Resolved Bugs
1175718 – CVE-2014-8142 php: use after free vulnerability in unserialize()
1176156 – CVE-2014-8142 php: use after free vulnerability in unserialize() [fedora-all]<br
18 Dec 2014, PHP 5.6.4\r\n\r\nCore:\r\n* Fixed bug #68091 (Some Zend headers lack appropriate extern “C” blocks). (Adam)\r\n* Fixed bug #68104 (Segfault while pre-evaluating a disabled function). (Laruence)\r\n* Fixed bug #68185 (“Inconsistent insteadof definition.”- incorrectly triggered). (Julien)\r\n* Fixed bug #68355 (Inconsistency in example php.ini comments). (Chris McCafferty)\r\n* Fixed bug #68370 (“unset($this)” can make the program crash). (Laruence)\r\n* Fixed bug #68422 (Incorrect argument reflection info for array_multisort()). (Alexander Lisachenko)\r\n* Fixed bug #68446 (Array constant not accepted for array parameter default). (Bob, Dmitry)\r\n* Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)\r\n* Fixed bug #68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142) (Stefan Esser)\r\n\r\nDate:\r\n* Fixed day_of_week function as it could sometimes return negative values internally. (Derick)\r\n\r\nFPM:\r\n* Fixed bug #68381 (fpm_unix_init_main ignores log_level). (David Zuelke, Remi)\r\n* Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all addresses). (Remi)\r\n* Fixed bug #68421 (access.format=’%R’ doesn’t log ipv6 address). (Remi)\r\n* Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi)\r\n* Fixed bug #68428 (listen.allowed_clients is IPv4 only). (Remi)\r\n* Fixed bug #68452 (php-fpm man page is oudated). (Remi)\r\n* Fixed request #68458 (Change pm.start_servers default warning to notice). (David Zuelke, Remi)\r\n* Fixed bug #68463 (listen.allowed_clients can silently result in no allowed access). (Remi)\r\n* Fixed request #68391 (php-fpm conf files loading order). (Florian Margaine, Remi)\r\n* Fixed bug #68478 (access.log don’t use prefix). (Remi)\r\n\r\nGMP:\r\n* Fixed bug #68419 (build error with gmp 4.1). (Remi)\r\n\r\nMcrypt:\r\n* Fixed possible read after end of buffer and use after free. (Dmitry)\r\n\r\nPDO_pgsql:\r\n* Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception when not in transaction) (Matteo)\r\n* Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving) (Matteo)\r\n\r\nSession:\r\n* Fixed bug #68331 (Session custom storage callable functions not being called) (Yasuo Ohgaki)\r\n\r\nSOAP:\r\n* Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes). (Laruence)\r\n\r\nzlib:\r\n* Fixed bug #53829 (Compiling PHP with large file support will replace function gzopen by gzopen64) (Sascha Kettler, Matteo)

Resolved Bugs
1175718 – CVE-2014-8142 php: use after free vulnerability in unserialize()
1176156 – CVE-2014-8142 php: use after free vulnerability in unserialize() [fedora-all]<br
18 Dec 2014, PHP 5.5.20\r\n\r\nCore:\r\n* Fixed bug #68091 (Some Zend headers lack appropriate extern “C” blocks). (Adam)\r\n* Fixed bug #68185 (“Inconsistent insteadof definition.”- incorrectly triggered). (Julien)\r\n* Fixed bug #68370 (“unset($this)” can make the program crash). (Laruence)\r\n* Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol)\r\n* Fixed bug #68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142) (Stefan Esser)\r\n\r\nDate:\r\n* Fixed day_of_week function as it could sometimes return negative values internally. (Derick)\r\n\r\nFPM:\r\n* Fixed bug #68381 (fpm_unix_init_main ignores log_level). (David Zuelke, Remi)\r\n* Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all addresses). (Remi)\r\n* Fixed bug #68421 (access.format=’%R’ doesn’t log ipv6 address). (Remi)\r\n* Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi)\r\n* Fixed bug #68428 (listen.allowed_clients is IPv4 only). (Remi)\r\n* Fixed bug #68452 (php-fpm man page is oudated). (Remi)\r\n* Fixed request #68458 (Change pm.start_servers default warning to notice). (David Zuelke, Remi)\r\n* Fixed bug #68463 (listen.allowed_clients can silently result in no allowed access). (Remi)\r\n* Fixed request #68391 (php-fpm conf files loading order). (Florian Margaine, Remi)\r\n* Fixed bug #68478 (access.log don’t use prefix). (Remi)\r\n\r\nMcrypt:\r\n* Fixed possible read after end of buffer and use after free. (Dmitry)\r\n\r\nPDO_pgsql:\r\n* Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo)\r\n* Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception when not in transaction) (Matteo)\r\n* Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving) (Matteo)\r\n\r\nzlib:\r\n* Fixed bug #53829 (Compiling PHP with large file support will replace function gzopen by gzopen64) (Sascha Kettler, Matteo)\r\n

