Resolved Bugs
1158518 – CVE-2014-8354 ImageMagick: out-of-bounds memory access in resize code
1158520 – CVE-2014-8354 ImageMagick: out-of-bounds memory access in resize code [fedora-all]
1158523 – CVE-2014-8355 ImageMagick: out-of-bounds memory access in PCX parser
1158524 – CVE-2014-8355 ImageMagick: out-of-bounds memory access in PCX parser [fedora-all]
1195260 – ImageMagick: denial of service flaw in HDR file processing
1195263 – ImageMagick: denial of service flaw in HDR file processing [fedora-all]
1195265 – ImageMagick: denial of service flaw in MIFF file processing
1195267 – ImageMagick: denial of service flaw in MIFF file processing [fedora-all]
1195269 – ImageMagick: denial of service flaw in PDB file processing
1195270 – ImageMagick: denial of service flaw in PDB file processing [fedora-all]
1195271 – ImageMagick: denial of service flaw in VICAR file processing
1195274 – ImageMagick: denial of service flaw in VICAR file processing [fedora-all]<br
Security fix for CVE-2014-8354,CVE-2014-8355 and 4 other security issues
Security fix for CVE-2014-8354 and CVE-2014-8355
Category Archives: Fedora
Fedora – Security Updates
Fedora 22 Security Update: python-django-1.8-0.6.b2.fc22
1.8b2 snapshot and security fix
Fedora 20 Security Update: xen-4.3.3-12.fc20
Resolved Bugs
1201365 – CVE-2015-2152 xen: HVM qemu unexpectedly enabling emulated VGA graphics backends (XSA 119) [fedora-all]
1200724 – CVE-2015-2152 xen: HVM qemu unexpectedly enabling emulated VGA graphics backends (XSA 119)
1200398 – CVE-2015-2151 xen: hypervisor memory corruption due to x86 emulator flaw (xsa123) [fedora-all]
1196274 – CVE-2015-2151 xen: hypervisor memory corruption due to x86 emulator flaw (xsa123)<br
HVM qemu unexpectedly enabling emulated VGA graphics backends [XSA-119, CVE-2015-2152]
Hypervisor memory corruption due to x86 emulator flaw [XSA-123, CVE-2015-2151]
Information leak via internal x86 system device emulation,
Information leak through version information hypercall
Fedora 21 Security Update: xen-4.4.1-15.fc21
Resolved Bugs
1201365 – CVE-2015-2152 xen: HVM qemu unexpectedly enabling emulated VGA graphics backends (XSA 119) [fedora-all]
1200724 – CVE-2015-2152 xen: HVM qemu unexpectedly enabling emulated VGA graphics backends (XSA 119)
1200398 – CVE-2015-2151 xen: hypervisor memory corruption due to x86 emulator flaw (xsa123) [fedora-all]
1196274 – CVE-2015-2151 xen: hypervisor memory corruption due to x86 emulator flaw (xsa123)
1187153 – CVE-2015-1563 xen: vgic: incorrect rate limiting of guest triggered logging on ARM architectures (XSA-118)<br
HVM qemu unexpectedly enabling emulated VGA graphics backends [XSA-119, CVE-2015-2152]
Hypervisor memory corruption due to x86 emulator flaw [XSA-123, CVE-2015-2151]
enable building pngs from fig files which is working again,
fix oxenstored.service preset preuninstall script,
arm: vgic: incorrect rate limiting of guest triggered logging,
Information leak via internal x86 system device emulation,
Information leak through version information hypercall
Fedora 22 Security Update: patch-2.7.5-1.fc22
Fedora 21 Security Update: ImageMagick-6.8.8.10-6.fc21
Resolved Bugs
1158518 – CVE-2014-8354 ImageMagick: out-of-bounds memory access in resize code
1158520 – CVE-2014-8354 ImageMagick: out-of-bounds memory access in resize code [fedora-all]
1158523 – CVE-2014-8355 ImageMagick: out-of-bounds memory access in PCX parser
1158524 – CVE-2014-8355 ImageMagick: out-of-bounds memory access in PCX parser [fedora-all]
1195260 – ImageMagick: denial of service flaw in HDR file processing
