Product:

Fedora

(Fedoraproject)
Repositories https://github.com/phpmyadmin/phpmyadmin
https://github.com/mdadams/jasper
https://github.com/torvalds/linux
https://github.com/uclouvain/openjpeg
https://github.com/krb5/krb5
https://github.com/FasterXML/jackson-databind
https://github.com/golang/go
https://github.com/ntp-project/ntp
https://github.com/dbry/WavPack
https://github.com/horde/horde
https://github.com/ClusterLabs/pcs
https://github.com/ipython/ipython
https://github.com/wesnoth/wesnoth
https://github.com/saltstack/salt
https://github.com/newsoft/libvncserver
https://github.com/json-c/json-c
https://github.com/libjpeg-turbo/libjpeg-turbo
• git://git.openssl.org/openssl.git
https://github.com/python/cpython
https://github.com/Perl/perl5
https://github.com/jquery/jquery-ui
https://github.com/teeworlds/teeworlds
https://github.com/golang/net
https://github.com/opencontainers/runc
https://git.kernel.org/pub/scm/git/git.git
https://github.com/ceph/ceph
https://github.com/MariaDB/server
https://github.com/fish-shell/fish-shell
https://github.com/lepture/mistune
https://github.com/cyrusimap/cyrus-imapd
https://github.com/pyca/cryptography
https://github.com/SELinuxProject/selinux
https://github.com/ADOdb/ADOdb
https://github.com/openssh/openssh-portable
https://github.com/mongodb/mongo
https://github.com/collectd/collectd
https://github.com/php/php-src
https://github.com/quassel/quassel
https://github.com/igniterealtime/Smack
https://github.com/ocaml/ocaml
https://github.com/LibRaw/LibRaw
https://github.com/sddm/sddm
https://github.com/libuv/libuv
https://github.com/karelzak/util-linux
https://github.com/axkibe/lsyncd
https://github.com/visionmedia/send
https://github.com/rawstudio/rawstudio
https://github.com/cherokee/webserver
https://github.com/numpy/numpy
https://github.com/rjbs/Email-Address
https://github.com/dlitz/pycrypto
https://github.com/openid/ruby-openid
https://github.com/moxiecode/plupload
https://github.com/libarchive/libarchive
#Vulnerabilities 1036
Date ID Summary Products Score Patch
2019-11-25 CVE-2012-5617 gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation Fedora, Gksu\-Polkit N/A
2019-11-21 CVE-2019-18889 An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache. Fedora, Symfony N/A
2019-11-21 CVE-2019-18888 An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x). Fedora, Symfony N/A
2019-11-21 CVE-2019-18887 An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel. Fedora, Symfony N/A
2019-11-15 CVE-2014-0021 Chrony before 1.29.1 has traffic amplification in cmdmon protocol Chrony, Debian_linux, Fedora N/A
2019-11-25 CVE-2012-5644 libuser has information disclosure when moving user's home directory Debian_linux, Fedora, Libuser, Enterprise_linux N/A
2019-11-25 CVE-2012-5630 libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. Fedora, Libuser, Enterprise_linux N/A
2019-11-21 CVE-2012-4524 xlockmore before 5.43 'dclock' security bypass vulnerability Fedora, Xlockmore N/A
2019-11-15 CVE-2011-2726 An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL. Debian_linux, Drupal, Fedora, Enterprise_linux N/A
2019-11-21 CVE-2015-2793 Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi. Fedora, Ikiwiki N/A