This page displays the security advisory feed for the Fedora Project, not to be confused with Red Hat Enterprise Linux which is a different product and therefore a different feed:

• Fedora 15 Security Update: ikiwiki-3.20111106-2.fc15
  Security update: Add patch from mainline that should fix a XSS exposure in the meta plugin (CVE-2012-0220).
• Fedora 16 Security Update: ikiwiki-3.20111106-2.fc16
  Security update: Add patch from mainline that should fix a XSS exposure in the meta plugin (CVE-2012-0220).
• Fedora 15 Security Update: libreoffice-3.3.4.1-5.fc15
  Resolved Bugs822216 - CVE-2012-1149 openoffice.org, libreoffice: Integer overflows, leading to heap-buffer overflows in JPEG, PNG and BMP reader implementations [fedora-all]
• Fedora 17 Security Update: xen-4.1.2-17.fc17
  make pygrub cope better with big files from guest (CVE-2012-2625)
• Fedora 16 Security Update: libgssglue-0.4-0.fc16
  - Fix for CVE-2011-2709 Patch from Marcus Meissner Note: Although https://bugzilla.novell.com/show_bug.cgi?id=694598 mentions mount.nfs, libgssglue is not used by mount.nfs.
• Fedora 16 Security Update: pidgin-otr-3.2.1-1.fc16
  New release addresses Format string vulnerability CVE-2012-2369
• Fedora 16 Security Update: xinetd-2.3.14-47.fc16
  Resolved Bugs820318 - CVE-2012-0862 xinetd: enables unintentional services over tcpmux port [fedora-all]790940 - CVE-2012-0862 xinetd: enables unintentional services over tcpmux port
• Fedora 16 Security Update: libreoffice-3.4.5.2-15.fc16
  Resolved Bugs822216 - CVE-2012-1149 openoffice.org, libreoffice: Integer overflows, leading to heap-buffer overflows in JPEG, PNG and BMP reader implementations [fedora-all]
• Fedora 15 Security Update: xinetd-2.3.14-37.fc15
  Resolved Bugs820318 - CVE-2012-0862 xinetd: enables unintentional services over tcpmux port [fedora-all]790940 - CVE-2012-0862 xinetd: enables unintentional services over tcpmux port
• Fedora 15 Security Update: openssl-1.0.0j-1.fc15
  Resolved Bugs820686 - CVE-2012-2333 openssl: record length handling integer underflow820693 - CVE-2012-2333 openssl: record length handling integer underflow [fedora-all]
• Fedora 16 Security Update: sudo-1.8.3p1-3.fc16
  Resolved Bugs820677 - CVE-2012-2337 sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access822175 - CVE-2012-2337 sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access [fedora-all]
• Fedora 16 Security Update: openssl-1.0.0j-1.fc16
  Resolved Bugs820686 - CVE-2012-2333 openssl: record length handling integer underflow820693 - CVE-2012-2333 openssl: record length handling integer underflow [fedora-all]
• Fedora 15 Security Update: sudo-1.7.4p5-5.fc15
  Resolved Bugs820677 - CVE-2012-2337 sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access822175 - CVE-2012-2337 sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access [fedora-all]
• Fedora 17 Security Update: sudo-1.8.3p1-7.fc17
  Resolved Bugs820677 - CVE-2012-2337 sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access822175 - CVE-2012-2337 sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access [fedora-all]
• Fedora 17 Security Update: ikiwiki-3.20120516-1.fc17
  Update to latest stable version 3.20120516. Fixes CVE-2012-0220.
• Fedora 17 Security Update: libgssglue-0.4-0.fc17
  - Fix for CVE-2011-2709 Patch from Marcus Meissner Note: Although https://bugzilla.novell.com/show_bug.cgi?id=694598 mentions mount.nfs, libgssglue is not used by mount.nfs.
• Fedora 17 Security Update: openssl-1.0.0j-1.fc17
  Resolved Bugs820686 - CVE-2012-2333 openssl: record length handling integer underflow820693 - CVE-2012-2333 openssl: record length handling integer underflow [fedora-all]
• Fedora EPEL 6 Security Update: pidgin-otr-3.2.1-1.el6
  New release addresses Format string vulnerability CVE-2012-2369
• Fedora EPEL 6 Security Update: moodle-2.1.5-3.el6
  Resolved Bugs820494 - moodle - cannot setup authentification - wrong module cas748958 - moodle package carries language packs which ae never used809227 - CVE-2012-1155 CVE-2012-1156 CVE-2012-1157 CVE-2012-1158 CVE-2012-1159 CVE-2012-1160 CVE-2012-1161 CVE-2012-1168 CVE-2012-1169 CVE-2012-1170 moodle: multiple security fixes in 2.2.2, 2.1.5, 2.0.8, 1.9.17 [epel-all]
• Fedora 15 Security Update: perl-Config-IniFiles-2.72-1.fc15
  Resolved Bugs818430 - CVE-2012-2451 perl-Config-IniFiles: insecure temporary file usage [fedora-all]818431 - CVE-2012-2451 perl-Config-IniFiles: insecure temporary file usage [epel-all]
• More...

Be Sociable, Share!

•