Update to Samba 4.1.17 to address CVE-2015-0240 – RCE in netlogon.
Category Archives: Fedora
Fedora – Security Updates
Fedora 20 Security Update: e2fsprogs-1.42.12-3.fc20
Resolved Bugs
1193945 – CVE-2015-1572 e2fsprogs: potential buffer overflow in closefs() (incomplete CVE-2015-0247 fix)
1193947 – CVE-2015-1572 e2fsprogs: potential buffer overflow in closefs() [fedora-all]
1194063 – [abrt] e2fsprogs: strlen(): dumpe2fs killed by SIGSEGV
1170803 – calls e2fsck on all ext volumes, provides no status indicator, and hangs indefinitely if e2fsck doesn’t exit<br
– Fix potential buffer overflow in closefs (#1193947, CVE-2015-1572)
– Fix dumpe2fs segfault with no arguments (#1194063)
– Don’t require fsck prior to resize2fs -P (#1170803)
Fedora 21 Security Update: e2fsprogs-1.42.12-3.fc21
Resolved Bugs
1193945 – CVE-2015-1572 e2fsprogs: potential buffer overflow in closefs() (incomplete CVE-2015-0247 fix)
1193947 – CVE-2015-1572 e2fsprogs: potential buffer overflow in closefs() [fedora-all]
1194063 – [abrt] e2fsprogs: strlen(): dumpe2fs killed by SIGSEGV
1170803 – calls e2fsck on all ext volumes, provides no status indicator, and hangs indefinitely if e2fsck doesn’t exit
963283 – e2fsck.conf makes e2fsck ignore check intervals
1192861 – e2fsck seg faults on 6TB HDD<br
– Fix potential buffer overflow in closefs (#1193947, CVE-2015-1572)
– Fix dumpe2fs segfault with no arguments (#1194063)
– Don’t require fsck prior to resize2fs -P (#1170803)
Changes e2fsck.conf so that for filesystems with time-based check intervals set in the superblock, these time-based checks will work again. You may need to wait through an e2fsck on your next reboot in this case.
Fedora EPEL 7 Security Update: qpid-cpp-0.30-11.el7
Resolved Bugs
1181721 – CVE-2015-0203 qpid-cpp: qpidd can be crashed by unauthenticated user
1186308 – CVE-2015-0223 qpid-cpp: anonymous access to qpidd cannot be prevented
1184488 – build failure in qpid-cpp-0.30/src/tests/txshift.cpp<br
Fixed path to qpid-ha in the systemd service descriptor.
Resolves: BZ#1186308
Apply patch 10.
Resolves: BZ#1184488
Resolves: BZ#1181721
Enabled building the linear store.
Fedora 20 Security Update: krb5-1.11.5-18.fc20
Resolved Bugs
1188869 – CVE-2014-5352 CVE-2014-9421 CVE-2014-9423 CVE-2014-9422 krb5: various flaws [fedora-all]
1179856 – CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)
1179857 – CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)
1179861 – CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)
1179863 – CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)
1145425 – CVE-2014-5351 krb5: current keys returned when randomizing the keys for a service principal
1145426 – CVE-2014-5351 krb5: current keys returned when randomizing the keys for a service principal [fedora-all]<br
Security fix for CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
Security fix for CVE-2014-5351
Fedora 21 Security Update: krb5-1.12.2-14.fc21
Resolved Bugs
1188869 – CVE-2014-5352 CVE-2014-9421 CVE-2014-9423 CVE-2014-9422 krb5: various flaws [fedora-all]
1179856 – CVE-2014-5352 krb5: gss_process_context_token() incorrectly frees context (MITKRB5-SA-2015-001)
1179857 – CVE-2014-9421 krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)
1179861 – CVE-2014-9422 krb5: kadmind incorrectly validates server principal name (MITKRB5-SA-2015-001)
1179863 – CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)<br
Security fix for CVE-2014-5352, CVE-2014-9421, CVE-2014-9422, CVE-2014-9423
Fedora 21 Security Update: vorbis-tools-1.4.0-19.fc21
Resolved Bugs
1184449 – CVE-2014-9639 vorbis-tools: integer overflow on crafted WAV file
1184452 – vorbis-tools: integer overflow on crafted WAV file [fedora-all]
1184448 – CVE-2014-9638 vorbis-tools: division by zero on crafted WAV file
1184450 – vorbis-tools: division by zero on crafted WAV file [fedora-all]<br
– validate count of channels in the header (CVE-2014-9638 and CVE-2014-9639)
Fedora 20 Security Update: vorbis-tools-1.4.0-14.fc20
Resolved Bugs
1184449 – CVE-2014-9639 vorbis-tools: integer overflow on crafted WAV file
1184452 – vorbis-tools: integer overflow on crafted WAV file [fedora-all]
1184448 – CVE-2014-9638 vorbis-tools: division by zero on crafted WAV file
1184450 – vorbis-tools: division by zero on crafted WAV file [fedora-all]<br
– validate count of channels in the header (CVE-2014-9638 and CVE-2014-9639)
Fedora 20 Security Update: php-5.5.22-1.fc20
19 Feb 2015, PHP 5.5.22
Core:
* Fixed bug #67068 (getClosure returns somethings that’s not a closure). (Danack at basereality dot com)
* Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow). (Stas)
* Fixed bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone). (CVE-2015-0273) (Stas)
* Added NULL byte protection to exec, system and passthru. (Yasuo)
* Removed support for multi-line headers, as the are deprecated by RFC 7230. (Stas)
Date:
* Fixed bug #45081 (strtotime incorrectly interprets SGT time zone). (Derick)
Dba:
* Fixed bug #68711 (useless comparisons). (bugreports at internot dot info)
Enchant:
* Fixed bug #6855 (heap buffer overflow in enchant_broker_request_dict()). (Antony)
Fileinfo:
* Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers)
FPM:
* Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle)
* Fixed bug #68571 (core dump when webserver close the socket). (redfoxli069 at gmail dot com, Laruence)
Libxml:
* Fixed bug #64938 (libxml_disable_entity_loader setting is shared between threads). (Martin Jansen)
OpenSSL:
* Fixed bug #55618 (use case-insensitive cert name matching). (Daniel Lowrey)
PDO_mysql:
* Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of named pipes). ([email protected])
Phar:
* Fixed bug #68901 (use after free). (bugreports at internot dot info)
Pgsql:
* Fixed Bug #65199 ‘pg_copy_from() modifies input array variable). (Yasuo)
Sqlite3:
* Fixed bug #68260 (SQLite3Result::fetchArray declares wrong required_num_args). (Julien)
Mysqli:
* Fixed bug #68114 (linker error on some OS X machines with fixed width decimal support) (Keyur Govande)
* Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient has rounding errors) (Keyur Govande)
Session:
* Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo)
* Fixed Bug #66623 (no EINTR check on flock) (Yasuo)
* Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo)
Standard:
* Fixed bug #65272 (flock() out parameter not set correctly in windows). (Daniel Lowrey)
* Fixed bug #69033 (Request may get env. variables from previous requests if PHP works as FastCGI)
Streams:
* Fixed bug which caused call after final close on streams filter. (Bob)
Fedora 21 Security Update: php-5.6.6-1.fc21
19 Feb 2015, PHP 5.6.6
Core:
* Removed support for multi-line headers, as the are deprecated by RFC 7230. (Stas)
* Fixed bug #67068 (getClosure returns somethings that’s not a closure). (Danack at basereality dot com)
* Fixed bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone). (CVE-2015-0273) (Stas)
* Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow). (Stas)
* Fixed Bug #67988 (htmlspecialchars() does not respect default_charset specified by ini_set) (Yasuo)
* Added NULL byte protection to exec, system and passthru. (Yasuo)
Dba:
* Fixed bug #68711 (useless comparisons). (bugreports at internot dot info)
Enchant:
* Fixed bug #68552 (heap buffer overflow in enchant_broker_request_dict()). (Antony)
Fileinfo:
* Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers)
* Fixed bug #67647 (Bundled libmagic 5.17 does not detect quicktime files correctly). (Anatol)
* Fixed bug #68731 (finfo_buffer doesn’t extract the correct mime with some gifs). (Anatol)
FPM:
* Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle)
* Fixed bug #68571 (core dump when webserver close the socket). (redfoxli069 at gmail dot com, Laruence)
LIBXML:
* Fixed bug #64938 (libxml_disable_entity_loader setting is shared between threads). (Martin Jansen)
Mysqli:
* Fixed bug #68114 (linker error on some OS X machines with fixed width decimal support) (Keyur Govande)
* Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient has rounding errors) (Keyur Govande)
Opcache:
* Fixed bug with try blocks being removed when extended_info opcode generation is turned on. (Laruence)
PDO_mysql:
* Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of named pipes). (steffenb198 at aol dot com)
Phar:
* Fixed bug #68901 (use after free). (bugreports at internot dot info)
Pgsql:
* Fixed Bug #65199 (pg_copy_from() modifies input array variable) (Yasuo)
Session:
* Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo)
* Fixed Bug #66623 (no EINTR check on flock) (Yasuo)
* Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo)
Sqlite3:
* Fixed bug #68260 (SQLite3Result::fetchArray declares wrong required_num_args). (Julien)
Standard:
* Fixed bug #65272 (flock() out parameter not set correctly in windows). (Daniel Lowrey)
* Fixed bug #69033 (Request may get env. variables from previous requests if PHP works as FastCGI). (Anatol)
Streams:
* Fixed bug which caused call after final close on streams filter. (Bob)