Resolved Bugs
1174821 – CVE-2014-6396 CVE-2014-6395 CVE-2014-9377 CVE-2014-9376 CVE-2014-9379 CVE-2014-9378 CVE-2014-9380 CVE-2014-9381 ettercap: multiple vulnerabilities [fedora-all]<br
Fix for multiple CVEs.
https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/

Resolved Bugs
1104041 – CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails [fedora-all]<br
This upgrade to latest upstream snapshot fixes a setuid vulnerability.

Resolved Bugs
987189 – nss-tools RPM conflicts with perl-PAR-Packer
1174493 – CVE-2014-1569 nss: QuickDER decoder length issue [fedora-all]<br
Updated nss package fixes a conflict among the nss-tools pp man page an the similarly named one from perl-PAR_Packager.

Resolved Bugs
1174822 – CVE-2014-6396 CVE-2014-6395 CVE-2014-9377 CVE-2014-9376 CVE-2014-9379 CVE-2014-9378 CVE-2014-9380 CVE-2014-9381 ettercap: multiple vulnerabilities [epel-5]<br
Fix for multiple CVEs.
https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/

Resolved Bugs
1173950 – docker-io can’t be installed on rhel 6.5 due to requirement device-mapper-libs >= 1.02.90-1
1173325 – CVE-2014-9357 CVE-2014-9356 CVE-2014-9358 docker-io: various flaws [epel-6]
1172761 – CVE-2014-9356 docker: Path traversal during processing of absolute symlinks
1172782 – CVE-2014-9357 docker: Escalation of privileges during decompression of LZMA archives
1172787 – CVE-2014-9358 docker: Path traversal and spoofing opportunities presented through image identifiers<br
Resolves: rhbz#1173950 remove min version requirements on device-mapper-libs
Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356

Resolved Bugs
1174823 – CVE-2014-6396 CVE-2014-6395 CVE-2014-9377 CVE-2014-9376 CVE-2014-9379 CVE-2014-9378 CVE-2014-9380 CVE-2014-9381 ettercap: multiple vulnerabilities [epel-6]<br
Fix for multiple CVEs.
https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/

Resolved Bugs
1045983 – CVE-2013-6890 denyhosts: remote denial of ssh service [fedora-all]
1045982 – CVE-2013-6890 denyhosts: remote denial of ssh service<br
Fix security bug

Resolved Bugs
1045983 – CVE-2013-6890 denyhosts: remote denial of ssh service [fedora-all]
1045982 – CVE-2013-6890 denyhosts: remote denial of ssh service<br
Fix security bug

Resolved Bugs
1104041 – CVE-2013-6825 dcmtk: possible privilege escalation if setuid() fails [fedora-all]<br
Upgraded to new upstream version.

Resolved Bugs
1038409 – CVE-2013-6887 CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 CVE-2013-6053 openjpeg: various flaws [fedora-all]<br
Better fix for CVE-2013-6045, that doesn’t cause regressions. Backporting from f20/f21.