Resolved Bugs
1162655 – binutils: directory traversal vulnerability
1162657 – avr-binutils: binutils: directory traversal vulnerability [fedora-all]
1162594 – CVE-2014-8502 binutils: heap overflow in objdump
1162599 – CVE-2014-8502 avr-binutils: binutils: heap overflow in objdump [fedora-all]
1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
1162575 – CVE-2014-8501 avr-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
1162621 – CVE-2014-8504 binutils: stack overflow in the SREC parser
1162623 – CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]<br
– fix directory traversal vulnerability
– fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
– fix CVE-2014-8502: heap overflow in objdump
– fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
– fix CVE-2014-8504: stack overflow in the SREC parser

Resolved Bugs
1162655 – binutils: directory traversal vulnerability
1162656 – arm-none-eabi-binutils-cs: binutils: directory traversal vulnerability [fedora-all]
1162594 – CVE-2014-8502 binutils: heap overflow in objdump
1162598 – CVE-2014-8502 arm-none-eabi-binutils-cs: binutils: heap overflow in objdump [fedora-all]
1162621 – CVE-2014-8504 binutils: stack overflow in the SREC parser
1162622 – CVE-2014-8504 arm-none-eabi-binutils-cs: binutils: stack overflow in the SREC parser [fedora-all]
1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
1162574 – CVE-2014-8501 arm-none-eabi-binutils-cs: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]<br
– fix directory traversal vulnerability (#1162657)
– fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
– fix CVE-2014-8502: heap overflow in objdump
– fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
– fix CVE-2014-8504: stack overflow in the SREC parser

Resolved Bugs
1162655 – CVE-2014-8737 binutils: directory traversal vulnerability
1162657 – avr-binutils: binutils: directory traversal vulnerability [fedora-all]
1162594 – CVE-2014-8502 binutils: heap overflow in objdump
1162599 – CVE-2014-8502 avr-binutils: binutils: heap overflow in objdump [fedora-all]
1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
1162575 – CVE-2014-8501 avr-binutils: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
1162621 – CVE-2014-8504 binutils: stack overflow in the SREC parser
1162623 – CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]
1162666 – CVE-2014-8738 binutils: out of bounds memory write
1162670 – avr-binutils: binutils: out of bounds memory write [fedora-all]<br
– fix directory traversal vulnerability
– fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
– fix CVE-2014-8502: heap overflow in objdump
– fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
– fix CVE-2014-8504: stack overflow in the SREC parser
– fix out of bounds memory write

Resolved Bugs
1162655 – CVE-2014-8737 binutils: directory traversal vulnerability
1162656 – arm-none-eabi-binutils-cs: binutils: directory traversal vulnerability [fedora-all]
1162594 – CVE-2014-8502 binutils: heap overflow in objdump
1162598 – CVE-2014-8502 arm-none-eabi-binutils-cs: binutils: heap overflow in objdump [fedora-all]
1162621 – CVE-2014-8504 binutils: stack overflow in the SREC parser
1162622 – CVE-2014-8504 arm-none-eabi-binutils-cs: binutils: stack overflow in the SREC parser [fedora-all]
1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable
1162574 – CVE-2014-8501 arm-none-eabi-binutils-cs: binutils: out-of-bounds write when parsing specially crafted PE executable [fedora-all]
1162666 – CVE-2014-8738 binutils: out of bounds memory write
1162669 – arm-none-eabi-binutils-cs: binutils: out of bounds memory write [fedora-all]<br
– fix directory traversal vulnerability (#1162657)
– fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable
– fix CVE-2014-8502: heap overflow in objdump
– fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file
– fix CVE-2014-8504: stack overflow in the SREC parser
– fix out of bounds memory write

Resolved Bugs
1163778 – CVE-2014-8651 kde-workspace: arbitrary code execution and local privilege escalation<br
New security fix release, privilege escalation issue, see also https://www.kde.org/info/security/advisory-20141106-1.txt

Resolved Bugs
1148643 – mariadb-galera packages missing dependency on “which” package
882608 – CVE-2012-5615 mysql: Remote Preauth User Enumeration flaw
1126271 – CVE-2014-4274 mysql: unspecified MyISAM temporary file issue fixed in 5.5.39 and 5.6.20
1153461 – CVE-2014-4287 mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)
1153462 – CVE-2014-6463 mysql: unspecified vulnerability related to SERVER:REPLICATION ROW FORMAT BINARY LOG DML (CPU October 2014)
1153466 – CVE-2014-6478 mysql: unspecified vulnerability related to SERVER:SSL:yaSSL (CPU October 2014)
1153467 – CVE-2014-6484 mysql: unspecified vulnerability related to SERVER:DML (CPU October 2014)
1153485 – CVE-2014-6495 mysql: unspecified vulnerability related to SERVER:SSL:yaSSL (CPU October 2014)
1153489 – CVE-2014-6505 mysql: unspecified vulnerability related to SERVER:MEMORY STORAGE ENGINE (CPU October 2014)
1153491 – CVE-2014-6520 mysql: unspecified vulnerability related to SERVER:DDL (CPU October 2014)
1153493 – CVE-2014-6530 mysql: unspecified vulnerability related to CLIENT:MYSQLDUMP (CPU October 2014)
1153494 – CVE-2014-6551 mysql: unspecified vulnerability related to CLIENT:MYSQLADMIN (CPU October 2014)<br
Update to 5.5.40

Resolved Bugs
1162666 – binutils: out of bounds memory write
1162676 – cross-binutils: binutils: out of bounds memory write [epel-all]<br
Deal with corrupted object files.

Resolved Bugs
1032266 – CVE-2013-4547 nginx: security restriction bypass flaw due to whitespace parsing
1032270 – CVE-2013-4547 nginx: security restriction bypass flaw due to whitespace parsing [epel-6]<br
fix CVE-2013-4547 security bypass due to whitespace parsing

Resolved Bugs
1161360 – oath-toolkit: potential NULL pointer dereference in OATH PAM module
1161365 – oath-toolkit: potential NULL pointer dereference in OATH PAM module [epel-7]<br
Built with PSKC support.
This is an update that adds null check to strdup calls.

Resolved Bugs
1162666 – binutils: out of bounds memory write
1162676 – cross-binutils: binutils: out of bounds memory write [epel-all]<br
Deal with corrupted object files.