Fedora Essential and Critical Security Patch Updates - Page 733
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behaviour is included in this update. Security issues: * Module::Signature before version 0.75 could be tricked [More...]
libtasn1 4.4 release, fixing CVE-2015-2806. GnuTLS 3.3.14 release
libtasn1 4.4 release, fixing CVE-2015-2806. GnuTLS 3.3.14 release
QtWebKit logs visited URLs to WebpageIcons.db in private browsing mode.
Update to upstream release 0.2.5.12. Update to upstream release 0.2.5.11.
QtWebKit logs visited URLs to WebpageIcons.db in private browsing mode.
- Added patch from Debian to avoid free on invalid pointer due to a buffer overflow (#1196751, #1207180) - Added patch from Debian for symlink directory traversal (#1178824) - Added patch from Debian to fix the directory traversal via //multiple/leading/slash (#1178824)
Update to latest versions of the respective branches. f20 has been updated from 2.5.x to 2.6.x because 2.5.x is EOL.
This update provides the new release 7.0.5, which resolves currently undisclosed security vulnerabilities in ownCloud. It is a minor version update and should apply without any issues or special handling, but as usual, we recommend backing up your data, configuration, and database before updating. We have also backported a post-7.0.5 fix for a 'critical' issue: [More...]
DBD::Firebird 1.19 [2015-03-22] * Fix $VERSION in Firebird.pm * Fix typo in ISC_PASSWORD spelling * Positive logic and early return
Changes since 1.24.1 * (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that contain XML entities, to prevent various DoS attacks. * (bug T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce likelihood of DoS. * (bug T88310) SECURITY: Always expand xml entities when checking SVG's. * (bug T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS.
CVE-2015-2675 rest: memory corruption when using oauth because of implicit declaration of rest_proxy_call_get_url
This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behavior is included in this update. Security issues: * Module::Signature before version 0.75 could be tricked [More...]
This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behavior is included in this update. Security issues: * Module::Signature before version 0.75 could be tricked [More...]