Resolved Bugs
838162 – CVE-2012-3381 sblim-sfcb: insecure LD_LIBRARY_PATH usage [epel-5]<br
Fix insecure LD_LIBRARY_PATH usage.

Resolved Bugs
1160540 – python-requests-kerberos: failure to handle mutual authentication
1160545 – python-requests-kerberos: failure to handle mutual authentication [fedora-all]<br
Security fix for CVE-2014-8650: requests-kerberos does not perform mutual authentication

Resolved Bugs
1157989 – ldapsearch does not find existing overrides for FreeIPA ID views when slapi-nis 0.54 is enabled<br
freeipa:
– Update to upstream 4.1.1
– see http://www.freeipa.org/page/Releases/4.1.1
– fix CVE-2014-7828
slapi-nis:
– support FreeIPA overrides in LDAP BIND callback
– ignore FreeIPA override searchs outside configured schema compat subtrees

Resolved Bugs
1154941 – CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS<br
– fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707)

Resolved Bugs
1154941 – CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS<br
– fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707)

Resolved Bugs
1159292 – Machine automatically shutdown during upgrade in less than 15 minutes
1038413 – fedup stage2 keymap will always be US again for F20-F21 due to anaconda not writing vconsole.keymap kernel parameter any more (#1035316)
1153816 – Fedup needs to support upgrading into a Productized Fedora 21
1066679 – CVE-2013-6494 fedup: /var/tmp/fedora-upgrade temporary directory creation vulnerability<br
This update works around a serious problem in Fedora 21 Beta which makes systems automatically shut down 15 minutes into the upgrade.
Other improvements:
* Adds `–product=PRODUCT` flag, required for upgrades to F21
* Uses host’s config files in `upgrade.img`, which should fix various upgrade problems (e.g. incorrect keyboard layout when unlocking disks due to missing `vconsole.conf`)
* Logging improvements: complete upgrade log should appear in system journal

Resolved Bugs
1154941 – CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS<br
– fix handling of CURLOPT_COPYPOSTFIELDS in curl_easy_duphandle (CVE-2014-3707)

Resolved Bugs
1159812 – CVE-2014-8321 CVE-2014-8322 CVE-2014-8323 CVE-2014-8324 aircrack-ng: multiple vulnerabilities
1159813 – CVE-2014-8324 CVE-2014-8321 CVE-2014-8323 CVE-2014-8322 aircrack-ng: multiple vulnerabilities [fedora-all]
984478 – aircrack-ng-1.2-rc1 is available<br
Security fix for CVE-2014-8321, CVE-2014-8322, CVE-2014-8323, CVE-2014-8324

Resolved Bugs
1113528 – CVE-2014-4650 python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs [fedora-all]<br
Fix for CVE-2014-4650: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs.

Resolved Bugs
1113529 – CVE-2014-4650 python3: python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs [fedora-all]
1112285 – CVE-2014-4616 python: missing boundary check in JSON module
1112294 – python3: python: JSON module – reading arbitrary process memory [fedora-all]<br
Fix for CVE-2014-4650: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs.
Fix for CVE-2014-4650