drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Schlüsseln in webkitgtk3
Name: |
Mangelnde Prüfung von Schlüsseln in webkitgtk3 |
|
ID: |
FEDORA-2015-4138 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
Sa, 4. April 2015, 11:23 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2330 |
|
Applikationen: |
WebKitGTK |
|
Originalnachricht |
Name : webkitgtk3 Product : Fedora 20 Version : 2.2.8 Release : 3.fc20 URL : http://www.webkitgtk.org/ Summary : GTK+ Web content engine library Description : WebKitGTK+ is the port of the portable web rendering engine WebKit to the GTK+ platform.
This package contains WebKitGTK+ for GTK+ 3.
------------------------------------------------------------------------------- - Update Information:
Fixes CVE-2015-2330, late TLS certificate verification. This issue affects applications using the WebKit 2 API that opt-in to connection failures using WEBKIT_TLS_ERRORS_POLICY_FAIL. No applications included in Fedora 20 are known to be impacted by this issue as none are known to use WEBKIT_TLS_ERRORS_POLICY_FAIL; however, if you develop an application using WebKit 2 it may be affected. Note that applications that do not use this policy cannot be secure. ------------------------------------------------------------------------------- - ChangeLog:
* Tue Mar 17 2015 Michael Catanzaro <mcatanzaro@gnome.org> - 2.2.8-3 - Add certificate verification patches * Tue Oct 21 2014 Tomas Popela <tpopela@redhat.com> - 2.2.8-2 - Disable the SSLv3 to address the POODLE vulnerability * Wed Oct 1 2014 Tomas Popela <tpopela@redhat.com> - 2.2.8-1 - Update to 2.2.8 * Wed Jul 23 2014 Tomas Popela <tpopela@redhat.com> - 2.2.7-3 - Fix CLoop on s390 and ppc * Wed May 7 2014 Tomas Popela <tpopela@redhat.com> - 2.2.7-2 - Fix CLoop on s390x and ppc64 - Disable yarr jit through flag and don't use patch for it * Mon May 5 2014 Tomas Popela <tpopela@redhat.com> - 2.2.7-1 - Update to 2.2.7 * Wed Mar 19 2014 Tomas Popela <tpopela@redhat.com> - 2.2.6-1 - Update to 2.2.6 * Tue Feb 18 2014 Tomas Popela <tpopela@redhat.com> - 2.2.4-2 - Enable full debuginfo on s390x * Tue Jan 21 2014 Tomas Popela <tpopela@redhat.com> - 2.2.4-1 - Update to 2.2.4 * Wed Dec 4 2013 Tomas Popela <tpopela@redhat.com> - 2.2.3-1 - Update to 2.2.3 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update webkitgtk3' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|