The following Fedora 13 Security updates need testing:
https://admin.fedoraproject.org/updates/wordpress-2.8.6-3.fc13
https://admin.fedoraproject.org/updates/dbus-1.2.24-2.fc13
https://admin.fedoraproject.org/updates/perl-Convert-UUlib-1.34-1.fc13
https://admin.fedoraproject.org/updates/pidgin-2.7.9-1.fc13
https://admin.fedoraproject.org/updates/wordpress-mu-2.9.2-2.fc13
https://admin.fedoraproject.org/updates/pyfribidi-0.10.0-1.fc13
https://admin.fedoraproject.org/updates/Django-1.2.4-1.fc13
https://admin.fedoraproject.org/updates/webkitgtk-1.2.6-1.fc13
https://admin.fedoraproject.org/updates/feh-1.10.1-1.fc13
https://admin.fedoraproject.org/updates/mod_auth_mysql-3.0.0-12.fc13
https://admin.fedoraproject.org/updates/perl-CGI-Simple-1.112-2.fc13
The following Fedora 13 Critical Path updates have yet to be approved:
https://admin.fedoraproject.org/updates/less-436-8.fc13
https://admin.fedoraproject.org/updates/livecd-tools-13.1-1.fc13
https://admin.fedoraproject.org/updates/selinux-policy-3.7.19-80.fc13
https://admin.fedoraproject.org/updates/libical-0.46-2.fc13
https://admin.fedoraproject.org/updates/pm-utils-1.2.6.1-4.fc13
https://admin.fedoraproject.org/updates/mash-0.5.20-1.fc13
https://admin.fedoraproject.org/updates/openldap-2.4.21-11.fc13
https://admin.fedoraproject.org/updates/nss-3.12.7-4.fc13,nss-util-3.12.7-2.fc13,nss-softokn-3.12.7-3.fc13,nspr-4.8.6-1.fc13
https://admin.fedoraproject.org/updates/xorg-x11-drv-openchrome-0.2.904-7.fc13
The following builds have been pushed to Fedora 13 updates-testing
Django-1.2.4-1.fc13
dhcp-forwarder-0.8-1301.fc13
ecryptfs-utils-84-2.fc13
emacs-common-ddskk-14.2-1.fc13
feh-1.10.1-1.fc13
groonga-1.0.6-1.fc13
ibus-1.3.9-2.fc13
ipv6calc-0.80.0-1.fc13
latexmk-4.22-1.fc13
libhangul-0.0.12-1.fc13
mod_auth_mysql-3.0.0-12.fc13
mydns-1.2.8.31-1.fc13
openscada-0.7.0.1-4.fc13
perl-File-Inplace-0.20-1.fc13
perl-XML-TreeBuilder-4.0-3.fc13
phpMyAdmin-3.3.9-1.fc13
pulseaudio-equalizer-2.7-4.fc13
rawtherapee-3.0-0.27.a1.fc13
rubygem-heroku-1.15.1-1.fc13
scala-2.8.1-1.fc13
sems-1.3.1-3.fc13
spectrum-1.4.6-1.fc13
webkitgtk-1.2.6-1.fc13
Details about builds:
================================================================================
Django-1.2.4-1.fc13 (FEDORA-2011-0096)
A high-level Python Web framework
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 Steve 'Ashcrow' Milner <me@xxxxxxxxxxxxxxx> - 1.2.4-1
- Update for multiple security issues (see http://www.djangoproject.com/weblog/2010/dec/22/security/)
* Sat Oct 9 2010 Steve 'Ashcrow' Milner <me@xxxxxxxxxxxxxxx> - 1.2.3-3
- Now build docs for F12+
- Added Django-remove-djangodocs-ext.patch
* Sat Oct 9 2010 Steve 'Ashcrow' Milner <me@xxxxxxxxxxxxxxx> - 1.2.3-2
- Moved to dirhtml for documentation generation
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #665373 - CVE-2010-4534, CVE-2010-4535 Information leakage and DoS vulnerabilities in Django < 1.2.4 & 1.1.3
https://bugzilla.redhat.com/show_bug.cgi?id=665373
--------------------------------------------------------------------------------
================================================================================
dhcp-forwarder-0.8-1301.fc13 (FEDORA-2011-0086)
DHCP relay agent
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 Enrico Scholz <enrico.scholz@xxxxxxxxxxxxxxxxxxxxxxxxx> - 0.8-1301
- backported patch from 0.9 which allows to run dhcp-fwd and e.g. dnsmasq
simultaneously on the same host
--------------------------------------------------------------------------------
================================================================================
ecryptfs-utils-84-2.fc13 (FEDORA-2011-0108)
The eCryptfs mount helper and support libraries
--------------------------------------------------------------------------------
Update Information:
- fix unsigned < 0 test in pkcs11 helper
