Resolved Bugs
1162046 – CVE-2014-7146 CVE-2014-8598 mantis: issues in the XML Import/Export plug-in to be fixed in the upcoming 1.2.18 release
1162047 – CVE-2014-8598 CVE-2014-7146 mantis: issues in the XML Import/Export plug-in to be fixed in the upcoming 1.2.18 release [fedora-all]
1159295 – CVE-2014-8554 mantis: incomplete fix for CVE-2014-1609
1159679 – CVE-2014-8554 mantis: incomplete fix for CVE-2014-1609 [fedora-all]<br
fix CVE-2014-7146, CVE-2014-8598 (#1162046)
fix CVE-2014-8554 (#1159295)

Resolved Bugs
1164073 – moodle: security issues fixed in versions 2.7.3, 2.6.6 and 2.5.9 [epel-6]
1164072 – moodle: security issues fixed in versions 2.7.3, 2.6.6 and 2.5.9 [fedora-all]<br
Fix for security issues.
https://moodle.org/mod/forum/discuss.php?d=274730

Resolved Bugs
1162046 – CVE-2014-7146 CVE-2014-8598 mantis: issues in the XML Import/Export plug-in to be fixed in the upcoming 1.2.18 release
1162047 – CVE-2014-8598 CVE-2014-7146 mantis: issues in the XML Import/Export plug-in to be fixed in the upcoming 1.2.18 release [fedora-all]
1159295 – CVE-2014-8554 mantis: incomplete fix for CVE-2014-1609
1159679 – CVE-2014-8554 mantis: incomplete fix for CVE-2014-1609 [fedora-all]<br
fix CVE-2014-7146, CVE-2014-8598 (#1162046)
fix CVE-2014-8554 (#1159295)

Resolved Bugs
1164073 – moodle: security issues fixed in versions 2.7.3, 2.6.6 and 2.5.9 [epel-6]
1164072 – moodle: security issues fixed in versions 2.7.3, 2.6.6 and 2.5.9 [fedora-all]<br
Fix for security issues.
https://moodle.org/mod/forum/discuss.php?d=274730

EPEL 7 Limited arch package (ppc). Contains all security fixes from https://rhn.redhat.com/errata/RHSA-2014-1826.html

Resolved Bugs
1162655 – binutils: directory traversal vulnerability
1162657 – avr-binutils: binutils: directory traversal vulnerability [fedora-all]
1162594 – CVE-2014-8502 binutils: heap overflow in objdump
1162599 – CVE-2014-8502 avr-binutils: binutils: heap overflow in objdump [fedora-all]
1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
1162575 – CVE-2014-8501 avr-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
1162621 – CVE-2014-8504 binutils: stack overflow in the SREC parser
1162623 – CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]<br
– fix directory traversal vulnerability
– fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
– fix CVE-2014-8502: heap overflow in objdump
– fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
– fix CVE-2014-8504: stack overflow in the SREC parser

Resolved Bugs
1162655 – CVE-2014-8737 binutils: directory traversal vulnerability
1162657 – avr-binutils: binutils: directory traversal vulnerability [fedora-all]
1162594 – CVE-2014-8502 binutils: heap overflow in objdump
1162599 – CVE-2014-8502 avr-binutils: binutils: heap overflow in objdump [fedora-all]
1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
1162575 – CVE-2014-8501 avr-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
1162621 – CVE-2014-8504 binutils: stack overflow in the SREC parser
1162623 – CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]
1162666 – CVE-2014-8738 binutils: out of bounds memory write
1162670 – avr-binutils: binutils: out of bounds memory write [fedora-all]<br
– fix directory traversal vulnerability
– fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
– fix CVE-2014-8502: heap overflow in objdump
– fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
– fix CVE-2014-8504: stack overflow in the SREC parser
– fix out of bounds memory write

Resolved Bugs
1163343 – CVE-2014-3007 python-pillow: python-pillow, python-imaging: command injection issue [fedora-all]
1094101 – CVE-2014-3007 python-pillow, python-imaging: command injection issue
1063658 – CVE-2014-1932 python-pillow, python-imaging: insecure temporary file creation
1089795 – CVE-2014-1933 CVE-2014-1932 python-pillow: various flaws [fedora-all]<br
Security fix for CVE-2014-3007, updated fix for CVE-2014-1932.
Followup fix for CVE-2014-1933.

Resolved Bugs
1162655 – binutils: directory traversal vulnerability
1162657 – avr-binutils: binutils: directory traversal vulnerability [fedora-all]
1162594 – CVE-2014-8502 binutils: heap overflow in objdump
1162599 – CVE-2014-8502 avr-binutils: binutils: heap overflow in objdump [fedora-all]
1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
1162575 – CVE-2014-8501 avr-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
1162621 – CVE-2014-8504 binutils: stack overflow in the SREC parser
1162623 – CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]<br
– fix directory traversal vulnerability
– fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
– fix CVE-2014-8502: heap overflow in objdump
– fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
– fix CVE-2014-8504: stack overflow in the SREC parser

Resolved Bugs
1162655 – CVE-2014-8737 binutils: directory traversal vulnerability
1162657 – avr-binutils: binutils: directory traversal vulnerability [fedora-all]
1162594 – CVE-2014-8502 binutils: heap overflow in objdump
1162599 – CVE-2014-8502 avr-binutils: binutils: heap overflow in objdump [fedora-all]
1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
1162575 – CVE-2014-8501 avr-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
1162621 – CVE-2014-8504 binutils: stack overflow in the SREC parser
1162623 – CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]
1162666 – CVE-2014-8738 binutils: out of bounds memory write
1162670 – avr-binutils: binutils: out of bounds memory write [fedora-all]<br
– fix directory traversal vulnerability
– fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
– fix CVE-2014-8502: heap overflow in objdump
– fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
– fix CVE-2014-8504: stack overflow in the SREC parser
– fix out of bounds memory write