New Firefox release – 34.0.
Monthly Archives: December 2014
Fedora 21 Security Update: antiword-0.37-17.fc21
Fedora 21 Security Update: cpio-2.11-33.fc21
Fedora 21 Security Update: flac-1.3.1-1.fc21
Resolved Bugs
1169698 – CVE-2014-9028 CVE-2014-8962 flac: various flaws [fedora-all]
1167236 – CVE-2014-8962 flac: Heap buffer read overflow when processing ID3V2 metadata
1167741 – CVE-2014-9028 flac: Heap buffer write overflow in read_residual_partitioned_rice_<br
Security fix for CVE-2014-9028, CVE-2014-8962
Fedora 21 Security Update: perl-YAML-LibYAML-0.54-1.fc21
Resolved Bugs
1169369 – CVE-2014-9130 libyaml: assert failure when processing wrapped strings
1169750 – CVE-2014-9130 perl-YAML-LibYAML: libyaml: assert failure when processing wrapped strings [fedora-all]<br
An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.
Fedora 21 Security Update: dbus-1.8.12-1.fc21
Resolved Bugs
1168438 – Update to 1.8.12
1142581 – CVE-2014-3638 CVE-2014-3639 CVE-2014-3636 CVE-2014-3637 CVE-2014-3635 dbus: various flaws [fedora-all]
1140523 – CVE-2014-3635 dbus: heap-based buffer overflow flaw in file descriptor passing
1140525 – CVE-2014-3636 dbus: denial of service by queuing or splitting file descriptors
1140527 – CVE-2014-3637 dbus: denial of service by creating unkillable D-Bus connections
1140529 – CVE-2014-3638 dbus: denial of service in method call handling
1140532 – CVE-2014-3639 dbus: denial of service flaw in incomplete connection handling<br
Update to 1.8.12 (#1168438)
* Fixes CVE-2014-3635 (fd.o#83622)
* Fixes CVE-2014-3636 (fd.o#82820)
* Fixes CVE-2014-3637 (fd.o#80559)
* Fixes CVE-2014-3638 (fd.o#81053)
* Fixes CVE-2014-3639 (fd.o#80919)
* Fixes CVE-2014-7824 (fd.o#85105)
Fedora 21 Security Update: mingw-flac-1.3.1-1.fc21
Resolved Bugs
1169699 – CVE-2014-9028 CVE-2014-8962 mingw-flac: various flaws [fedora-all]
1167236 – CVE-2014-8962 flac: Heap buffer read overflow when processing ID3V2 metadata
1167741 – CVE-2014-9028 flac: Heap buffer write overflow in read_residual_partitioned_rice_<br
Security fix for CVE-2014-9028, CVE-2014-8962
RHBA-2014:1930-1: openstack-heat bug fix advisory
Red Hat Enterprise Linux: Updated OpenStack Orchestration packages that resolve various issues
are now available for Red Hat Enterprise Linux OpenStack Platform 5.0
(Icehouse) for RHEL 7.
RHBA-2014:1929-1: python-django-horizon bug fix update
Red Hat Enterprise Linux: Updated OpenStack Dashboard packages that resolve various issues are now
available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse)
for RHEL 7.
RHBA-2014:1928-1: python-django-horizon bug fix update
Red Hat Enterprise Linux: Updated OpenStack Dashboard packages that resolve various issues are now
available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse)
for RHEL 6.