Fedora Linux Distribution
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Fixes CVE-2018-3258 Connector/J unspecified vulnerability (CPU October 2018)
Update to version 2.17. Fixes a low-severity (crash) security issue.
**MySQL 8.0.13** Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-13.html CVEs fixed: CVE-2018-3276 CVE-2018-3200 CVE-2018-3137 CVE-2018-3284 CVE-2018-3195 CVE-2018-3173 CVE-2018-3212 CVE-2018-3279 CVE-2018-3162 CVE-2018-3247 CVE-2018-3156 CVE-2018-3161 CVE-2018-3278 CVE-2018-3174 CVE-2018-3282
Fixes CVE-2018-3258 Connector/J unspecified vulnerability (CPU October 2018)
**Version 1.3.8** This is a service release to update the stable version 1.3 of Roundcube Webmail. It contains fixes to several bugs backported from the master branch including a security fix for a reported XSS vulnerability plus updates to ensure compatibility with PHP 7.3 and recent versions of Courier-IMAP, Dovecot and MySQL 8. See the complete changelog below. **Changelog** - Fix PHP
**Version 1.3.6** **Security Fixes:** * Fix XSS in proxy mode [#271] (Joachim Fritschi) **Bug Fixes:** * Fix bad condition [#252] (Brice Vercoustre) * Hash ticket strings to generate valid-length session-ids [#224, #244, #248] (Adam Franco) * Fix "phpCAS" class capitalization in code [#273, #277] (phy25) **Improvement:** * Remove fallback for __autoload [#247]
**Version 1.3.6** **Security Fixes:** * Fix XSS in proxy mode [#271] (Joachim Fritschi) **Bug Fixes:** * Fix bad condition [#252] (Brice Vercoustre) * Hash ticket strings to generate valid-length session-ids [#224, #244, #248] (Adam Franco) * Fix "phpCAS" class capitalization in code [#273, #277] (phy25) **Improvement:** * Remove fallback for __autoload [#247]
**Version 1.3.6** **Security Fixes:** * Fix XSS in proxy mode [#271] (Joachim Fritschi) **Bug Fixes:** * Fix bad condition [#252] (Brice Vercoustre) * Hash ticket strings to generate valid-length session-ids [#224, #244, #248] (Adam Franco) * Fix "phpCAS" class capitalization in code [#273, #277] (phy25) **Improvement:** * Remove fallback for __autoload [#247]
- ifcfg: fix crash parsing DNS entries (rh #1607866) - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688)
- SASL password overflow via integer overflow (CVE-2018-16839) - fix use-after- free in handle close (CVE-2018-16840) - fix bad arethmetic when outputting warnings to stderr (CVE-2018-16842)