Fedora Essential and Critical Security Patch Updates - Page 726
Find the information you need for your favorite open source distribution .
Fedora 21: ikiwiki Security Update
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-6806 2015-04-24 17:58:49 -------------------------------------------------------------------------------- Name : ikiwiki Product : Fedora 21 Version : 3.20150329 Release : 1.fc21 URL : http://ikiwiki.info/ Summary : A wiki compiler Description : Ikiwiki is a wiki compiler. It converts wiki pages into HTML pages suitable for publishing on a website. Ikiwiki stores pages and history in a revision control system such as Subversion or Git. There are many other features, including support for blogging, as well as a large array of plugins. -------------------------------------------------------------------------------- Update Information: Update to the latest stable release of ikiwiki. See for the list of changes. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 20 2015 Thomas Moschny - 3.20150329-1 - Update to 3.20150329. - Minor packaging changes regarding the Python plugin. * Sun Feb 22 2015 Thomas Moschny - 3.20150107-1 - Update to 3.20150107. * Thu Dec 18 2014 Thomas Moschny - 3.20141016-1 - Update to 3.20141016. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1207210 - CVE-2015-2793 ikiwiki: cross-site scripting via openid_identifier https://bugzilla.redhat.com/show_bug.cgi?id=1207210 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ikiwiki' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/
Fedora 20: ikiwiki Security Update
Update to the latest stable release of ikiwiki. See for the list of changes.
Fedora 21: clamav Security Update
ClamAV 0.98.7 This release contains new scanning features and bug fixes. - Improvements to PDF processing: decryption, escape sequence handling, and file property collection. - Scanning/analysis of additional Microsoft Office 2003 XML format.
Fedora 21: curl Security Update
- require credentials to match for NTLM re-use (CVE-2015-3143) - fix invalid write with a zero-length host name in URL (CVE-2015-3144) - fix invalid write in cookie path sanitization code (CVE-2015-3145) - close Negotiate connections when done (CVE-2015-3148)
Fedora 20: xen Security Update
Information leak through XEN_DOMCTL_gettscinfo [XSA-132, CVE-2015-3340]
Fedora 21: xen Security Update
Information leak through XEN_DOMCTL_gettscinfo [XSA-132,CVE-2015-3340]
Fedora 22: mingw-qt5-qtbase Security Update
Fix CVE-2015-0295, CVE-2015-1858, CVE-2015-1859 and CVE-2015-1860
Fedora 20: qt3 Security Update
This update fixes CVE-2015-1860, a buffer overflow when loading some specific invalid GIF image files, which could be exploited for denial of service (application crash) and possibly even arbitrary code execution attacks. The security patch is backported from Qt 4. (Please note that Qt 3 is NOT vulnerable to the simultaneously published issues CVE-2015-1858 and CVE-2015-1859.)
Fedora 21: qt3 Security Update
This update fixes CVE-2015-1860, a buffer overflow when loading some specific invalid GIF image files, which could be exploited for denial of service (application crash) and possibly even arbitrary code execution attacks. The security patch is backported from Qt 4. (Please note that Qt 3 is NOT vulnerable to the simultaneously published issues CVE-2015-1858 and CVE-2015-1859.)
Fedora 22: pdns Security Update 2015-7018
- Update to 3.4.4 - CVE-2015-1868 Release notes: https://doc.powerdns.com/md/changelog/#powerdns-authoritative-server-344 External References:
Fedora 21: mksh Security Update
R50f is a required security and bugfix release: * Add a patch marker for vendor patch versioning to mksh.1 * SECURITY: make unset HISTFILE actually work * Document some more issues with the current history code * Remove some unused code
Fedora 21: pdns-recursor Security Update
- Update to 3.7.2 - CVE-2015-1868 External References: https://doc.powerdns.com/md/security/powerdns-advisory-2015-01/
