Fedora Essential and Critical Security Patch Updates - Page 730
Find the information you need for your favorite open source distribution .
Fedora 22: php Security Update 2015-6195
16 Apr 2015, **PHP 5.6.8** Core: * Fixed bug #66609 (php crashes with __get() and ++ operator in some cases). (Dmitry, Laruence) * Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8 characters). (Tjerk) * Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai)
Fedora 22: krb5 Security Update 2015-5949
Security fix for CVE-2014-5353 (this was fixed in an older build but the announcement was lost)
Fedora 21: spatialite-tools Security Update
Update of sqlite to latest upstream version, with spatialite-tools rebuild.
Fedora 21: sqlite Security Update
Update of sqlite to latest upstream version, with spatialite-tools rebuild.
Fedora 20: kernel Security Update
The 3.19.4 stable release contains a number of important fixes across the tree.
Fedora 22: chrony Security Update 2015-5748
Security fix for CVE-2015-1853, CVE-2015-1821, CVE-2015-1822
Fedora 22: cherokee Security Update
Resolves bz 1114461 - CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds
Fedora 20: python Security Update
Security fix for CVE-2013-1752 multiple unbound readline() DoS flaws in python stdlib following fixes (which all relates to this CVE) are in this patch:
Fedora 22: mediawiki Security Update 2015-5511
Changes since 1.24.1 * (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that contain XML entities, to prevent various DoS attacks. * (bug T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce likelihood of DoS. * (bug T88310) SECURITY: Always expand xml entities when checking SVG's. * (bug T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS.
Fedora 21: ceph-deploy Security Update
Update to ceph-deploy 1.5.23. This fixes CVE-2015-3010 (keyring permissions are world readable in ~ceph). See [upstream changelog]() for detailed changes.
Fedora 21: libzip Security Update
CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)
Fedora 22: postgis Security Update
Update to latest release, which includes security fixes. Update to 2.1.6, per changes described at: enable json-c for postigs, but disable it for upgrade part Rebuild for Proj 4.9.1
Fedora 22: jython Security Update
Security fix for CVE-2013-1752 and update to latest upstream release of jython.
