Version 1.1 of the "Go" programming language has been released. The bulk of the work seems to be in performance improvements, but there's a number of new features as well, including a race detector and an expanded library. See the release notes for details.

CentOS has updated hypervkvpd (C5: denial of service).

Debian has updated xen (multiple vulnerabilities) and mysql (multiple vulnerabilities).

Fedora has updated plexus-archiver (F18; F17: denial of service) and php-sabredav-Sabre_DAV (F18; F17: local file exposure).

Mageia has updated telepathy-idle (certificate validation error) and kdelibs (username and password disclosure).

Mandriva has updated mesa (code execution).

openSUSE has updated strongswan (12.2; 12.1: authentication bypass), xorg-x11-server (information disclosure), java-1_6_0-openjdk (multiple vulnerabilities), and python-httplib2 (SSL certificate verification failure).

Oracle has updated enterprise kernel (OL6; OL5: multiple vulnerabilities).

The first PostgreSQL 9.3 beta is out for testing. There are plenty of new features in this release, including writable foreign tables, automatically updatable VIEWs, lateral joins, indexed regular expression searches, checksums to detect filesystem-induced data corruption, and more. "In 9.3, PostgreSQL has greatly reduced its requirement for SysV shared memory, changing to mmap(). This allows easier installation and configuration of PostgreSQL, but means that we need our users to rigorously test and ensure that no memory management issues have been introduced by the change."