When relying on the root option to restrict file access it may be possible for an application consumer to escape out of the restricted directory and access files in a similarly named directory. For example, static(_dirname + '/public') would allow access to _dirname + '/public-restricted'.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2014-11289
Please login to add feedback.
This update has been submitted for testing by patches.
AutoQA: depcheck test PASSED on i386. Result log: http://autoqa.fedoraproject.org/report/1ha73 (results are informative only)
AutoQA: depcheck test PASSED on x86_64. Result log: http://autoqa.fedoraproject.org/report/1ha79 (results are informative only)
This update is currently being pushed to the Fedora 21 testing updates repository.
This update has been pushed to testing
This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by patches.
AutoQA: upgradepath test PASSED on noarch. Result log: http://autoqa.fedoraproject.org/report/1he94 (results are informative only)
This update is currently being pushed to the Fedora 21 stable updates repository.
This update has been pushed to stable