Arch Linux has updated optipng (code execution).
Gentoo has updated xen (multiple vulnerabilities, some from 2012).
openSUSE has updated ghostscript (Leap42.1: buffer overflow).
Red Hat has updated nss, nss-util, nspr (RHEL6: two vulnerabilities).
Slackware has updated thunderbird (multiple vulnerabilities).
SUSE has updated xen (SLE11-SP4: multiple vulnerabilities, some from 2013).
Arch Linux has updated squid (denial of service).
Fedora has updated apache-commons-collections (F23; F22: code execution), bind (F22: multiple vulnerabilities), bind99 (F22: multiple vulnerabilities), and NetworkManager (F23: multiple vulnerabilities).
openSUSE has updated krb5 (13.2: null pointer dereference).
Oracle has updated openssh (OL5: two vulnerabilities).