This release fixes buffer overflows in URL authentication code (CVE-2018-18820), a crash in htpasswd authentication if no filename is set, a crash on xsltApplyStylesheet() error, and a crash on malformed Opus streams. It also corrects global listener counter. It stops displaying hashed user passwords for security concerns. It adds support for announcing Opus streams to YP catalogs.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2018-d4349a7ba3
Please login to add feedback.