Arch Linux ASA-201704-6
Date: 2017-04-21
CVE ID:
CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437
CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441
CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445
CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449
CVE-2017-5451 CVE-2017-5453 CVE-2017-5454 CVE-2017-5455
CVE-2017-5456 CVE-2017-5458 CVE-2017-5459 CVE-2017-5460
CVE-2017-5461 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466
CVE-2017-5467 CVE-2017-5468 CVE-2017-5469
Firefox versions before 53.0-1 vulnerable to multiple issues including arbitrary code execution, cross-site scripting, access restriction bypass, file system access, denial service, information disclosure, and content spoofing.
Resolution
pacman -Syu firefox>=53.0-1
Link:AVG-249
Ubuntu has released a similar advisory.
Arch Linux Security Advisory ASA-201704-4
Date: 2017-04-20
CVE ID: CVE-2017-5461
The package nss (Network Security Services) before version 3.30.1-1 is vulnerable to arbitrary code
execution.
Link: AVG-247
Ubuntu Bind
Date: April 17, 2017
CVE ID: CVE-2017-3136, CVE-2017-3137, CVE-2017-3138
Several security issues have been fixed on the bind9 Internet Domain Name Server package on affected Ubuntu versions.
Link:Ubuntu Bind Security Notice
Pegasus Spyware Found on Android Devices
A variant of the pegasus spyware is being found on some Android devices.
Link:Pegasus Spyware on Android
WordPress 4.7.4 Update
Released April 20th 2017
Link:WordPress Change Log