Resolved Bugs
1172633 – freetype: OOB stack-based read/write in cf2_hintmap_build() (incomplete fix for CVE-2014-2240).
1172634 – freetype: OOB stack-based read/write in cf2_hintmap_build() (incomplete fix for CVE-2014-2240). [fedora-20]<br
This update prevents freetype from a buffer overflow.
Category Archives: Fedora
Fedora – Security Updates
Fedora 20 Security Update: rpm-4.11.3-2.fc20
Resolved Bugs
1172125 – CVE-2014-8118 CVE-2013-6435 rpm: various flaws [fedora-all]
1039811 – CVE-2013-6435 rpm: race condition during the installation process
1168715 – CVE-2014-8118 rpm: integer overflow and stack overflow in CPIO header parsing<br
– Add check against malicious CPIO file name size
– Fix race condidition where unchecked data is exposed in the file system
Fedora 21 Security Update: asterisk-11.14.2-1.fc21
Resolved Bugs
1173002 – asterisk: Remote Crash Vulnerability in WebSocket Server (AST-2014-019)
1173003 – asterisk: Remote Crash Vulnerability in WebSocket Server (AST-2014-019) [fedora-all]<br
The Asterisk Development Team has announced security releases for Certified
Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are
released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2.
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The release of these versions resolves the following security vulnerability:
* AST-2014-019: Remote Crash Vulnerability in WebSocket Server
When handling a WebSocket frame the res_http_websocket module dynamically
changes the size of the memory used to allow the provided payload to fit. If a
payload length of zero was received the code would incorrectly attempt to
resize to zero. This operation would succeed and end up freeing the memory but
be treated as a failure. When the session was subsequently torn down this
memory would get freed yet again causing a crash.
For more information about the details of this vulnerability, please read
security advisory AST-2014-019, which was released at the same time as this
announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2
The security advisory is available at:
* http://downloads.asterisk.org/pub/security/AST-2014-019.pdf
Fedora 21 Security Update: docker-io-1.4.0-1.fc21
Resolved Bugs
1173324 – CVE-2014-9357 CVE-2014-9356 CVE-2014-9358 docker-io: various flaws [fedora-all]
1172761 – CVE-2014-9356 docker: Path traversal during processing of absolute symlinks
1172782 – CVE-2014-9357 docker: Escalation of privileges during decompression of LZMA archives
1172787 – CVE-2014-9358 docker: Path traversal and spoofing opportunities presented through image identifiers
1169151 – docker run fails with ‘finalize namespace setup user setgid operation not supported'<br
Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356
Revert to using upstream v1.3.2 release
Resolves: rhbz#1169035, rhbz#1169151
Fedora 20 Security Update: asterisk-11.14.2-1.fc20
Resolved Bugs
1173002 – asterisk: Remote Crash Vulnerability in WebSocket Server (AST-2014-019)
1173003 – asterisk: Remote Crash Vulnerability in WebSocket Server (AST-2014-019) [fedora-all]<br
The Asterisk Development Team has announced security releases for Certified
Asterisk 11.6 and Asterisk 11, 12, and 13. The available security releases are
released as versions 11.6-cert9, 11.14.2, 12.7.2, and 13.0.2.
These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases
The release of these versions resolves the following security vulnerability:
* AST-2014-019: Remote Crash Vulnerability in WebSocket Server
When handling a WebSocket frame the res_http_websocket module dynamically
changes the size of the memory used to allow the provided payload to fit. If a
payload length of zero was received the code would incorrectly attempt to
resize to zero. This operation would succeed and end up freeing the memory but
be treated as a failure. When the session was subsequently torn down this
memory would get freed yet again causing a crash.
For more information about the details of this vulnerability, please read
security advisory AST-2014-019, which was released at the same time as this
announcement.
For a full list of changes in the current releases, please see the ChangeLogs:
http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-11.6-cert9
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-11.14.2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-12.7.2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-13.0.2
The security advisory is available at:
* http://downloads.asterisk.org/pub/security/AST-2014-019.pdf
Fedora 21 Security Update: tcpdump-4.6.2-3.fc21
Fedora 19 Security Update: nss-util-3.17.3-1.fc19,nss-3.17.3-1.fc19,nss-softokn-3.17.3-1.fc19
Resolved Bugs
994599 – nss: should enable TLS 1.2 by default
1155306 – Provide sym key derive mechansm as result of encryption of message
1171012 – nss-3.17.3 is available
1174493 – CVE-2014-1569 nss: QuickDER decoder length issue [fedora-all]<br
Update the nss, nss-softokn, and nss-util packages to nss-3.17.3
For more details on the bugs fixed with this release, please see the upstream release notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes
Fedora 19 Security Update: nss-3.17.3-2.fc19,nss-util-3.17.3-1.fc19,nss-softokn-3.17.3-1.fc19
Resolved Bugs
987189 – nss-tools RPM conflicts with perl-PAR-Packer
994599 – nss: should enable TLS 1.2 by default
1155306 – Provide sym key derive mechansm as result of encryption of message
1171012 – nss-3.17.3 is available
1174493 – CVE-2014-1569 nss: QuickDER decoder length issue [fedora-all]<br
Update the nss, nss-softokn, and nss-util packages to nss-3.17.3
For more details on the bugs fixed with this release, please see the upstream release notes at
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes
Fedora EPEL 6 Security Update: docker-io-1.4.0-1.el6
Resolved Bugs
1173325 – CVE-2014-9357 CVE-2014-9356 CVE-2014-9358 docker-io: various flaws [epel-6]
1172761 – CVE-2014-9356 docker: Path traversal during processing of absolute symlinks
1172782 – CVE-2014-9357 docker: Escalation of privileges during decompression of LZMA archives
1172787 – CVE-2014-9358 docker: Path traversal and spoofing opportunities presented through image identifiers<br
Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356
Fedora 19 Security Update: kernel-3.14.26-100.fc19
Resolved Bugs
1170691 – CVE-2014-9090 kernel: espfix64: local DoS via do_double_fault() due to improper handling of faults associated with SS segment register
1163762 – CVE-2010-5313 CVE-2014-7842 kernel: kvm: reporting emulation failures to userspace
1163767 – CVE-2014-7842 kernel: kvm: reporting emulation failures to userspace [fedora-all]
1163087 – CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
1163095 – CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet [fedora-all]
1161565 – CVE-2014-7825 CVE-2014-7826 kernel: insufficient syscall number validation in perf and ftrace subsystems
1161572 – CVE-2014-7826 CVE-2014-7825 kernel: insufficient syscall number validation in perf and ftrace subsystems [fedora-all]<br
The 3.14.26 update contains a number of important fixes across the tree
The 3.14.25 stable update contains a number of important fixes across the tree.
The 3.14.24 stable update contains a number of important fixes across the tree.