Resolved Bugs
1204795 – qt5-qtwebkit: QtWebKit logs visited URLs to WebpageIcons.db in private browsing mode<br
QtWebKit logs visited URLs to WebpageIcons.db in private browsing mode.

Resolved Bugs
1201773 – CVE-2015-0778 osc: osc _service file shell injection flaw
1201774 – CVE-2015-0778 osc: osc _service file shell injection flaw [fedora-all]<br
Security fix for CVE-2015-0778

Resolved Bugs
1205130 – quassel: incorrect message splitting leading to DoS
1145936 – quassel-0.11.0 is available
1205131 – quassel: incorrect message splitting leading to DoS [fedora-all]<br
Security fix BZ1205130 – patch for CTCP Denial of Service
New upstream release of Quassel IRC Client

Resolved Bugs
1194196 – glpi: privilege escalation via user creation with a crafted POST request
1194197 – glpi: privilege escalation via user creation with a crafted POST request [fedora-all]<br
* Fix privilege escalation via user creation with a crafted POST request

Resolved Bugs
1204823 – owncloud: new security issues fixed upstream in 6.0.7 and 7.0.5 [epel-all]
1204821 – owncloud: new security issues fixed upstream in 6.0.7 and 7.0.5<br
This update provides the new release 7.0.5, which resolves currently undisclosed security vulnerabilities in ownCloud.
It is a minor version update and should apply without any issues or special handling, but as usual, we recommend backing up your data, configuration, and database before updating.
We have also backported a post-7.0.5 fix for a ‘critical’ issue: https://github.com/owncloud/core/issues/14843 .

Resolved Bugs
1200059 – CVE-2014-9472 rt: denial of service flaw in email gateway
1200062 – CVE-2014-9472 rt: denial of service flaw in email gateway [fedora-21]
1200065 – CVE-2015-1165 rt: information disclosure flaw in RSS feed handler
1200066 – CVE-2015-1165 rt: information disclosure flaw in RSS feed handler [fedora-21]
1200069 – CVE-2015-1464 rt: session hijaking flaw in RSS feed handler
1200070 – CVE-2015-1464 rt: session hijaking flaw in RSS feed handler [fedora-21]<br
Security fix for CVE-2014-9472
Security fix for CVE-2015-1165
Security fix for CVE-2015-1464

Resolved Bugs
1204676 – CVE-2015-2331 php: libzip: integer overflow when processing ZIP archives
1204678 – CVE-2015-2331 mingw-libzip: php: libzip: integer overflow when processing ZIP archives [fedora-all]<br
Security fix for CVE-2015-2331.

Resolved Bugs
1205130 – quassel: incorrect message splitting leading to DoS
1205131 – quassel: incorrect message splitting leading to DoS [fedora-all]
1145936 – quassel-0.11.0 is available<br
Security fix BZ1205130 – patch for CTCP Denial of Service
New upstream release of Quassel IRC Client

Resolved Bugs
1204829 – PyYAML: assert failure when processing wrapped strings
1204830 – PyYAML: assert failure when processing wrapped strings [fedora-all]<br
Security fix for CVE-2014-9130

Resolved Bugs
1107556 – CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled [fedora-all]
1090976 – CVE-2014-0191 libxml2: external parameter entity loaded when entity substitution is disabled<br
fixes built in also added a couple of other entities related
pacthes including a fix to CVE-2014-3660