Resolved Bugs
1169369 – CVE-2014-9130 libyaml: assert failure when processing wrapped strings
1169750 – CVE-2014-9130 perl-YAML-LibYAML: libyaml: assert failure when processing wrapped strings [fedora-all]<br
An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.
Category Archives: Fedora
Fedora – Security Updates
Fedora 20 Security Update: libyaml-0.1.6-2.fc20
Fedora 19 Security Update: libyaml-0.1.6-2.fc19
Fedora 20 Security Update: qemu-1.6.2-11.fc20
Resolved Bugs
1163080 – CVE-2014-7840 qemu: insufficient parameter validation during ram load [fedora-all]
1163075 – CVE-2014-7840 qemu: insufficient parameter validation during ram load<br
* Fix SLES11 migration issue (bz #1109427)
* CVE-2014-7840: insufficient parameter validation during ram load (bz #1163080)
Fedora 21 Security Update: openvpn-2.3.6-1.fc21
Fix for CVE-2014-8104.
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b
Fedora 21 Security Update: qemu-2.1.2-7.fc21
Resolved Bugs
1167249 – qemu-img disk corruption
1109427 – SLES 11 SP2 guest crashes during live migration
1163080 – CVE-2014-7840 qemu: insufficient parameter validation during ram load [fedora-all]
1163075 – CVE-2014-7840 qemu: insufficient parameter validation during ram load<br
* Fix qemu-img convert corruption for unflushed files (bz #1167249)
* Fix SLES11 migration issue (bz #1109427)
* CVE-2014-7840: insufficient parameter validation during ram load (bz #1163080)
Fedora 21 Security Update: libyaml-0.1.6-6.fc21
Fedora 20 Security Update: couchdb-1.6.1-4.fc20
Resolved Bugs
1166041 – CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option
1166767 – CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option [fedora-all]<br
* Fix CVE-2010-5312 couchdb: jquery-ui: XSS vulnerability in jQuery.ui.dialog title option (rhbz #1166767)
Fedora 19 Security Update: util-linux-2.23.2-6.fc19
Fedora 20 Security Update: mediawiki-1.23.7-1.fc20
http://www.mediawiki.org/wiki/Release_notes/1.23#MediaWiki_1.23.7
* (bug 66776, bug 71478) SECURITY: User PleaseStand reported a way to inject code into API clients that used format=php to process pages that underwent flash policy mangling. This was fixed along with improving how the mangling was done for format=json, and allowing sites to disable the mangling using $wgMangleFlashPolicy.
* (bug 70901) SECURITY: User Jackmcbarn reported that the ability to update the content model for a page could allow an unprivileged attacker to edit another user’s common.js under certain circumstances. The user right “editcontentmodel” was added, and is needed to change a revision’s content model.
* (bug 71111) SECURITY: User PleaseStand reported that on wikis that allow raw HTML, it is not safe to preview wikitext coming from an untrusted source such as a cross-site request. Thus add an edit token to the form, and when raw HTML is allowed, ensure the token is provided before showing the preview. This check is not performed on wikis that both allow raw HTML and anonymous editing, since there are easier ways to exploit that scenario.
* (bug 72222) SECURITY: Do not show log action when the entry is revdeleted with DELETED_ACTION. NOTICE: this may be reverted in a future release pending a public RFC about the desired functionality. This issue was reported by user Bawolff.
* (bug 71621) Make allowing site-wide styles on restricted special pages a config option.
* (bug 42723) Added updated version history from 1.19.2 to 1.22.13
* $wgMangleFlashPolicy was added to make MediaWiki’s mangling of anything that might be a flash policy directive configurable.