Fedora Essential and Critical Security Patch Updates - Page 718
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
better fix of out of bounds read access in is_utf8_well_formed() CVE-2014-9488 out of bounds read access in is_utf8_well_formed() CVE-2014-9488
Security fix for CVE-2015-0850 CVE-2015-0850: Prevent arbitrary command execution via clone URL parameter of the method to create secondary Git repositories. Found by Ansgar Burchardt .
- Update to 1.3.11 This release is mainly fixing a number of outstanding issues and security fixes. Minor features have been added to enhance functionality and usability. Release notes: https://www.trustedfirmware.org/projects/mbed-tls/
Security fixes The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrf_cookies and gzip options (or have gzip applied by a proxy). Backwards-compatibility notes If Tornado 3.2.2 is run at the same time as older versions on the same [More...]
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS.
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS.
**2.5.12** (2015-05-27) * security #14759 CVE-2015-4050 [HttpKernel] Do not call the FragmentListener if _controller is already defined (jakzal)
**2.5.12** (2015-05-27) * security #14759 CVE-2015-4050 [HttpKernel] Do not call the FragmentListener if _controller is already defined (jakzal)
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release.
Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release.
**2.5.12** (2015-05-27) * security #14759 CVE-2015-4050 [HttpKernel] Do not call the FragmentListener if _controller is already defined (jakzal)
- Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436
Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS.