Fedora Linux Distribution - Page 493.75
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Patches solving CVEs in qpdf changes API, so cups-filters needed to be rebuilt with it. ---- Reverting changes from previous update
Fixes information disclosure vulnerability (CVE-2016-6814)
Fix use-after-free and heap buffer overflow vulnerabilities (CVE-2017-10686, CVE-2017-11111)
Fix use-after-free and heap buffer overflow vulnerabilities (CVE-2017-10686, CVE-2017-11111)
Fixes information disclosure vulnerability (CVE-2016-6814)
This release consists of bugfixes and minor portability improvements. Some potential buffer overflows and arithmetic overflows were fixed, including CVE-2017-12067. A bug triggered by very large bitmaps has been fixed.
Adding patches for CVEs in qpdf does binary incompatibility, so cups-filters needed to be rebuilt.
Adding patches for CVEs in qpdf does binary incompatibility, so cups-filters needed to be rebuilt.
New upstream release. This is a security release with a fix for CVE-2017-12425, a crash bug that might be used in a denial of service attack. Details from the upstream project are found here: http://varnish-cache.org/security/VSV00001.html
This update includes the latest stable release of _Apache Subversion_, version **1.9.7**. #### Client-side bugfixes: * Fix arbitrary code execution vulnerability CVE-2017-9800 See for details.
The 4.12.5 stable kernel update contains a number of important fixes across the tree.
rebase: update to 9.6.4, security fix for CVE-2017-7546 CVE-2017-7547 CVE-2017-7548 Per release notes: https://www.postgresql.org/docs/9.6/release-9-6-4.html
Security fixes for CVE-2017-1000100 and CVE-2017-1000101
Security fix for CVE-2017-2885 (stack based buffer overflow with HTTP Chunked Encoding).
Resolve an arbitrary code execution vulnerability via crafted "ssh://" URL (CVE-2017-1000117). From the [release announcement](https://public-inbox.org/git/This email address is being protected from spambots. You need JavaScript enabled to view it./): A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the
Update to Version 3.20.0. Security fix for CVE-2017-7000