Resolved Bugs
1209982 – CVE-2015-1855 ruby: OpenSSL extension hostname matching implementation violates RFC 6125 [fedora-all]<br
Fixes CVE-2015-1855 ruby: OpenSSL extension hostname matching implementation violates RFC 6125

Resolved Bugs
1205752 – CVE-2015-2704 realmd: untrusted data is used when configuring sssd.conf and/or smb.conf
1205753 – realmd: unauthenticated Active Directory join [fedora-all]<br
Fixes for security issues: rhbz#1205752 rhbz#1205753

Resolved Bugs
1210127 – sqlite-3.8.9 is available
1212360 – sqlite: various flaws [fedora-all]
1212353 – sqlite: use of uninitialized memory when parsing collation sequences in src/where.c
1212356 – sqlite: invalid free() in src/vdbe.c
1212357 – sqlite: stack buffer overflow in src/printf.c<br
Update of sqlite to latest upstream version, with spatialite-tools rebuild.

Resolved Bugs
1210675 – CVE-2015-1860 qt: segmentation fault in qgifhandler.cpp
1210673 – CVE-2015-1858 qt: segmentation fault in qbmphandler.cpp
1210674 – CVE-2015-1859 qt: segmentation fault in qicohandler.cpp<br
Multiple vulnerabilities were found in Qt image format handling of BMP, ICO and GIF files. The issues exposed included denial of service and buffer overflows leading to heap corruption. It is possible the latter could be used to perform remote code execution.
See also http://lists.qt-project.org/pipermail/announce/2015-April/000067.html

Resolved Bugs
1196266 – CVE-2015-2150 xen: non-maskable interrupts triggerable by guests (xsa120)
1200397 – CVE-2015-2150 xen: non-maskable interrupts triggerable by guests (xsa120) [fedora-all]
1203913 – gssproxy doesn’t function properly with kernel-3.19.1-201
1207789 – Tigon3 [partno(BCM57781) rev 57785100] support broken
1203712 – CVE-2015-2922 kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements.
1208491 – kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements. [fedora-all]<br
The 3.19.4 stable release contains a number of important fixes across the tree.

Resolved Bugs
1210127 – sqlite-3.8.9 is available
1212360 – sqlite: various flaws [fedora-all]
1212353 – sqlite: use of uninitialized memory when parsing collation sequences in src/where.c
1212356 – sqlite: invalid free() in src/vdbe.c
1212357 – sqlite: stack buffer overflow in src/printf.c<br
Update of sqlite to latest upstream version, with spatialite-tools rebuild.

Resolved Bugs
1196266 – CVE-2015-2150 xen: non-maskable interrupts triggerable by guests (xsa120)
1200397 – CVE-2015-2150 xen: non-maskable interrupts triggerable by guests (xsa120) [fedora-all]
1203913 – gssproxy doesn’t function properly with kernel-3.19.1-201
1207789 – Tigon3 [partno(BCM57781) rev 57785100] support broken
1203712 – CVE-2015-2922 kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements.
1208491 – kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements. [fedora-all]<br
The 3.19.4 stable release contains a number of important fixes across the tree.

Resolved Bugs
1211238 – CVE-2015-0844 wesnoth: information leak via built-in WML/Lua API [fedora-all]<br
http://forums.wesnoth.org/viewtopic.php?t=41872

Resolved Bugs
1114461 – CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds [fedora-all]
1094901 – cherokee: script and/or trigger should not directly enable systemd units<br
Resolves bz 1114461 – CVE-2014-4668 cherokee: authentication bypass when LDAP server allows unauthenticated binds

Resolved Bugs
1211238 – CVE-2015-0844 wesnoth: information leak via built-in WML/Lua API [fedora-all]<br
http://forums.wesnoth.org/viewtopic.php?t=41872