Resolved Bugs
1107557 – CVE-2014-0191 mingw-libxml2: libxml2: external parameter entity loaded when entity substitution is disabled [fedora-all]<br
Update to libxml2 2.9.2
Category Archives: Fedora
Fedora – Security Updates
Fedora EPEL 6 Security Update: mapserver-6.0.4-1.el6
Resolved Bugs
1048690 – CVE-2013-7262 mapserver: SQL injections with postgis TIME filters [epel-all]<br
Update to 6.0.4, for various fixes described at: https://github.com/mapserver/mapserver/blob/rel-6-0-4/HISTORY.TXT, plusnBZ 1048690 – SQL injections with postgis TIME filters
Fedora EPEL 7 Security Update: mingw-libjpeg-turbo-1.3.1-4.el7
Resolved Bugs
1169853 – CVE-2014-9092 mingw-libjpeg-turbo: libjpeg-turbo: denial of service via specially-crafted JPEG file [epel-7]<br
Fix CVE-2014-9092
Fedora 20 Security Update: glpi-0.84.8-3.fc20
Fedora 19 Security Update: glpi-0.83.9.1-5.fc19
Fedora 21 Security Update: glpi-0.84.8-3.fc21
Fedora EPEL 7 Security Update: glpi-0.84.8-3.el7
Fedora EPEL 5 Security Update: glpi-0.83.9.1-5.el5
Fedora EPEL 6 Security Update: glpi-0.83.9.1-6.el6
Fedora 20 Security Update: roundcubemail-1.0.4-2.fc20
Resolved Bugs
1091438 – CVE-2012-4230 tinymce: XSS attacks via security policy bypass<br
This update provides Roundcube 1.0.4. This is a stable security update: the security fix is described by upstream as “Fix possible CSRF attacks to some address book operations as well as to the ACL and Managesieve plugins.” More details on the update are available at http://roundcube.net/news/2014/12/18/update-1.0.4-released/ . The update should apply without any special handling by the system administrator.