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 4 2011 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 84-2
- fix unsigned < 0 test (#664474)
* Mon Dec 20 2010 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 84-1
- ecryptfs-utils updated to 84
* Wed Sep 29 2010 jkeating - 83-9
- Rebuilt for gcc bug 634757
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #664474 - calls to i2d_X509 when certificate_blob_size is unsigned
https://bugzilla.redhat.com/show_bug.cgi?id=664474
--------------------------------------------------------------------------------
================================================================================
emacs-common-ddskk-14.2-1.fc13 (FEDORA-2011-0109)
Daredevil SKK - Simple Kana to Kanji conversion program for Emacs
--------------------------------------------------------------------------------
Update Information:
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 4 2011 Daiki Ueno <dueno@xxxxxxxxxx> - 14.2-1
- new upstream release
- drop dependency on apel
* Fri Nov 12 2010 Daiki Ueno <dueno@xxxxxxxxxx> - 14.1-7
- unown %_xemacs_sitepkgdir/etc/ since xemacs-common now owns it (#645621)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #666595 - emacs-common-ddskk-14.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=666595
--------------------------------------------------------------------------------
================================================================================
feh-1.10.1-1.fc13 (FEDORA-2011-0074)
Fast command line image viewer using Imlib2
--------------------------------------------------------------------------------
Update Information:
New upstream update, fixes security issue
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 29 2010 Andrew Potter <agpotter@xxxxxxxxx> 1.10.1-1
- New upstream release
- Closes CVE-2010-2246 by removing option -G, --wget-timestamp
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #608808 - CVE-2010-2246 Feh: Arbitrary code execution by viewing http images with reload set
https://bugzilla.redhat.com/show_bug.cgi?id=608808
--------------------------------------------------------------------------------
================================================================================
groonga-1.0.6-1.fc13 (FEDORA-2011-0078)
An Embeddable Fulltext Search Engine
--------------------------------------------------------------------------------
Update Information:
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 31 2010 Kouhei Sutou <kou@xxxxxxxxxxxxxx> - 1.0.6-0
- new upstream release
* Wed Dec 29 2010 Kouhei Sutou <kou@xxxxxxxxxxxxxx> - 1.0.5-0
- new upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #666374 - groonga-1.0.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=666374
--------------------------------------------------------------------------------
================================================================================
ibus-1.3.9-2.fc13 (FEDORA-2011-0083)
Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 4 2011 Takao Fujiwara <tfujiwar@xxxxxxxxxx> - 1.3.9-2
- Update to 1.3.9
Fixed Bug 621795 - crash in ibus_object_destroy
Fixed Bug 626652 - ibus memory leak with ibus_input_context_process_key_event
Fixed Bug 652157 - Window position of ibus-x11 in ppc64
- Fixed Bug 666427 - ibus requires dbus-x11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #666427 - ibus requires dbus-x11
https://bugzilla.redhat.com/show_bug.cgi?id=666427
--------------------------------------------------------------------------------
================================================================================
ipv6calc-0.80.0-1.fc13 (FEDORA-2011-0066)
IPv6 address format change and calculation utility
--------------------------------------------------------------------------------
Update Information:
It should fix crash after: ipv6calc --out -?
