Fedora Linux Distribution - Page 550.9
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
This update updates QtWebEngine to the 5.8.0 release. QtWebEngine 5.8.0 is part of the Qt 5.8.0 release, but only the QtWebEngine component is included in this update. The update fixes the following security issues in QtWebEngine 5.7.1: CVE-2016-5182, CVE-2016-5183, CVE-2016-5189, CVE-2016-5199, CVE-2016-5201, CVE-2016-5203, CVE-2016-5204, CVE-2016-5205, CVE-2016-5206, CVE-2016-5208,
New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. - Miscellaneous RemoteFX codec mode improvements. - Socket directory is
New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. - Miscellaneous RemoteFX codec mode improvements. - Socket directory is
This update updates QtWebEngine to the 5.8.0 release. QtWebEngine 5.8.0 is part of the Qt 5.8.0 release, but only the QtWebEngine component is included in this update. The update fixes the following security issues in QtWebEngine 5.7.1: CVE-2016-5182, CVE-2016-5183, CVE-2016-5189, CVE-2016-5199, CVE-2016-5201, CVE-2016-5203, CVE-2016-5204, CVE-2016-5205, CVE-2016-5206, CVE-2016-5208,
* Update to upstream release **1.2.57**. * Fixes **CVE-2016-10087**.
* (T109140) (T122209) Special:UserLogin and Special:Search allow redirect to interwiki links. (CVE-2017-0363, CVE-2017-0364) * (T144845) XSS in SearchHighlighter::highlightText() when $wgAdvancedSearchHighlighting is true. (CVE-2017-0365) * (T125177) API parameters may now be marked as "sensitive" to keep their values out of the logs. (CVE-2017-0361) * (T150044) "Mark all
* Update to upstream release **1.2.57**. * Fixes **CVE-2016-10087**.
Fix a nss_wins crash ---- Security fix for CVE-2017-2619
Release 0.4.8 (no ABI or API changes) * Add PHP7 compatibility * Fix C++ output of disassembler * Fix heap overflows in parser.c (CVE-2017-7578) * Avoid division by zero in listmp3 when no valid frame was found (CVE-2016-9265) * Don't try printing unknown block (CVE-2016-9828) * Parse Protect tag's Password as string (CVE-2016-9827) * Check values before deriving malloc
The 4.10.9 stable kernel update contains a number of important fixes across the tree.
* updated to 1.0.28 * fixes possible buffer overflow when parsing crafted ID3 tags (#1440758, CVE-2017-7586) * fixes possible buffer overflow when parsing crafted flac file (#1440756, CVE-2017-7585)
Security fix for: * **CVE-2017-7592** * **CVE-2017-7593** * **CVE-2017-7594** * **CVE-2017-7595** * **CVE-2017-7596** * **CVE-2017-7597** * **CVE-2017-7598** * **CVE-2017-7599** * **CVE-2017-7600** * **CVE-2017-7601** * **CVE-2017-7602**
Qemu: 9pfs: host memory leakage via v9fs_create [CVE-2017-7377] (#1437873) ---- add additional patch for [XSA-206] (#1436690) ---- xenstore denial of service via repeated update [XSA-206] (#1436690)
The 4.10.9 stable kernel update contains a number of important fixes across the tree.
* updated to 1.0.28 * fixes possible buffer overflow when parsing crafted ID3 tags (#1440758, CVE-2017-7586) * fixes possible buffer overflow when parsing crafted flac file (#1440756, CVE-2017-7585)
Security fix for: * **CVE-2017-7592** * **CVE-2017-7593** * **CVE-2017-7594** * **CVE-2017-7595** * **CVE-2017-7596** * **CVE-2017-7597** * **CVE-2017-7598** * **CVE-2017-7599** * **CVE-2017-7600** * **CVE-2017-7601** * **CVE-2017-7602**
Current upstream maintenance release for the 1.3.5 series. Includes fix for CVE-2017-7418, where not all path elements were checked for symlinks when using a chroot, so attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.
Security fix for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053
New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. - Miscellaneous RemoteFX codec mode improvements. - Socket directory is
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.