Fedora Linux Distribution - Page 556.25
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
**Changes in version 1.3.5** * Security Fixes: * Fix possible authentication bypass in validateCAS20 [#228] (Gregory Boddin) * Bug Fixes: * Fix file permissions (non-executable) [#177] (Remi Collet) * Fixed translations Greek and Japanese [#192] (ikari7789) * Fix errors under phpdbg [#204] (MasonM) * Fix logout replication error [#213] (Gregory Boddin) *
Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138
Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138
Fix CVE-2017-7401 collectd: Infinite loop due to incorrect interaction of parse_packet() and parse_part_sign_sha256() functions. This is a bug in the network plugin.
Current upstream maintenance release for the 1.3.5 series. Includes fix for CVE-2017-7418, where not all path elements were checked for symlinks when using a chroot, so attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.
Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138
Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138
Update to latest upstream release, includes several security related fixes.
* chardev data is dropped when host side closed (bz #1352977) * CVE-2016-8667: dma: divide by zero error in set_next_tick (bz #1384876) * IPv6 DNS problems in qemu user networking (bz #1401165) * Fix crash in qxl memslot_get_virt (bz #1405847) * CVE-2017-5579: serial: fix memory leak in serial exit (bz #1416161) * spec: Pull in ipxe/vgabios links via -common package (bz #1431403) * Clean up
Release 0.4.8 (no ABI or API changes) * Add PHP7 compatibility * Fix C++ output of disassembler * Fix heap overflows in parser.c (CVE-2017-7578) * Avoid division by zero in listmp3 when no valid frame was found (CVE-2016-9265) * Don't try printing unknown block (CVE-2016-9828) * Parse Protect tag's Password as string (CVE-2016-9827) * Check values before deriving malloc
Security fix for [CVE-2017-7207](https://bugzilla.redhat.com/show_bug.cgi?id=1434353).