Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 548
Alerts This Week
Warning Icon 1 548

Fedora 23: 214559 Critical Vulnerability in Libreport Data Leak Issue

fedora
Calendar Grey October 31, 2015
Dist Fedora Esm H88
Critical security patch released to mitigate possible information exposure in libreport for Fedora 23. Ensure your system is protected with the newest updates.
Security fix for CVE-2015-5302 abrt-2.7.0-2.fc23 - Fix broken problem details in abrt-cli/gnome-abrt abrt-2.7.0-1.fc23 - cli-ng: initial - bodhi: introduce wrapper for 'reporter-bu...

Summary

Libraries providing API for reporting different problems in applications

to different bug targets like Bugzilla, ftp, trac, etc...

Update Information:

Security fix for CVE-2015-5302 abrt-2.7.0-2.fc23 - Fix broken problem details in abrt-cli/gnome-abrt abrt-2.7.0-1.fc23 - cli-ng: initial - bodhi: introduce wrapper for 'reporter-bugzilla -h' and 'abrt-bodhi' - handle-event: remove obsolete workaround - remove 'not needed' code - doc: change /var/tmp/abrt to /var/spool/abrt - doc: fix default DumpLocation in abrt.conf man page - abrt- dump-xorg: support Xorg log backtraces prefixed by (EE) - Resolves #1264739 libreport-2.6.3-1.fc23 - reporter-bugzilla: add parameter -p - fix save userschanges after reviewing dump dir files - bugzilla: don't attach build_ids - rewrite event rule parser - ureport: improve curl's error messages - curl: add posibility to use own Certificate Authority cert - Resolves #1270235, CVE-2015-5302

Change Log

References


[ 1 ] Bug #1270903 - CVE-2015-5302 libreport: Possible private data leak in Bugzilla bugs opened by ABRT https://bugzilla.redhat.com/show_bug.cgi?id=1270903

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update libreport' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: libreport
Product: Fedora 23
Version: 2.6.3
Release: 1.fc23
Summary: Generic library for reporting various problems

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.