Fedora Essential and Critical Security Patch Updates - Page 728
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
- require credentials to match for NTLM re-use (CVE-2015-3143) - fix invalid write in cookie path sanitization code (CVE-2015-3145) - close Negotiate connections when done (CVE-2015-3148)
Zarafa Collaboration Platform 7.1.12 final [48726] * ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option * ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions * ZCP-10578: missing prerequisites for the reverse proxy in the administrator manual
This update addresses a security vulnerability identified as CVE-2015-1863 . More information on this vulnerability is provided by upstream at https://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt . An extract: Attacker (or a system controlled by the attacker) needs to be within radio range of the vulnerable system to send a suitably constructed management frame that triggers a P2P pe [More...]
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
16 Apr 2015, **PHP 5.5.24** Apache2handler: * Fixed bug #69218 (potential remote code execution with apache 2.4 apache2handler). (Gerrit Venema) Core: * Fixed bug #66609 (php crashes with __get() and ++ operator in some cases). (Dmitry, Laruence)
Zarafa Collaboration Platform 7.1.12 final [48726] * ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option * ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions * ZCP-10578: missing prerequisites for the reverse proxy in the administrator manual
Update of sqlite to latest upstream version, with spatialite-tools rebuild.
Update of sqlite to latest upstream version, with spatialite-tools rebuild.
Information leak through XEN_DOMCTL_gettscinfo [XSA-132, CVE-2015-3340]
R50f is a required security and bugfix release: * Add a patch marker for vendor patch versioning to mksh.1 * SECURITY: make unset HISTFILE actually work * Document some more issues with the current history code * Remove some unused code
Multiple vulnerabilities were found in Qt image format handling of BMP, ICO and GIF files. The issues exposed included denial of service and buffer overflows leading to heap corruption. It is possible the latter could be used to perform remote code execution. See also https://lists.qt-project.org/pipermail/announce/2015-April/000067.html
Update to Samba 4.2.1 Fix libwbclient.so alternatives bug Fix systemd compatibility bug