Fedora Linux Distribution
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
A quarter year regular dose of fixed CVE's. https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-20.html . rhbz#1497694: Fix owner and perms on log file in post script CVE fixes: rhbz#1503701 CVE-2017-10155 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-10286 CVE-2017-10294 CVE-2017-10314
This update includes a rebase from 8.0.46 up to 8.0.47 which resolves a single CVE along with various other bugs/features: rhbz#1497682 CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615
Fix CVE-2017-15088 (Buffer overflow in get_matching_data()) ---- Remove build dependency on python-pyrad. It is only used on the test suite, and we gracefully skip the tests if it is not present.
updated to aarch64-jdk8u151-b12 (from aarch64-port/jdk8u)
- fix buffer overflow while processing IMAP FETCH response (CVE-2017-1000257)
This update fixes CVE-2017-1002157 -- possible arbitrary code execution when loading multiple documents with `load_all` / `loads_all`.
Update to 2.49.1 Based on the Firefox/Thunderbird ESR (extension support release) code version 52.4.0 Fixes various security issues, see https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/ and https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ for more info. Since the version of 2.48, SeaMonkey uses another disk cache
* Fix ppc64 KVM failure (bz #1501936) * CVE-2017-15038: 9p: information disclosure when reading extended attributes (bz #1499111) * CVE-2017-15268: potential memory exhaustion via websock connection to VNC (bz #1496882) ---- qemu-pr-helper didn't work due to a change in the libmultipath/libmpathpersist APIs exposed by device-mapper-multipath-devel. This has been fixed now. Other
- Update to 1.1.26 - CVE-2017-15194 Release notes: https://www.cacti.net/release_notes.php?version=1.1.26
For changes see: https://www.thunderbird.net/en-US/thunderbird/52.4.0/releasenotes/
Security fix for CVE-2017-14926, CVE-2017-14927 and CVE-2017-14928. ---- Security fix for CVE-2017-14617 ---- Security fix for CVE-2017-14517, CVE-2017-14518, CVE-2017-14519 and CVE-2017-14929.
xen: various flaws (#1501391) multiple MSI mapping issues on x86 [XSA-237] DMOP map/unmap missing argument checks [XSA-238] hypervisor stack leak in x86 I/O intercept code [XSA-239] Unlimited recursion in linear pagetable de-typing [XSA-240] Stale TLB entry due to page type release race [XSA-241] page type reference leak on x86 [XSA-242] x86: Incorrect handling of self-linear shadow
- fix out of bounds read in FTP PWD response parser (CVE-2017-1000254)