Resolved Bugs
1007766 – python-oauth2: various flaws [fedora-all]
1007746 – CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
1007758 – CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce<br
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson).
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.

Resolved Bugs
1150091 – CVE-2014-1571 CVE-2014-1572 CVE-2014-1573 bugzilla: security fixes release
1150092 – CVE-2014-1573 CVE-2014-1572 CVE-2014-1571 bugzilla: security fixes release [fedora-all]<br
Security fix for CVE-2014-1571, CVE-2014-1572, CVE-2014-1573

Resolved Bugs
1093379 – Fix for CVE-2013-6045 breaks decoding of chroma-subsampled images
1036495 – CVE-2013-6045 openjpeg: heap-based buffer overflows<br
– Fixing CVE-2013-6045 without regressions
– Adding check for invalid offsets

Resolved Bugs
1142373 – CVE-2014-3634 rsyslog: remote syslog PRI vulnerability
1148942 – CVE-2014-3634 rsyslog: remote syslog PRI vulnerability [fedora-all]<br
Security fix for CVE-2014-3634

Resolved Bugs
1007766 – python-oauth2: various flaws [fedora-all]
1007746 – CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
1007758 – CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce<br
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson).
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.

Resolved Bugs
1007766 – python-oauth2: various flaws [fedora-all]
1007746 – CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
1007758 – CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce<br
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson).
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.

Resolved Bugs
1093379 – Fix for CVE-2013-6045 breaks decoding of chroma-subsampled images
1036495 – CVE-2013-6045 openjpeg: heap-based buffer overflows<br
– Fixing CVE-2013-6045 without regressions
– Adding check for invalid offsets

Resolved Bugs
1007766 – python-oauth2: various flaws [fedora-all]
1007746 – CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
1007758 – CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce<br
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson).
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.

Resolved Bugs
1148664 – CVE-2014-7217 phpmyadmin: cross-site scripting (XSS) flaw fixed in versions 4.0.10.4, 4.1.14.5, and 4.2.9.1 (PMASA-2014-11)
1148667 – CVE-2014-7217 phpMyAdmin3: phpmyadmin: cross-site scripting (XSS) flaw fixed in versions 4.0.10.4, 4.1.14.5, and 4.2.9.1 (PMASA-2014-11) [epel-5]
1148666 – CVE-2014-7217 phpmyadmin: cross-site scripting (XSS) flaw fixed in versions 4.0.10.4, 4.1.14.5, and 4.2.9.1 (PMASA-2014-11) [epel-5]<br
phpMyAdmin 4.0.10.4 (2014-10-01)
================================
* [security] XSS vulnerabilities in table search and table structure pages

Resolved Bugs
1007766 – python-oauth2: various flaws [fedora-all]
1007746 – CVE-2013-4346 python-oauth2: _check_signature() ignores the nonce value when validating signed urls
1007758 – CVE-2013-4347 python-oauth2: Uses poor PRNG in nonce<br
Actually apply patch to fix CVE-2013-4347 (thanks to Jason Green, Matt Wilson).
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.
Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski.