Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 25: 2017-07-15 High: Critical XSS Vulnerability Patched

fedora
Calendar Grey June 10, 2017
Dist Fedora Esm H88
Numerous vulnerabilities in Fedora's libjpeg-turbo library have been resolved with a new RPM release to bolster system security.
Multiple security flaws were found on oniguruma currently being shipped on Fedora

Summary

Oniguruma is a regular expressions library.

The characteristics of this library is that different character encoding

for every regular expression object can be specified.

(supported APIs: GNU regex, POSIX and Oniguruma native)

Multiple security flaws were found on oniguruma currently being shipped on

Fedora. This new rpm should fix the issue. Fixed CVEs: CVE-2017-9226

CVE-2017-9224 CVE-2017-9227 CVE-2017-9229 CVE-2017-9228

su -c 'dnf upgrade oniguruma' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory fedora modification threat fix oniguruma regular expressions

Change Log

References

Update Instructions

Product: Fedora 24
Version: 5.9.6
Release: 4.fc24
URL: https://thanks.yahoo.co.jp
Summary: Regular expressions library

Topics%20covered

Topics Covered

security advisory fedora modification threat fix oniguruma regular expressions

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here