Resolved Bugs
1175828 – mediawiki: multiple vulnerabilities
1175829 – mediawiki: multiple vulnerabilities [fedora-all]<br
* (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this.rn* (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name.rn* (bug T74222) The original patch for T74222 was reverted as unnecessary.rn

Resolved Bugs
1175241 – unrtf-0.21.7 is available
1170233 – CVE-2014-9274 CVE-2014-9275 unrtf: out-of-bounds memory access vulnerability
1170236 – unrtf: out-of-bounds memory access vulnerability [epel-6]<br
Update to the latest upstream release. This fixes a couple of security problems. See also the [upstream changelog](http://hg.savannah.gnu.org/hgweb/unrtf/file/f5835113e0ed/ChangeLog).

Resolved Bugs
1175764 – CVE-2014-8138 CVE-2014-8137 mingw-jasper: various flaws [epel-7]
1173157 – CVE-2014-8137 jasper: double-free in in jas_iccattrval_destroy() (oCERT-2014-012)
1173162 – CVE-2014-8138 jasper: heap overflow in jp2_decode() (oCERT-2014-012)<br
* Fixes for CVE-2014-8137 and CVE-2014-8138rnrn* Bring package up to date with all CVE fixes

Update to 1.19.23
Security fix

Resolved Bugs
1175241 – unrtf-0.21.7 is available
1170233 – CVE-2014-9274 CVE-2014-9275 unrtf: out-of-bounds memory access vulnerability
1170237 – unrtf: out-of-bounds memory access vulnerability [epel-7]<br
Update to the latest upstream release. This fixes a couple of security problems. See also the [upstream changelog](http://hg.savannah.gnu.org/hgweb/unrtf/file/f5835113e0ed/ChangeLog).

Resolved Bugs
1174872 – rabbitmq-server: insufficient ‘X-Forwarded-For’ header validation
1174875 – rabbitmq-server: insufficient ‘X-Forwarded-For’ header validation [epel-all]
1144100 – rabbitmq restarts fail randomly<br
Security fix for: insufficient ‘X-Forwarded-For’ header validation
Rebase to 3.3.5

Resolved Bugs
1174521 – CVE-2014-8108 CVE-2014-3580 subversion: various flaws [fedora-all]
1155670 – svn fails to start with libserf 1.2.1 requires: libserf 1.3.4
1174054 – CVE-2014-3580 subversion: NULL pointer dereference flaw in mod_dav_svn when handling REPORT requests
1174057 – CVE-2014-8108 subversion: NULL pointer dereference flaw in mod_dav_svn when handling URIs for virtual transaction names<br
This update includes the latest stable release of **Apache Subversion**, version **1.8.11**. Two security issues in mod_dav_svn are addressed in this release (CVE-2014-8108, CVE-2014-3580). For more details, see:
http://subversion.apache.org/security/CVE-2014-8108-advisory.txt
http://subversion.apache.org/security/CVE-2014-3580-advisory.txt
**Client-side bugfixes:**
* checkout/update: fix file externals failing to follow history and subsequently silently failing http://subversion.tigris.org/issues/show_bug.cgi?id=4185
* patch: don’t skip targets in valid –git difs
* diff: make property output in diffs stable
* diff: fix diff of local copied directory with props
* diff: fix changelist filter for repos-WC and WC-WC
* remove broken conflict resolver menu options that always error out
* improve gpg-agent support
* fix crash in eclipse IDE with GNOME Keyring http://subversion.tigris.org/issues/show_bug.cgi?id=3498
* fix externals shadowing a versioned directory http://subversion.tigris.org/issues/show_bug.cgi?id=4085
* fix problems working on unix file systems that don’t support permissions
* upgrade: keep external registrations http://subversion.tigris.org/issues/show_bug.cgi?id=4519
* cleanup: iprove performance of recorded timestamp fixups
* translation updates for German
**Server-side bugfixes:**
* disable revprop caching feature due to cache invalidation problems
* skip generating uniquifiers if rep-sharing is not supported
* mod_dav_svn: reject requests with missing repository paths
* mod_dav_svn: reject requests with invalid virtual transaction names
* mod_dav_svn: avoid unneeded memory growth in resource walking http://subversion.tigris.org/issues/show_bug.cgi?id=4531

Resolved Bugs
1171090 – seamonkey-2.31 is available<br
Update to 2.31
Fixes various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info.