Resolved Bugs
1184491 – CVE-2014-9637 patch: various flaws [fedora-all]
1185262 – CVE-2014-9637 patch: local denial of service with a crafted patch
1184490 – patch: directory traversal via file rename<br
Security fixes for CVE-2014-9637 and CVE-2015-1196.

Update to MySQL 5.5.41, for various fixes described at http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-41.html. This update also fixes security issues CVE-2015-0411, CVE-2015-0382, CVE-2015-0381, CVE-2015-0432, CVE-2014-6568, CVE-2015-0374.

Resolved Bugs
1182578 – CVE-2015-1029 puppetlabs-stdlib: local information leakage and local privilege escalation vulnerability
1182579 – CVE-2015-1029 puppetlabs-stdlib: local information leakage and local privilege escalation vulnerability [fedora-all]<br
Security fix for CVE-2015-1029

Resolved Bugs
1184750 – CVE-2014-8157 CVE-2014-8158 jasper: various flaws [fedora-all]
1179282 – CVE-2014-8157 jasper: dec->numtiles off-by-one check in jpc_dec_process_sot() (oCERT-2015-001)
1179298 – CVE-2014-8158 jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)<br
This update fixes two security flaws in jasper.

Resolved Bugs
1182009 – seamonkey-2.32 is available<br
Update to 2.32
Fixes various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info.

Resolved Bugs
1058993 – rubygem-passenger: insecure use of temporary files [fedora-20]<br
build for f20 (#1058993)

Update to January, 2015 Critical Patch Update (CPU). See:
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA

Resolved Bugs
1184491 – CVE-2014-9637 patch: various flaws [fedora-all]
1184490 – patch: directory traversal via file rename
1185262 – CVE-2014-9637 patch: local denial of service with a crafted patch<br
Security fixes for CVE-2014-9637 and CVE-2015-1196.

Resolved Bugs
1184488 – build failure in qpid-cpp-0.30/src/tests/txshift.cpp
1181721 – CVE-2015-0203 qpid-cpp: qpidd can be crashed by authenticated user<br
Apply patch 10.
Resolves: BZ#1184488
Resolves: BZ#1181721

Resolved Bugs
1180059 – SELinux is preventing /usr/bin/docker from ‘getattr’ accesses on the file /.docker/key.json.
1173324 – CVE-2014-9357 CVE-2014-9356 CVE-2014-9358 docker-io: various flaws [fedora-all]
1172761 – CVE-2014-9356 docker: Path traversal during processing of absolute symlinks
1172782 – CVE-2014-9357 docker: Escalation of privileges during decompression of LZMA archives
1172787 – CVE-2014-9358 docker: Path traversal and spoofing opportunities presented through image identifiers<br
run tests inside a docker repo
allow unitfile to use /etc/sysconfig/docker-network
Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356