Resolved Bugs
1170691 – CVE-2014-9090 kernel: espfix64: local DoS via do_double_fault() due to improper handling of faults associated with SS segment register
1163762 – CVE-2010-5313 CVE-2014-7842 kernel: kvm: reporting emulation failures to userspace
1163767 – CVE-2014-7842 kernel: kvm: reporting emulation failures to userspace [fedora-all]
1163087 – CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
1163095 – CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet [fedora-all]
1161565 – CVE-2014-7825 CVE-2014-7826 kernel: insufficient syscall number validation in perf and ftrace subsystems
1161572 – CVE-2014-7826 CVE-2014-7825 kernel: insufficient syscall number validation in perf and ftrace subsystems [fedora-all]<br
The 3.14.26 update contains a number of important fixes across the tree
The 3.14.25 stable update contains a number of important fixes across the tree.
The 3.14.24 stable update contains a number of important fixes across the tree.

Resolved Bugs
1091438 – CVE-2012-4230 tinymce: XSS attacks via security policy bypass
1091442 – CVE-2012-4230 sagemath: tinymce: XSS attacks via security policy bypass [fedora-all]<br
Add patch for CVE-2012-4230.

Resolved Bugs
986773 – CVE-2013-4159 ctdb: /tmp file vulnerability issues
1102900 – CVE-2013-4159 ctdb: /tmp file vulnerability issues [fedora-all]<br
Updated to a ctdb version which does not use /tmp anymore.

p2m lock starvation, fix build with –without xsm

CVE fixes for everyone – all the X.org CVE fixes from Dec 9th 2014

Resolved Bugs
1172572 – XBMC issues due to Curl
1153814 – yum cannot access repositories using TLS 1.2
1166567 – curl: Disable out-of-protocol fallback to SSL 3.0
1166239 – Please include “low-speed-limit: avoid timeout flood” patch into fedora curl package
1154941 – CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS<br
– make CURLOPT_LOW_SPEED_LIMIT work again with threaded resolver (#1172572)
– allow to use TLS 1.1 and TLS 1.2 (#1153814)
– disable libcurl-level downgrade to SSLv3 (#1166567)
– low-speed-limit: avoid timeout flood (#1166239)
– fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707)

Resolved Bugs
1172065 – CVE-2014-8602 unbound: specially crafted request can lead to denial of service
1172066 – CVE-2014-8602 unbound: specially crafted request can lead to denial of service [fedora-all]<br
Security fix for CVE-2014-8602

Resolved Bugs
1091438 – CVE-2012-4230 tinymce: XSS attacks via security policy bypass
1091442 – CVE-2012-4230 sagemath: tinymce: XSS attacks via security policy bypass [fedora-all]<br
Add patch for CVE-2012-4230.

Resolved Bugs
1172065 – CVE-2014-8602 unbound: specially crafted request can lead to denial of service
1172066 – CVE-2014-8602 unbound: specially crafted request can lead to denial of service [fedora-all]
1166878 – unbound-1.5.0-1.fc22 crashing often
1167291 – unbound update breaks libreswan: error: /lib64/libunbound.so.2: undefined symbol: main”<br
Security fix for CVE-2014-8602
new release
fix build on aarch64
new upstream version

Resolved Bugs
1163080 – CVE-2014-7840 qemu: insufficient parameter validation during ram load [fedora-all]
1163075 – CVE-2014-7840 qemu: insufficient parameter validation during ram load<br
* Fix qemu-img convert corruption for unflushed files (bz #1167249)
* Fix SLES11 migration issue (bz #1109427)
* CVE-2014-7840: insufficient parameter validation during ram load (bz #1163080)