulnerabilities), linux-lts-raring (multiple vulnerabilities), linux-lts-saucy (multiple vulnerabilities), and linux-ti-omap4 (12.04; 12.10; 13.10: multiple vulnerabilities).