drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Schlüsseln in webkitgtk3
| Name: |
Mangelnde Prüfung von Schlüsseln in webkitgtk3 |
|
| ID: |
FEDORA-2015-4138 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 20 |
|
| Datum: |
Sa, 4. April 2015, 11:23 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2330 |
|
| Applikationen: |
WebKitGTK |
|
Originalnachricht |
Name : webkitgtk3
Product : Fedora 20
Version : 2.2.8
Release : 3.fc20
URL : http://www.webkitgtk.org/
Summary : GTK+ Web content engine library
Description :
WebKitGTK+ is the port of the portable web rendering engine WebKit to the
GTK+ platform.
This package contains WebKitGTK+ for GTK+ 3.
-------------------------------------------------------------------------------
-
Update Information:
Fixes CVE-2015-2330, late TLS certificate verification. This issue affects
applications using the WebKit 2 API that opt-in to connection failures using WEBKIT_TLS_ERRORS_POLICY_FAIL. No applications included in Fedora 20 are known to be impacted by this issue as none are known to use WEBKIT_TLS_ERRORS_POLICY_FAIL; however, if you develop an application using WebKit 2 it may be affected. Note that applications that do not use this policy cannot be secure.
-------------------------------------------------------------------------------
-
ChangeLog:
* Tue Mar 17 2015 Michael Catanzaro <mcatanzaro@gnome.org> - 2.2.8-3
- Add certificate verification patches
* Tue Oct 21 2014 Tomas Popela <tpopela@redhat.com> - 2.2.8-2
- Disable the SSLv3 to address the POODLE vulnerability
* Wed Oct 1 2014 Tomas Popela <tpopela@redhat.com> - 2.2.8-1
- Update to 2.2.8
* Wed Jul 23 2014 Tomas Popela <tpopela@redhat.com> - 2.2.7-3
- Fix CLoop on s390 and ppc
* Wed May 7 2014 Tomas Popela <tpopela@redhat.com> - 2.2.7-2
- Fix CLoop on s390x and ppc64
- Disable yarr jit through flag and don't use patch for it
* Mon May 5 2014 Tomas Popela <tpopela@redhat.com> - 2.2.7-1
- Update to 2.2.7
* Wed Mar 19 2014 Tomas Popela <tpopela@redhat.com> - 2.2.6-1
- Update to 2.2.6
* Tue Feb 18 2014 Tomas Popela <tpopela@redhat.com> - 2.2.4-2
- Enable full debuginfo on s390x
* Tue Jan 21 2014 Tomas Popela <tpopela@redhat.com> - 2.2.4-1
- Update to 2.2.4
* Wed Dec 4 2013 Tomas Popela <tpopela@redhat.com> - 2.2.3-1
- Update to 2.2.3
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update webkitgtk3' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
