Fedora Essential and Critical Security Patch Updates - Page 728
Find the information you need for your favorite open source distribution .
Fedora 20: curl Security Update
- require credentials to match for NTLM re-use (CVE-2015-3143) - fix invalid write in cookie path sanitization code (CVE-2015-3145) - close Negotiate connections when done (CVE-2015-3148)
Fedora 20: zarafa Security Update 2015-5864
Zarafa Collaboration Platform 7.1.12 final [48726] * ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option * ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions * ZCP-10578: missing prerequisites for the reverse proxy in the administrator manual
Fedora 21: wpa_supplicant Security Update 2015-6860
This update addresses a security vulnerability identified as CVE-2015-1863 . More information on this vulnerability is provided by upstream at https://w1.fi/security/2015-1/wpa_supplicant-p2p-ssid-overflow.txt . An extract: Attacker (or a system controlled by the attacker) needs to be within radio range of the vulnerable system to send a suitably constructed management frame that triggers a P2P pe [More...]
Fedora 21: cherokee Security Update
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
Fedora 20: cherokee Security Update
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
Fedora 20: php Security Update
16 Apr 2015, **PHP 5.5.24** Apache2handler: * Fixed bug #69218 (potential remote code execution with apache 2.4 apache2handler). (Gerrit Venema) Core: * Fixed bug #66609 (php crashes with __get() and ++ operator in some cases). (Dmitry, Laruence)
Fedora 21: zarafa Security Update 2015-5823
Zarafa Collaboration Platform 7.1.12 final [48726] * ZCP-10149: Include Documentation hint for usage of NFS and -o nolock option * ZCP-10233: Zarafa-mr-accept script complains in certain cases about php timezone functions * ZCP-10578: missing prerequisites for the reverse proxy in the administrator manual
Fedora 20: spatialite-tools Security Update
Update of sqlite to latest upstream version, with spatialite-tools rebuild.
Fedora 20: sqlite Security Update
Update of sqlite to latest upstream version, with spatialite-tools rebuild.
Fedora 22: xen Security Update
Information leak through XEN_DOMCTL_gettscinfo [XSA-132, CVE-2015-3340]
Fedora 22: mksh Security Update
R50f is a required security and bugfix release: * Add a patch marker for vendor patch versioning to mksh.1 * SECURITY: make unset HISTFILE actually work * Document some more issues with the current history code * Remove some unused code
Fedora 21: qt5-qtbase Security Update
Multiple vulnerabilities were found in Qt image format handling of BMP, ICO and GIF files. The issues exposed included denial of service and buffer overflows leading to heap corruption. It is possible the latter could be used to perform remote code execution. See also https://lists.qt-project.org/pipermail/announce/2015-April/000067.html
Fedora 22: samba Security Update 2015-6842
Update to Samba 4.2.1 Fix libwbclient.so alternatives bug Fix systemd compatibility bug
