Category Archives: Fedora

Fedora – Security Updates

Fedora

Fedora 21 Security Update: kernel-3.17.7-300.fc21

Resolved Bugs
1159313 – CVE-2014-8559 Kernel: fs: deadlock due to incorrect usage of rename_lock
1173814 – CVE-2014-8559 Kernel: fs: deadlock due to incorrect usage of rename_lock [fedora-all]
1126580 – need suppression of kernel commit #2062afb4f804a (gcc -fvar-tracking)
1173806 – Fedora21 freezes when use smt-enabled=off as kernel argument
1172797 – CVE-2014-8133 kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS
1174374 – CVE-2014-8133 kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS [fedora-all]
1172543 – [abrt] WARNING: CPU: 2 PID: 3667 at net/wireless/reg.c:1806 reg_process_hint+0x2d1/0x460 [cfg80211]() [cfg80211]
1084928 – ata1.00: failed command: READ FPDMA QUEUED without libata.force=noncq on SAMSUNG MZHPU128HCGM PCIe SSD disk
1164945 – UAS driver crashes system with Seagate USB 3.0 drive and Fresco Logic FL1000G controller
1172765 – CVE-2014-8134 kernel: x86: espfix not working for 32-bit KVM paravirt guests
1172769 – CVE-2014-8134 kernel: x86: espfix not working for 32-bit KVM paravirt guests [fedora-all]<br
The 3.17.7 stable update contains a number of important fixes across the tree.

Fedora

Fedora 19 Security Update: ca-certificates-2014.2.2-1.0.fc19

This is an update to the set of CA certificates released with NSS version 3.17.3
However, the package modifies the CA list to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details.
If you prefer to use the unchanged list provided by Mozilla, and if you accept any compatibility issues it may cause, an administrator may configure the system by executing the “ca-legacy disable” command.

Fedora

Fedora 20 Security Update: kernel-3.17.7-200.fc20

Resolved Bugs
1159313 – CVE-2014-8559 Kernel: fs: deadlock due to incorrect usage of rename_lock
1173814 – CVE-2014-8559 Kernel: fs: deadlock due to incorrect usage of rename_lock [fedora-all]
1126580 – need suppression of kernel commit #2062afb4f804a (gcc -fvar-tracking)
1173806 – Fedora21 freezes when use smt-enabled=off as kernel argument
1172797 – CVE-2014-8133 kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS
1174374 – CVE-2014-8133 kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS [fedora-all]
1172543 – [abrt] WARNING: CPU: 2 PID: 3667 at net/wireless/reg.c:1806 reg_process_hint+0x2d1/0x460 [cfg80211]() [cfg80211]
1084928 – ata1.00: failed command: READ FPDMA QUEUED without libata.force=noncq on SAMSUNG MZHPU128HCGM PCIe SSD disk
1164945 – UAS driver crashes system with Seagate USB 3.0 drive and Fresco Logic FL1000G controller
1172765 – CVE-2014-8134 kernel: x86: espfix not working for 32-bit KVM paravirt guests
1172769 – CVE-2014-8134 kernel: x86: espfix not working for 32-bit KVM paravirt guests [fedora-all]<br
The 3.17.7 stable update contains a number of important fixes across the tree.

Fedora

Fedora 21 Security Update: mediawiki-1.24.1-1.fc21

Resolved Bugs
1175828 – mediawiki: multiple vulnerabilities
1175829 – mediawiki: multiple vulnerabilities [fedora-all]<br
* (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.rn* (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.rn* (bug T74222) The original patch for T74222 was reverted as unnecessary.rn* Fixed a couple of entries in RELEASE-NOTES-1.24.rn* (bug T76168) OutputPage: Add accessors for some protected properties.rn* (bug T74834) Make 1.24 branch directly installable under PostgreSQL.