Resolved Bugs
1220519 – kernel/sched/core.c:7291 __might_sleep+0x87/0x90()
1200353 – regression in ktime.h breaks infrared IR blaster/transmitter after upgrade to Fedora 21
1214474 – Mouse capture issues when running in vmware<br
The 4.0.4-303 update contains a fix for a namespace crash issue.

Resolved Bugs
1174077 – CVE-2014-8109 httpd: LuaAuthzProvider argument handling issue
1174078 – CVE-2014-8109 httpd: LuaAuthzProvider argument handling issue [fedora-all]<br
Update to new version 2.4.12.

Resolved Bugs
1224129 – CVE-2015-4053 ceph-deploy admin command copies keyring file to /etc/ceph which is world readable<br
Update to ceph-deploy 1.5.25 (CVE-2015-4053). See the [upstream changelog](http://ceph.com/ceph-deploy/docs/changelog.html) for more details.

Resolved Bugs
1191203 – fossil: version 1.30 is available with CVE-2014-3566 (POODLE) fixed<br
Update to latest release

Resolved Bugs
1224448 – CVE-2015-4000 nss: LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks [fedora-all]
1214732 – nss-3.19.1 is available
1223211 – CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks<br
Security fix for CVE-2015-4000
Update to the upstream NSS 3.19.1 release, which includes a fix for the recently published logjam attack.
The previous 3.19 release made several notable changes related to the TLS protocol, one of them was to disable the SSL 3 protocol by default.
For the full list of changes in the 3.19 and 3.19.1 releases, please refer to the upstream release notes documents:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19_release_notes

Resolved Bugs
1220519 – kernel/sched/core.c:7291 __might_sleep+0x87/0x90()
1200353 – regression in ktime.h breaks infrared IR blaster/transmitter after upgrade to Fedora 21<br
The 4.0.4-202 update contains a fix for a namespace crash issue.

CVE-2015-0850: Prevent arbitrary command execution via clone URL parameter of the method to create secondary Git repositories. Found by Ansgar Burchardt .

Resolved Bugs
1224448 – CVE-2015-4000 nss: LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks [fedora-all]
1214732 – nss-3.19.1 is available
1223211 – CVE-2015-4000 LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks<br
Security fix for CVE-2015-4000
Update to the upstream NSS 3.19.1 release, which includes a fix for the recently published logjam attack.
The previous 3.19 release made several notable changes related to the TLS protocol, one of them was to disable the SSL 3 protocol by default.
For the full list of changes in the 3.19 and 3.19.1 releases, please refer to the upstream release notes documents:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.1_release_notes
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19_release_notes

Resolved Bugs
1224129 – CVE-2015-4053 ceph-deploy admin command copies keyring file to /etc/ceph which is world readable<br
Update to ceph-deploy 1.5.25 (CVE-2015-4053). See the [upstream changelog](http://ceph.com/ceph-deploy/docs/changelog.html) for more details.