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 4 2011 Marcela MaÅlÃÅovà <mmaslano@xxxxxxxxxx> - 0.80.0-1
- update to the latest version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #603825 - [abrt] crash in ipv6calc-0.73.0-1.fc13: Process /usr/bin/ipv6calc was killed by signal 11 (SIGSEGV)
https://bugzilla.redhat.com/show_bug.cgi?id=603825
--------------------------------------------------------------------------------
================================================================================
latexmk-4.22-1.fc13 (FEDORA-2011-0091)
A make-like utility for LaTeX files
--------------------------------------------------------------------------------
Update Information:
This update introduces all of the bug fixes and enhancements documented for versions 4.20, 4.21, and 4.22 at http://www.phys.psu.edu/~collins/software/latexmk-jcc/versions.html.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 Jerry James <loganjerry@xxxxxxxxx> - 4.22-1
- Update to 4.22 (fixes more parse problems, adds biber support)
--------------------------------------------------------------------------------
================================================================================
libhangul-0.0.12-1.fc13 (FEDORA-2011-0067)
Hangul input library
--------------------------------------------------------------------------------
Update Information:
new upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 4 2011 Daiki Ueno <dueno@xxxxxxxxxx> - 0.0.12-1
- update to 0.0.12
- install %{_bindir}/hangul and locale files.
--------------------------------------------------------------------------------
================================================================================
mod_auth_mysql-3.0.0-12.fc13 (FEDORA-2011-0114)
Basic authentication for the Apache web server using a MySQL database
--------------------------------------------------------------------------------
Update Information:
This update fixes a security issue in mod_auth_mysql.
A flaw was found in the way mod_auth_mysql escaped certain
multibyte-encoded strings. If mod_auth_mysql was configured to use a multibyte character set that allowed a backslash ("\") as part of the character encodings, a remote attacker could inject arbitrary SQL commands into a login request. (CVE-2008-2384)
Note: This flaw only affected non-default installations where
AuthMySQLCharacterSet is configured to use one of the affected multibyte character sets. Installations that did not use the AuthMySQLCharacterSet configuration option were not vulnerable to this flaw.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 16 2010 Joe Orton <jorton@xxxxxxxxxx> - 1:3.0.0-12
- add security fix for CVE-2008-2384 (#663617)
* Sat Jun 19 2010 Joe Orton <jorton@xxxxxxxxxx> - 1:3.0.0-11
- less noise for httpd-mmn BR; package the LICENSE (#605950)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #480238 - CVE-2008-2384 mod_auth_mysql: character encoding SQL injection flaw
https://bugzilla.redhat.com/show_bug.cgi?id=480238
--------------------------------------------------------------------------------
================================================================================
mydns-1.2.8.31-1.fc13 (FEDORA-2011-0095)
A Database based DNS server
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 24 2010 Itamar Reis Peixoto <itamar@xxxxxxxxxxxxxxxx> - 1.2.8.31-1
- new version
--------------------------------------------------------------------------------
================================================================================
openscada-0.7.0.1-4.fc13 (FEDORA-2011-0093)
Open SCADA system project
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 4 2011 Aleksey Popkov <aleksey@xxxxxxxxxx> - 0.7.0.1-4
- My mistake fixing. Sorry!
--------------------------------------------------------------------------------
================================================================================
perl-File-Inplace-0.20-1.fc13 (FEDORA-2011-0079)
Perl module for in-place editing of files
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
================================================================================
perl-XML-TreeBuilder-4.0-3.fc13 (FEDORA-2011-0118)
Parser that builds a tree of XML::Element objects
--------------------------------------------------------------------------------
Update Information:
Rebase on new upstream
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 4 2011 RÃdiger Landmann <r.landmann@xxxxxxxxxx> - 4.0-3
- Add Test::More to build requires
* Thu Dec 23 2010 Marcela Maslanova <mmaslano@xxxxxxxxxx> - 4.0-2
- 661697 rebuild for fixing problems with vendorach/lib
* Thu Dec 2 2010 Jeff Fearn <jfearn@xxxxxxxxxx> - 4.0-1
- New upstream
* Fri May 7 2010 Marcela Maslanova <mmaslano@xxxxxxxxxx> - 3.09-19
- Mass rebuild with perl-5.12.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #664360 - Rebase on upstream version 4.0
https://bugzilla.redhat.com/show_bug.cgi?id=664360
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-3.3.9-1.fc13 (FEDORA-2011-0102)
Web based MySQL browser written in php
--------------------------------------------------------------------------------
Update Information:
Changes for 3.3.9.0 (2011-01-03)
- [doc] Fix references to MySQL doc
- [other] Default function for TIMESTAMP, thanks to jirand - jirand
- [js] Double quotes were not escaped in generated js
