Fedora Essential and Critical Security Patch Updates - Page 703
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Maintenance and security release of the Drupal 6 series. This release fixes **security vulnerabilities**. Sites are [urged to upgrade immediately](https://www.drupal.org/node/1494290) after reading the notes below and the security announcement: [Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003](https://www.drupal.org/SA-CORE-2015-003) No
**See [Ctools - Critical - Multiple Vulnerabilities - SA-CONTRIB-2015-141.](https://www.drupal.org/node/2554145) **This is an incremental security and bugfix release for ctools.** Looking to fix future D6 CTools issues? Find japerry or merlinofchaos in #drupal-scotch, #drupal- contribute, or #drupal-panels -- and become a maintainer for D6 CTools. Changes
Maintenance and security release of the Drupal 6 series. This release fixes **security vulnerabilities**. Sites are [urged to upgrade immediately](https://www.drupal.org/node/1494290) after reading the notes below and the security announcement: [Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003](https://www.drupal.org/SA-CORE-2015-003) No
**See [Ctools - Critical - Multiple Vulnerabilities - SA-CONTRIB-2015-141.](https://www.drupal.org/node/2554145) **This is an incremental security and bugfix release for ctools.** Looking to fix future D6 CTools issues? Find japerry or merlinofchaos in #drupal-scotch, #drupal- contribute, or #drupal-panels -- and become a maintainer for D6 CTools. Changes
Fixed https://bugzilla.redhat.com/show_bug.cgi?id=1259563 https://bugzilla.redhat.com/show_bug.cgi?id=1259691
This is an update to the set of CA certificates version 2.5 as released with NSS version 3.19.3 However, as in previous versions of the ca-certificates package, the CA list has been modified to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details. If you prefer to use the unchanged list provided by Mozilla, and if you accept any
Update to 1.1.1 Security fix for CVE-2015-5198, CVE-2015-5199, CVE-2015-5200
libwmf-0.2.8.4-46.fc23 - Related: rhbz#1227244 CVE-2015-4696 fix patch context
- oggenc: fix large alloca on bad AIFF input (CVE-2015-6749)
rolekit-0.4.0-3.rc1.fc23 - Added support for installing roles through kickstart - Added support for providing setting values through stdin - Enabled deploying Domain Controller and Database Server with no mandatory options - New API feature: sanitize() which will remove sensitive information from the settings output (such as autogenerated passwords once they have been recorded)
- Enable libnl3 (see rhbz#1207386, rhbz#1247566) - Remove airpcap switch (doesn't have any effect on Linux) - Backport patch no. 11 - Fixed building with F24+ * Ver. 1.12.7
* CVE-2015-5225: heap memory corruption in vnc_refresh_server_surface (bz #1255899)
* (T94116) SECURITY: Compare API watchlist token in constant time * (T97391) SECURITY: Escape error message strings in thumb.php * (T106893) SECURITY: Don't leak autoblocked IP addresses on Special:DeletedContributions * (T102562) Fix InstantCommons parameters to handle the new HTTPS-only policy of Wikimedia Commons. * (T100767) Setting a configuration setting for skin or extension to
* (T94116) SECURITY: Compare API watchlist token in constant time * (T97391) SECURITY: Escape error message strings in thumb.php * (T106893) SECURITY: Don't leak autoblocked IP addresses on Special:DeletedContributions * Update jQuery from v1.11.2 to v1.11.3. * (T102562) Fix InstantCommons parameters to handle the new HTTPS-only policy of Wikimedia Commons.
Use after free in QEMU/Xen block unplug protocol [XSA-139, CVE-2015-5166] QEMU leak of uninitialized heap memory in rtl8139 device model [XSA-140, CVE-2015-5165]
* Fix crash in qemu_spice_create_display (bz #1163047) * CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536) * CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728) * CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141) * CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160) * CVE-2015-5165: rtl8139 uninitialized
This is an update to the set of CA certificates version 2.5 as released with NSS version 3.19.3 However, as in previous versions of the ca-certificates package, the CA list has been modified to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details. If you prefer to use the unchanged list provided by Mozilla, and if you accept any