Fedora Essential and Critical Security Patch Updates - Page 715
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Bump to openvas8 because of the issues found in previous versions. This should be the first version with scanner really working on Fedora.
Bump to openvas8 because of the issues found in previous versions. This should be the first version with scanner really working on Fedora.
Bump to openvas8 because of the issues found in previous versions. This should be the first version with scanner really working on Fedora.
**1.1.20** - 9 June 2015. Fix for a potential security vulnerability arising from unescaped double-quote character in single-quoted attribute value of some deprecated elements when tag transformation is enabled; recognition for non-(HTML4) standard 'allowfullscreen' attribute of 'iframe.'
Latest upstream with security fix for https://seclists.org/oss-sec/2015/q2/3 https://github.com/jpadilla/pyjwt/commit/88a9fc56bdc6c870aa6af93bda401414a217db2a
Latest upstream with security fix for https://seclists.org/oss-sec/2015/q2/3 https://github.com/jpadilla/pyjwt/commit/88a9fc56bdc6c870aa6af93bda401414a217db2a
**1.1.20** - 9 June 2015. Fix for a potential security vulnerability arising from unescaped double-quote character in single-quoted attribute value of some deprecated elements when tag transformation is enabled; recognition for non-(HTML4) standard 'allowfullscreen' attribute of 'iframe.'
Security fix for CVE-2015-3224. Please note that since the security fix was not really backportable, I opted in for rebase.
The 4.0.6 stable update contains a number of important fixes across the tree.
Heap overflow in QEMU PCNET controller, allowing guest->host escape [XSA-135, CVE-2015-3209] (#1230537) GNTTABOP_swap_grant_ref operation misbehavior [XSA-134, CVE-2015-4163] vulnerability in the iret hypercall handler [XSA-136, CVE-2015-4164] Potential unintended writes to host MSI message data field via qemu
Heap overflow in QEMU PCNET controller, allowing guest->host escape [XSA-135, CVE-2015-3209]. GNTTABOP_swap_grant_ref operation misbehavior [XSA-134, CVE-2015-4163]. vulnerability in the iret hypercall handler [XSA-136, CVE-2015-4164].
stubs-32.h is back, so revert to previous behaviour. Heap overflow in QEMU PCNET controller, allowing guest->host escape [XSA-135, CVE-2015-3209]. GNTTABOP_swap_grant_ref operation misbehavior [XSA-134, CVE-2015-4163]. vulnerability in the iret hypercall handler [XSA-136, CVE-2015-4164].
CVE-2015-0848 heap overflow when decoding BMP images CVE-2015-0848 heap overflow when decoding BMP images
- implement public key pinning for NSS backend (#1195771) - fix lingering HTTP credentials in connection re-use (CVE-2015-3236) - prevent SMB from sending off unrelated memory contents (CVE-2015-3237) - curl-config --libs now works on x86_64 without libcurl-devel.x86_64 (#1228363)
Multiple moderate and low impact security issues fixed.
Upstream stable release of xserver 1.17.2 fix bug with glamor and overlapping copies (CVE-2015-3164) Due to an omission in authentication setup, the XWayland server would start up in non-authenticating mode, meaning that any client with access to the server's UNIX socket was able to connect to the server and use it as a regular client. https://lists.freedesktop.org/archives/wayland-devel/2015-June/ [More...]