kronolith 4.2.4
* [jan] Make access to non-CalDAV remote calendars faster (Bug #12379).
* [jan] Continue with further events if parsing of one remote event date fails.
* [jan] Fix JS error in month view with more events today than the maximum threshold.
* [mjr] Fix fatal error when creating or modifying an entry via PUT.
* [mjr] Don’t show private event details in daily agenda emails if not the owner (Bug #13660).

Resolved Bugs
1170597 – CVE-2014-9218 phpMyAdmin: Denial of Service with long passwords
1170599 – CVE-2014-9218 phpMyAdmin4: phpMyAdmin: Denial of Service with long passwords [epel-5]<br
phpMyAdmin 4.0.10.7 (2014-12-03)
================================
– [security] DOS attack with long passwords

Resolved Bugs
1088105 – CVE-2014-2893 llvm: insecure temporary file handling in clang’s scan-build utility<br
Fix for CVE-2014-2893.

Resolved Bugs
1169886 – kde-plasma-networkmanagement, kde-plasma-nm: creates OpenVPN connections vulnerable to MITM attack
1169888 – kde-plasma-networkmanagement, kde-plasma-nm: created OpenVPN connections vulnerable to MITM attack [fedora-all]<br
Add option for server certificate verification.

New Firefox release – 34.0.

Resolved Bugs
1169698 – CVE-2014-9028 CVE-2014-8962 flac: various flaws [fedora-all]
1167236 – CVE-2014-8962 flac: Heap buffer read overflow when processing ID3V2 metadata
1167741 – CVE-2014-9028 flac: Heap buffer write overflow in read_residual_partitioned_rice_<br
Security fix for CVE-2014-9028, CVE-2014-8962

Resolved Bugs
1169665 – CVE-2014-8123 antiword: buffer overflow of atPPSlist[].szName[]
1169666 – CVE-2014-8123 antiword: buffer overflow of atPPSlist[].szName[] [fedora-all]<br
Security fix for CVE-2014-8123

Resolved Bugs
1169487 – CVE-2014-8104 openvpn: authenticated user can DoS OpenVPN by sending a too-short control channel packet to server [fedora-all]
1169488 – CVE-2014-8104 openvpn: authenticated user can DoS OpenVPN by sending a too-short control channel packet to server [epel-all]<br
Fix for CVE-2014-8104.
https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-97597e732b

Resolved Bugs
1169698 – CVE-2014-9028 CVE-2014-8962 flac: various flaws [fedora-all]
1167236 – CVE-2014-8962 flac: Heap buffer read overflow when processing ID3V2 metadata
1167741 – CVE-2014-9028 flac: Heap buffer write overflow in read_residual_partitioned_rice_<br
Security fix for CVE-2014-9028, CVE-2014-8962

Resolved Bugs
1169699 – CVE-2014-9028 CVE-2014-8962 mingw-flac: various flaws [fedora-all]
1167236 – CVE-2014-8962 flac: Heap buffer read overflow when processing ID3V2 metadata
1167741 – CVE-2014-9028 flac: Heap buffer write overflow in read_residual_partitioned_rice_<br
Security fix for CVE-2014-9028, CVE-2014-8962