1195263 – ImageMagick: denial of service flaw in HDR file processing [fedora-all]
1195265 – ImageMagick: denial of service flaw in MIFF file processing
1195267 – ImageMagick: denial of service flaw in MIFF file processing [fedora-all]
1195269 – ImageMagick: denial of service flaw in PDB file processing
1195270 – ImageMagick: denial of service flaw in PDB file processing [fedora-all]
1195271 – ImageMagick: denial of service flaw in VICAR file processing
1195274 – ImageMagick: denial of service flaw in VICAR file processing [fedora-all]<br
Security fix for CVE-2014-8354,CVE-2014-8355 and 4 other security issues
Fedora 22 Security Update: ImageMagick-6.8.8.10-9.fc22
Resolved Bugs
1158518 – CVE-2014-8354 ImageMagick: out-of-bounds memory access in resize code
1158520 – CVE-2014-8354 ImageMagick: out-of-bounds memory access in resize code [fedora-all]
1158523 – CVE-2014-8355 ImageMagick: out-of-bounds memory access in PCX parser
1195260 – ImageMagick: denial of service flaw in HDR file processing
1195265 – ImageMagick: denial of service flaw in MIFF file processing
1195269 – ImageMagick: denial of service flaw in PDB file processing
1195271 – ImageMagick: denial of service flaw in VICAR file processing
1158524 – CVE-2014-8355 ImageMagick: out-of-bounds memory access in PCX parser [fedora-all]
1195263 – ImageMagick: denial of service flaw in HDR file processing [fedora-all]
1195267 – ImageMagick: denial of service flaw in MIFF file processing [fedora-all]
1195270 – ImageMagick: denial of service flaw in PDB file processing [fedora-all]
1195274 – ImageMagick: denial of service flaw in VICAR file processing [fedora-all]
1168238 – ImageMagick, missing required libraries<br
Security fix for CVE-2014-8354,CVE-2014-8355 and 4 other security issues
Fedora 20 Security Update: kernel-3.18.9-100.fc20
Resolved Bugs
1197842 – Request to add et-131x to Fedora kernel
1185519 – INFO: rcu_sched self-detected stall on CPU with nfsd
1196581 – CVE-2015-1421 kernel: net: slab corruption from use after free on INIT collisions
1196595 – CVE-2015-1421 kernel: net: slab corruption from use after free on INIT collisions [fedora-all]
1190947 – Add support for Atheros AR5B195 combo card (the AR3011 bluetooth part)
1190933 – kernel 3.18: read-only root due to journal_async_commit in /etc/fstab
1188439 – Dell XPS 13 9343 (2015) touchpad freeze
1193907 – CVE-2015-0275 kernel: fs: ext4: fallocate zero range page size > block size BUG()
1195178 – CVE-2015-0275 kernel: fs: ext4: fallocate zero range page size > block size BUG() [fedora-all]
1189864 – kernel: potential memory corruption (denial of service) in vhost/scsi driver
1192079 – kernel: potential memory corruption (denial of service) in vhost/scsi driver [fedora-all]
1192519 – CVE-2015-1593 kernel: Linux stack ASLR implementation Integer overflow
1192520 – kernel: Linux stack ASLR implementation Integer overflow [fedora-all]<br
The 3.18.9 stable update contains a number of important fixes across the tree.
Update to the latest stable upstream release, Linux v3.18.8. Numerous fixes across the tree.
Fedora 20 Security Update: icu-50.1.2-11.fc20
Fedora 21 Security Update: qt-creator-3.3.2-2.fc21
Resolved Bugs
1161655 – qt-creator: no SSH host key verification in built-in SSH client [fedora-all]
1161654 – qt-creator: no SSH host key verification in built-in SSH client
1199110 – qt-creator-3.3.2 is available<br
Add SSH host key verification to built-in SSH client.
Update to version 3.3.2, see https://qt.gitorious.org/qt-creator/qt-creator/raw/2fb9c3c7abc93a9237e72972ee222b2a2628007e:dist/changes-3.3.2 for details.