a/aaa_elflibs-14.2-i586-2.txz

a/cryptsetup-1.6.7-i586-1.txz

a/lvm2-2.02.129-i586-1.txz

ap/lxc-1.1.3-i586-1.txz

d/git-2.5.1-i586-1.txz

l/gdk-pixbuf2-2.31.7-i586-1.txz
Gustavo Grieco discovered a heap overflow in the processing of BMP images
which may result in the execution of arbitrary code if a malformed image
is opened.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491
(* Security fix *)

n/ModemManager-1.4.10-i586-1.txz

n/NetworkManager-1.0.6-i586-1.txz

n/openssh-7.1p1-i586-1.txz

x/libvdpau-1.1.1-i586-1.txz
libvdpau versions 1.1 and earlier, when used in setuid or setgid
applications, contain vulnerabilities related to environment variable
handling that could allow an attacker to execute arbitrary code or
overwrite arbitrary files. This release uses the secure_getenv()
function to fix these problems.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5199
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5200
(* Security fix *)

x/mesa-10.6.5-i586-1.txz

xap/network-manager-applet-1.0.6-i586-1.txz

l/dconf-editor-3.16.1-i586-1.txz