Update to 2.10.4
Category Archives: Fedora
Fedora – Security Updates
freetype-2.6.5-3.fc25
This update fixes a possible heap buffer overflow.
freetype-2.6.3-3.fc24
This update fixes a possible heap buffer overflow.
knot-resolver-1.2.4-1.fc24
new upstream release
knot-resolver-1.2.4-1.fc25
new upstream release
+ security: Knot Resolver 1.2.0 and higher could return AD flag for insecure
answer if the daemon received answer with invalid RRSIG several
times in a row.
+ fix: layer/iterate: some improvements in cname chain unrolling
+ fix: layer/validate: fix duplicate records in AUTHORITY section in case
+ fix: of WC expansion proof
+ fix: lua: do *not* truncate cache size to unsigned
+ fix: forwarding mode: correctly forward +cd flag
+ fix: fix a potential memory leak
+ fix: don’t treat answers that contain DS non-existance proof as insecure
+ fix: don’t store NSEC3 and their signatures in the cache
+ fix: layer/iterate: when processing delegations,
check if qname is at or below new authority
+ enhancement: modules/policy: allow QTRACE policy to be chained
with other policies
+ enhancement: hints.add_hosts(path): a new property
+ enhancement: module: document the API and simplify the code
+ enhancement: policy.MIRROR: support IPv6 link-local addresses
+ enhancement: policy.FORWARD: support IPv6 link-local addresses
+ enhancement: add net.outgoing_{v4,v6} to allow specifying address
to use for connections
knot-resolver-1.2.4-1.fc26
new upstream release – security fix
+ security: Knot Resolver 1.2.0 and higher could return AD flag for insecure
answer if the daemon received answer with invalid RRSIG several
times in a row.
+ fix: layer/iterate: some improvements in cname chain unrolling
+ fix: layer/validate: fix duplicate records in AUTHORITY section in case
+ fix: of WC expansion proof
+ fix: lua: do *not* truncate cache size to unsigned
+ fix: forwarding mode: correctly forward +cd flag
+ fix: fix a potential memory leak
+ fix: don’t treat answers that contain DS non-existance proof as insecure
+ fix: don’t store NSEC3 and their signatures in the cache
+ fix: layer/iterate: when processing delegations,
check if qname is at or below new authority
+ enhancement: modules/policy: allow QTRACE policy to be chained
with other policies
+ enhancement: hints.add_hosts(path): a new property
+ enhancement: module: document the API and simplify the code
+ enhancement: policy.MIRROR: support IPv6 link-local addresses
+ enhancement: policy.FORWARD: support IPv6 link-local addresses
+ enhancement: add net.outgoing_{v4,v6} to allow specifying address
to use for connections
texlive-2016-33.20160520.fc26
Security fix for CVE-2016-10243
firefox-52.0-1.fc26
For changes see https://www.mozilla.org/en-US/firefox/52.0/releasenotes/
wireshark-2.2.5-1.fc25
Security fix for
thunderbird-45.8.0-1.fc26
For changes see: https://www.mozilla.org/en-US/thunderbird/45.8.0/releasenotes/