It was discovered that there was an integer-overflow vulnerability in hiredis, a C client library for communicating with Redis databases. This occurred within the handling and parsing of 'multi-bulk' replies.
Multiple security vulnerabilities have been discovered in fig2dev, utilities for converting XFig figure files. Buffer overflows, out-of-bounds reads and NULL pointer dereferences could lead to a denial-of-service or other unspecified impact.
Several vulnerabilities were discovered in the Apache HTTP server. An attacker could send proxied requests to arbitrary servers, corrupt memory in some setups involving third-party modules, and cause the server to crash.