The following security issues have been discovered in Bugzilla:
Unfiltered HTML injected into a dependency graph could be used to create a cross-site scripting attack.
Some web browsers incorrectly parse CSV files as valid JavaScript code which could lead to data leak.
This updates fixes these flaws.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2015-caf3f74321
Please login to add feedback.
This update has been submitted for testing by eseyman.
This update has been pushed to testing.
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by eseyman.
This update has been pushed to stable.