Resolved Bugs
1187032 – CVE-2015-0247 e2fsprogs: ext2fs_open2() missing first_meta_bg boundary check leading to heap buffer overflow (oCERT-015-002)
1189834 – CVE-2015-0247 e2fsprogs: ext2fs_open2() missing first_meta_bg boundary check leading to heap buffer overflow (oCERT-015-002) [fedora-all]<br
New upstream release
Security fix for CVE-2015-0247
Category Archives: Fedora
Fedora – Security Updates
Fedora 20 Security Update: e2fsprogs-1.42.12-1.fc20
Resolved Bugs
1187032 – CVE-2015-0247 e2fsprogs: ext2fs_open2() missing first_meta_bg boundary check leading to heap buffer overflow (oCERT-015-002)
1189834 – CVE-2015-0247 e2fsprogs: ext2fs_open2() missing first_meta_bg boundary check leading to heap buffer overflow (oCERT-015-002) [fedora-all]<br
New upstream release
Security fix for CVE-2015-0247
Fedora 21 Security Update: fcgi-2.4.0-26.fc21
Resolved Bugs
1189958 – Stack smashing while using a lot of connections<br
Fix crash when too many connections are used
Fedora 20 Security Update: fcgi-2.4.0-26.fc20
Resolved Bugs
1189958 – Stack smashing while using a lot of connections<br
Fix crash when too many connections are used
Fedora EPEL 6 Security Update: fcgi-2.4.0-12.el6
Resolved Bugs
1189958 – Stack smashing while using a lot of connections<br
Fix crash when too many connections are used
Fedora EPEL 5 Security Update: fcgi-2.4.0-13.el5
Resolved Bugs
1189958 – Stack smashing while using a lot of connections<br
Fix crash when too many connections are used
Fedora EPEL 7 Security Update: fcgi-2.4.0-25.el7
Resolved Bugs
1189958 – Stack smashing while using a lot of connections<br
Fix crash when too many connections are used
Fedora 21 Security Update: roundcubemail-1.0.5-1.fc21
Resolved Bugs
1188203 – CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [epel-all]
1188202 – CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [fedora-all]<br
Cross-site scripting vulnerability has been fixed in Roundcube 1.0.5 version.
http://roundcube.net/news/2015/01/24/security-update-1.0.5/
http://trac.roundcube.net/wiki/Changelog#RELEASE1.0.5
http://trac.roundcube.net/ticket/1490227
CVE request: http://www.openwall.com/lists/oss-security/2015/01/31/3
Fedora 20 Security Update: perl-Gtk2-1.2495-1.fc20
Resolved Bugs
1188219 – perl-Gtk2: incorrect memory management in Gtk2::Gdk::Display::list_devices
1188220 – perl-Gtk2: incorrect memory management in Gtk2::Gdk::Display::list_devices [fedora-all]
1187908 – perl-Gtk2-1.2495 is available<br
Update to 1.2495 to resolve an incorrect memory management issue in Gtk2::Gdk::Display::list_devices, which can potentially lead to arbitrary code execution.
Fedora 20 Security Update: roundcubemail-1.0.5-1.fc20
Resolved Bugs
1188203 – CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [epel-all]
1188202 – CVE-2015-1433 roundcubemail: crooss-site scripting in style attribute handling [fedora-all]<br
Cross-site scripting vulnerability has been fixed in Roundcube 1.0.5 version.
http://roundcube.net/news/2015/01/24/security-update-1.0.5/
http://trac.roundcube.net/wiki/Changelog#RELEASE1.0.5
http://trac.roundcube.net/ticket/1490227
CVE request: http://www.openwall.com/lists/oss-security/2015/01/31/3