Fedora Essential and Critical Security Patch Updates - Page 704
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
* (T94116) SECURITY: Compare API watchlist token in constant time * (T97391) SECURITY: Escape error message strings in thumb.php * (T106893) SECURITY: Don't leak autoblocked IP addresses on Special:DeletedContributions * (T102562) Fix InstantCommons parameters to handle the new HTTPS-only policy of Wikimedia Commons. * (T100767) Setting a configuration setting for skin or extension to
This update provides fixes for vulnerabilities published with openssh-7.0 Security fix for CVE-2015-5600
Zend Framework Upstream ChangeLogs: * [Version 2.4.7]() * [Version 2.4.6]() * [Version 2.4.5]() * [Version 2.4.4]() * [Version
Zend Framework Upstream ChangeLogs: * [Version 2.4.7]() * [Version 2.4.6]() * [Version 2.4.5]() * [Version 2.4.4]() * [Version
Fix for CVE-2015-3225: Potential Denial of Service Vulnerability in Rack - Related rhbz#CVE-2015-3225 New rubygem-rack-1.6.1-1.fc22
This update fixes Denial-of-Service vulnerability in â€zoneserver†component. By making the zoneserver daemon free an invalid memory location, it was possible to terminate the zoneserver process. It is not known whether or not this bug is remotely exploitable. More details: https://samiam.org/blog/2015-08-19.html
Zend Framework Upstream ChangeLogs: * [Version 2.4.7]() * [Version 2.4.6]() * [Version 2.4.5]() * [Version 2.4.4]() * [Version
Zend Framework Upstream ChangeLogs: * [Version 2.4.7]() * [Version 2.4.6]() * [Version 2.4.5]() * [Version 2.4.4]() * [Version
## 1.20.0 (2015-08-12) * forbid access to the Twig environment from templates and internal parts of Twig_Template * fixed limited RCEs when in sandbox mode * deprecated Twig_Template::getEnvironment() * deprecated the _self variable for usage outside of the from and import tags * added Twig_BaseNodeVisitor to ease the compatibility of node visitors between 1.x and 2.x ## 1.19.0 (2015-07-31)
## 1.20.0 (2015-08-12) * forbid access to the Twig environment from templates and internal parts of Twig_Template * fixed limited RCEs when in sandbox mode * deprecated Twig_Template::getEnvironment() * deprecated the _self variable for usage outside of the from and import tags * added Twig_BaseNodeVisitor to ease the compatibility of node visitors between 1.x and 2.x ## 1.19.0 (2015-07-31)
## 6.x-1.17 Fixes #2516976: Fix security issue and make release to bring back D6 releases.
This update fixes Denial-of-Service vulnerability in â€zoneserver†component. By making the zoneserver daemon free an invalid memory location, it was possible to terminate the zoneserver process. It is not known whether or not this bug is remotely exploitable. More details: https://samiam.org/blog/2015-08-19.html
Updated to 7.39 * [Release notes](https://www.drupal.org/drupal-7.39-release-notes) * [Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2015-003](https://www.drupal.org/SA-CORE-2015-003)
This update fixes Denial-of-Service vulnerability in â€zoneserver†component. By making the zoneserver daemon free an invalid memory location, it was possible to terminate the zoneserver process. It is not known whether or not this bug is remotely exploitable. More details: https://samiam.org/blog/2015-08-19.html
This release fixes a heap overflow when compiling certain regular expressions with named refecences. This release fixes buffer overflows when compiling certain expressions.