Fedora Essential and Critical Security Patch Updates - Page 734
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Contains security fix for CVE-2015-0261, CVE-2015-2154, CVE-2015-2153, CVE-2015-2155.
Security fix for CVE-2015-1806, CVE-2015-1807, CVE-2015-1813, CVE-2015-1812, CVE-2015-1810, CVE-2015-1808, CVE-2015-1809, CVE-2015-1814, CVE-2015-1811
Security fix for CVE-2013-1752 multiple unbound readline() DoS flaws in python stdlib following fixes (which all relates to this CVE) are in this patch: * poplib: limit maximum line length that we read from the network #16041 * smtplib: limit amount read from the network #16042
CVE-2015-2675 rest: memory corruption when using oauth because of implicit declaration of rest_proxy_call_get_url
This update provides the new release 7.0.5, which resolves currently undisclosed security vulnerabilities in ownCloud. It is a minor version update and should apply without any issues or special handling, but as usual, we recommend backing up your data, configuration, and database before updating. We have also backported a post-7.0.5 fix for a 'critical' issue: [More...]
Changes since 1.23.8 * (bug T85848, bug T71210) SECURITY: Don't parse XMP blocks that contain XML entities, to prevent various DoS attacks. * (bug T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce likelihood of DoS. * (bug T88310) SECURITY: Always expand xml entities when checking SVG's. * (bug T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS.
Update to latest release, which includes security fixes. Update to 2.1.6, per changes described at: enable json-c for postigs, but disable it for upgrade part Rebuild for Proj 4.9.1
This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behavior is included in this update. Security issues: * Module::Signature before version 0.75 could be tricked [More...]
**2.5.11** (2015-04-01) * security #14167 CVE-2015-2308 (nicolas-grekas) * security #14166 CVE-2015-2309 (neclimdul)
This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behavior is included in this update. Security issues: * Module::Signature before version 0.75 could be tricked [More...]