GNU Libtasn1 CVE-2014-3468 Remote Code Execution Vulnerability
Vuln: Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
Oracle Java SE CVE-2014-0423 Remote Security Vulnerability
Vuln: Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
Oracle Java SE CVE-2014-0416 Remote Security Vulnerability
Vuln: Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
Oracle Java SE CVE-2014-0411 Remote Security Vulnerability
RHBA-2014:1799-1: initscripts bug fix update
Red Hat Enterprise Linux: Updated initscripts packages that fix one bug are now available for Red Hat
Enterprise Linux 6.
RHBA-2014:1798-1: xfsdump bug fix update
Red Hat Enterprise Linux: Updated xfsdump packages that fix one bug are now available for Red Hat
Enterprise Linux 6.
RHBA-2014:1797-1: java-1.8.0-openjdk bug fix update
Red Hat Enterprise Linux: Updated java-1.8.0-openjdk packages that fix two bugs are now available for Red
Hat Enterprise Linux 6.
CVE-2014-2718
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.
Fedora EPEL 7 Security Update: polarssl-1.3.9-1.el7
Fedora EPEL 5 Security Update: mantis-1.2.17-3.el5
Resolved Bugs
1141310 – CVE-2014-6387 mantis: null byte poisoning in LDAP authentication
1141314 – mantis: null byte poisoning in LDAP authentication [epel-5]<br
Fix for CVE-2014-6387
Please note: this update is from the 1.2 series, so existing installations (on 1.1) will need manual upgrade steps to apply the DB schema migration.
Please check the file
/usr/share/doc/mantis/README.Fedora
for the installation/upgrade steps.