- [core] Events were not copied when copying/renaming database
- [core] Copy database with view of a view
- [replication] Add quotes to database in initial statement, thanks to Craig Duncan - duncan3dc
- [pdf schema] Scratchboard for PDF pages not working
- [parser] Query for table "level" causes strange display
- [parser] Close all opened round
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> 3.3.9-1
- Upstream released 3.3.9 (#666925)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #666925 - phpMyAdmin-3.3.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=666925
--------------------------------------------------------------------------------
================================================================================
pulseaudio-equalizer-2.7-4.fc13 (FEDORA-2011-0106)
A 15 Bands Equalizer for PulseAudio
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 Hicham HAOUARI <hicham.haouari@xxxxxxxxx> - 2.7-4
- Remove preamp per discussion with upstream, fixes rhbz #639604
- Add man pages
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #639604 - equalizer resets volume to maximum on every change
https://bugzilla.redhat.com/show_bug.cgi?id=639604
--------------------------------------------------------------------------------
================================================================================
rawtherapee-3.0-0.27.a1.fc13 (FEDORA-2011-0115)
Raw image processing software
--------------------------------------------------------------------------------
Update Information:
Sync with upstream for many bugfixes and enhancements.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 Thibault North <tnorth@xxxxxxxxxxxxxxxxx> - 3.0-0.27.a1
- Sync with upstream for various bugfixes and enhancements
--------------------------------------------------------------------------------
================================================================================
rubygem-heroku-1.15.1-1.fc13 (FEDORA-2011-0116)
Client library and CLI to deploy Rails apps on Heroku
--------------------------------------------------------------------------------
Update Information:
RubyGem - deploy apps to Heroku
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #661436 - Review Request: rubygem-heroku - deploy apps to Heroku
https://bugzilla.redhat.com/show_bug.cgi?id=661436
--------------------------------------------------------------------------------
================================================================================
scala-2.8.1-1.fc13 (FEDORA-2011-0071)
A hybrid functional/object-oriented language for the JVM
--------------------------------------------------------------------------------
Update Information:
Serveral bug fixes from upstream and a few inprovements.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 9 2010 Jochen Schmitt <Jochen herr-schmitt de> - 2.8.1-1
- New upstream release (#661853)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #661853 - RfE: Release 2.8.1 of scala is available
https://bugzilla.redhat.com/show_bug.cgi?id=661853
--------------------------------------------------------------------------------
================================================================================
sems-1.3.1-3.fc13 (FEDORA-2011-0085)
SIP Express Media Server, an extensible SIP media server
--------------------------------------------------------------------------------
Update Information:
- Fixed linking issues
- Fixed segfault in gateway module
- Properly install email template for voicemail module
- Don't start py_sems by default (causes issues with python2.7)
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Fixed segfault in gateway module
- Properly install email template for voicemail module
- Don't start py_sems by default (causes issues with python2.7)
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Fixed segfault in gateway module
- Properly install email template for voicemail module
- Don't start py_sems by default (causes issues with python2.7)
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
- Ver. 1.3.1 (Fully API/ABI compatible with previous version)
Ver 1.3.0 (with lots of bugfixes) - api and abi compatible with previous version.
Fixed severe issue, which caused segfaults
Several minor bugfixes and one big fix for regression in modules conference and early_media.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 Peter Lemenkov <lemenkov@xxxxxxxxx> 1.3.1-3
- Fixed linking issues
* Wed Dec 29 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 1.3.1-2
- Fixed segfault in gateway module
- Properly install email template for voicemail module
- Don't start py_sems by default (causes issues with python2.7)
* Mon Dec 27 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 1.3.1-1
- Ver. 1.3.1 (Bugfix release)
* Wed Sep 29 2010 Peter Lemenkov <lemenkov@xxxxxxxxx> 1.3.0-2
- Workaround for missing atomic built-ins in EPEL5 old gcc
--------------------------------------------------------------------------------
================================================================================
spectrum-1.4.6-1.fc13 (FEDORA-2011-0070)
XMPP transport/gateway
--------------------------------------------------------------------------------
Update Information:
Upgrade to the latest upstream:
* Map Extended Away status to Away if particular libpurple protocol
plugin does not support XA status.
* Added new filetransfer_force_cache_storage=0 config variable to force
storing files from legacy network on server. This is also configurable
per user via Transport Settings adhoc commands.
* Added "Reject all incoming authorizations" Transport Settings option.
* Fixed forwarding of initial presence to XMPP user when more resource
are connected.
* ICQ: working XStatus forwarding from ICQ buddies to XMPP user
(not for EPEL-5).
* XMPP: Fixed GTalk's new email notification when there are more
pending emails.
* IRC: Fixed forwarding of IRC users modes changes.
* Yahoo: Fixed issues when receiving messages from MSN buddies
using Yahoo transport. Thanks to Paolo Encomienda.
* GroupWise: Added support, use protocol=groupwise in config file.
* spectrumctl: No longer enforce any permissions on
filetransfer_cache (it has to be writable by the webserver)
* spectrumctl: Remove the --cron option for action 'list' New
action 'cron' is now intended for regular cron runs:
* It outputs transports that have crashed
* Saves backtraces, logs and the current spectrum_version
(see new --output-dir option)
* Prints location of those files
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 3 2011 MatÄj Cepl <mcepl@xxxxxxxxxx> - 1.4.6-1
- New upstream release.
* Wed Dec 29 2010 MatÄj Cepl <mcepl@xxxxxxxxxx> - 1.4.5-2
- Fix ownership and rights of /etc/tmpfiles.d/spectrum.conf.
* Tue Dec 28 2010 MatÄj Cepl <mcepl@xxxxxxxxxx> - 1.4.5-1
- New upstream release
- Switch off tests, following the upstream.
--------------------------------------------------------------------------------
================================================================================
webkitgtk-1.2.6-1.fc13 (FEDORA-2011-0121)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
- New stable release, API and ABI compatible with previous 1.2.x versions
- Fixes crashes with newer libpng (>= 1.4)
- The patches to fix the following CVEs are included with help from Huzaifa Sidhpurwala <huzaifas@xxxxxxxxxx> from the Red Hat security team
CVE-2010-4198 CVE-2010-4197 CVE-2010-4204 CVE-2010-4206
CVE-2010-1791 CVE-2010-3812 CVE-2010-3813 CVE-2010-4577
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 4 2011 Huzaifa Sidhpurwala <huzaifas@xxxxxxxxxx> - 1.2.6-1
- Update to 1.2.6.
- Fixes CVE-2010-4198 CVE-2010-4197 CVE-2010-4204 CVE-2010-4206
- Fixes CVE-2010-1791 CVE-2010-3812 CVE-2010-3813
- Document fix for CVE-2010-3255 CVE-2010-3119
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #656118 - CVE-2010-4198 WebKit: Memory corruption due to improper handling of large text area
https://bugzilla.redhat.com/show_bug.cgi?id=656118
[ 2 ] Bug #656115 - CVE-2010-4197 WebKit: Use-after-free vulnerabiity related to text editing causes memory corruption
https://bugzilla.redhat.com/show_bug.cgi?id=656115
[ 3 ] Bug #656129 - CVE-2010-4206 WebKit: Array index error during processing of an SVG document
https://bugzilla.redhat.com/show_bug.cgi?id=656129
[ 4 ] Bug #667022 - CVE-2010-3812 webkit: Integer overflow in WebKit's handling of Text objects
https://bugzilla.redhat.com/show_bug.cgi?id=667022
[ 5 ] Bug #667024 - CVE-2010-3813 webkit: HTMLLinkElement ignores dnsPrefetchingEnabled setting
https://bugzilla.redhat.com/show_bug.cgi?id=667024
[ 6 ] Bug #667025 - CVE-2010-4577 webkit: CSS Font Face Parsing Type Confusion Vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=667025
[ 7 ] Bug #656126 - CVE-2010-4204 WebKit: Use-after-free vulnerability related frame object
https://bugzilla.redhat.com/show_bug.cgi?id=656126
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
