Fedora Essential and Critical Security Patch Updates - Page 718
Find the information you need for your favorite open source distribution .
Fedora 21: less Security Update
better fix of out of bounds read access in is_utf8_well_formed() CVE-2014-9488 out of bounds read access in is_utf8_well_formed() CVE-2014-9488
Fedora 21: fusionforge Security Update
Security fix for CVE-2015-0850 CVE-2015-0850: Prevent arbitrary command execution via clone URL parameter of the method to create secondary Git repositories. Found by Ansgar Burchardt .
Fedora 22: mbedtls Security Update 2015-9607
- Update to 1.3.11 This release is mainly fixing a number of outstanding issues and security fixes. Minor features have been added to enhance functionality and usability. Release notes: https://www.trustedfirmware.org/projects/mbed-tls/
Fedora 22: python-tornado Security Update
Security fixes The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrf_cookies and gzip options (or have gzip applied by a proxy). Backwards-compatibility notes If Tornado 3.2.2 is run at the same time as older versions on the same [More...]
Fedora 22: dcraw Security Update
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS.
Fedora 20: dcraw Security Update
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS.
Fedora 21: php-symfony Security Update
**2.5.12** (2015-05-27) * security #14759 CVE-2015-4050 [HttpKernel] Do not call the FragmentListener if _controller is already defined (jakzal)
Fedora 22: php-symfony Security Update
**2.5.12** (2015-05-27) * security #14759 CVE-2015-4050 [HttpKernel] Do not call the FragmentListener if _controller is already defined (jakzal)
Fedora 22: ufraw Security Update
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release.
Fedora 21: ipsec-tools Security Update
Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id
Fedora 20: ufraw Security Update
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release.
Fedora 20: php-symfony Security Update
**2.5.12** (2015-05-27) * security #14759 CVE-2015-4050 [HttpKernel] Do not call the FragmentListener if _controller is already defined (jakzal)
Fedora 21: zarafa Security Update
- Upgrade to 7.1.12 (re-released) - Backported patch from Zarafa 7.2 to fix CVE-2015-3436
Fedora 20: ipsec-tools Security Update
Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id
Fedora 21: dcraw Security Update
This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates dcraw to version 9,25.0 which contains updated color matrices and supports the Canon EOS 5DS.
