Resolved Bugs
1159313 – CVE-2014-8559 Kernel: fs: deadlock due to incorrect usage of rename_lock
1173814 – CVE-2014-8559 Kernel: fs: deadlock due to incorrect usage of rename_lock [fedora-all]
1126580 – need suppression of kernel commit #2062afb4f804a (gcc -fvar-tracking)
1173806 – Fedora21 freezes when use smt-enabled=off as kernel argument
1172797 – CVE-2014-8133 kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS
1174374 – CVE-2014-8133 kernel: x86: espfix(64) bypass via set_thread_area and CLONE_SETTLS [fedora-all]
1172543 – [abrt] WARNING: CPU: 2 PID: 3667 at net/wireless/reg.c:1806 reg_process_hint+0x2d1/0x460 [cfg80211]() [cfg80211]
1084928 – ata1.00: failed command: READ FPDMA QUEUED without libata.force=noncq on SAMSUNG MZHPU128HCGM PCIe SSD disk
1164945 – UAS driver crashes system with Seagate USB 3.0 drive and Fresco Logic FL1000G controller
1172765 – CVE-2014-8134 kernel: x86: espfix not working for 32-bit KVM paravirt guests
1172769 – CVE-2014-8134 kernel: x86: espfix not working for 32-bit KVM paravirt guests [fedora-all]<br
The 3.17.7 stable update contains a number of important fixes across the tree.

Resolved Bugs
1175241 – unrtf-0.21.7 is available
1170233 – CVE-2014-9274 CVE-2014-9275 unrtf: out-of-bounds memory access vulnerability
1170235 – unrtf: out-of-bounds memory access vulnerability [fedora-all]<br
Update to the latest upstream release. This fixes a couple of security problems. See also the [upstream changelog](http://hg.savannah.gnu.org/hgweb/unrtf/file/f5835113e0ed/ChangeLog).

Resolved Bugs
1175828 – mediawiki: multiple vulnerabilities
1175829 – mediawiki: multiple vulnerabilities [fedora-all]<br
* (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.rn* (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.rn* (bug T74222) The original patch for T74222 was reverted as unnecessary.rn* Fixed a couple of entries in RELEASE-NOTES-1.24.rn* (bug T76168) OutputPage: Add accessors for some protected properties.rn* (bug T74834) Make 1.24 branch directly installable under PostgreSQL.

Resolved Bugs
1162783 – CVE-2004-2771 CVE-2014-7844 mailx: command execution flaw
1174903 – CVE-2004-2771 CVE-2014-7844 mailx: command execution flaw [fedora-all]<br
Security fix for CVE-2004-2771, CVE-2014-7844

Resolved Bugs
1175762 – CVE-2014-8138 CVE-2014-8137 mingw-jasper: various flaws [fedora-all]
1173157 – CVE-2014-8137 jasper: double-free in in jas_iccattrval_destroy() (oCERT-2014-012)
1173162 – CVE-2014-8138 jasper: heap overflow in jp2_decode() (oCERT-2014-012)<br
Fixes for CVE-2014-8137 and CVE-2014-8138

Resolved Bugs
1175828 – mediawiki: multiple vulnerabilities
1175829 – mediawiki: multiple vulnerabilities [fedora-all]<br
* (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.rn* (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.rn* (bug T74222) The original patch for T74222 was reverted as unnecessary.rn

Resolved Bugs
1175762 – CVE-2014-8138 CVE-2014-8137 mingw-jasper: various flaws [fedora-all]
1173157 – CVE-2014-8137 jasper: double-free in in jas_iccattrval_destroy() (oCERT-2014-012)
1173162 – CVE-2014-8138 jasper: heap overflow in jp2_decode() (oCERT-2014-012)<br
Fixes for CVE-2014-8137 and CVE-2014-8138

Resolved Bugs
1175828 – mediawiki: multiple vulnerabilities
1175829 – mediawiki: multiple vulnerabilities [fedora-all]<br
* (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.rn* (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.rn* (bug T74222) The original patch for T74222 was reverted as unnecessary.rn

Resolved Bugs
1162783 – CVE-2004-2771 CVE-2014-7844 mailx: command execution flaw
1174903 – CVE-2004-2771 CVE-2014-7844 mailx: command execution flaw [fedora-all]<br
Security fix for CVE-2004-2771, CVE-2014-7844

Resolved Bugs
1172765 – CVE-2014-8134 kernel: x86: espfix not working for 32-bit KVM paravirt guests
1172769 – CVE-2014-8134 kernel: x86: espfix not working for 32-bit KVM paravirt guests [fedora-all]
1170691 – CVE-2014-9090 kernel: espfix64: local DoS via do_double_fault() due to improper handling of faults associated with SS segment register
1163762 – CVE-2010-5313 CVE-2014-7842 kernel: kvm: reporting emulation failures to userspace
1163767 – CVE-2014-7842 kernel: kvm: reporting emulation failures to userspace [fedora-all]
1163087 – CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
1163095 – CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet [fedora-all]
1161565 – CVE-2014-7825 CVE-2014-7826 kernel: insufficient syscall number validation in perf and ftrace subsystems
1161572 – CVE-2014-7826 CVE-2014-7825 kernel: insufficient syscall number validation in perf and ftrace subsystems [fedora-all]<br
The 3.14.27 stable update contains a number of important fixes across the tree.nThe 3.14.26 update contains a number of important fixes across the treenThe 3.14.25 stable update contains a number of important fixes across the tree.nThe 3.14.24 stable update contains a number of important fixes across the tree.