Resolved Bugs
1193952 – CVE-2015-2060 cabextract: directory traversal with UTF-8 symbols in filenames
1193955 – cabextract: directory traversal with UTF-8 symbols in filenames [fedora-all]<br
Security fix for directory traversal with UTF-8 symbols in filenames. Fixed in upstream version 1.5.
Category Archives: Fedora
Fedora – Security Updates
Fedora 20 Security Update: lftp-4.5.4-3.fc20
Fedora 20 Security Update: cabextract-1.5-1.fc20
Fedora 21 Security Update: qpid-cpp-0.30-12.fc21
Resolved Bugs
1186308 – CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be prevented
1181721 – CVE-2015-0203 qpid-cpp: qpidd can be crashed by unauthenticated user
1184488 – build failure in qpid-cpp-0.30/src/tests/txshift.cpp<br
Added qpidtoollibs to the qpid-tools package.
Fixed path to qpid-ha in the systemd service descriptor.
Resolves: BZ#1186308
Apply patch 10.
Resolves: BZ#1184488
Resolves: BZ#1181721
Fedora 21 Security Update: lftp-4.5.4-4.fc21
Fedora EPEL 7 Security Update: novnc-0.5.1-2.el7
Fedora EPEL 7 Security Update: qpid-cpp-0.30-12.el7
Resolved Bugs
1181721 – CVE-2015-0203 qpid-cpp: qpidd can be crashed by unauthenticated user
1186308 – CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be prevented
1184488 – build failure in qpid-cpp-0.30/src/tests/txshift.cpp<br
Added qpidtoollibs to the qpid-tools package.
Fixed path to qpid-ha in the systemd service descriptor.
Resolves: BZ#1186308
Apply patch 10.
Resolves: BZ#1184488
Resolves: BZ#1181721
Enabled building the linear store.
Fedora EPEL 6 Security Update: novnc-0.5.1-2.el6
Fedora 22 Security Update: lftp-4.6.1-4.fc22
Fedora 22 Security Update: jetty-9.2.9-1.fc22
Resolved Bugs
1196254 – CVE-2015-2080 jetty: remote unauthenticated credential exposure<br
Rebase to upstream version 9.2.9, resolves CVE-2015-2080 security vulnerability.