Fedora Essential and Critical Security Patch Updates - Page 730
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
16 Apr 2015, **PHP 5.6.8** Core: * Fixed bug #66609 (php crashes with __get() and ++ operator in some cases). (Dmitry, Laruence) * Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8 characters). (Tjerk) * Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai)
Security fix for CVE-2014-5353 (this was fixed in an older build but the announcement was lost)
Update of sqlite to latest upstream version, with spatialite-tools rebuild.
Update of sqlite to latest upstream version, with spatialite-tools rebuild.
The 3.19.4 stable release contains a number of important fixes across the tree.
Security fix for CVE-2015-1853, CVE-2015-1821, CVE-2015-1822
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
Security fix for CVE-2013-1752 multiple unbound readline() DoS flaws in python stdlib following fixes (which all relates to this CVE) are in this patch:
Changes since 1.24.1 * (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that contain XML entities, to prevent various DoS attacks. * (bug T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce likelihood of DoS. * (bug T88310) SECURITY: Always expand xml entities when checking SVG's. * (bug T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS.
Update to ceph-deploy 1.5.23. This fixes CVE-2015-3010 (keyring permissions are world readable in ~ceph). See [upstream changelog]() for detailed changes.
CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)
Update to latest release, which includes security fixes. Update to 2.1.6, per changes described at: enable json-c for postigs, but disable it for upgrade part Rebuild for Proj 4.9.1
Security fix for CVE-2013-1752 and update to latest upstream release of jython.