The bugzilla devs discovered that a specially crafted bug summary could trigger XSS in dependency graphs (CVE-2016-2803). This release fixes the issue.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2016-5bd283c48b
Please login to add feedback.
This update has been submitted for testing by eseyman.
LGTM
This update has been pushed to testing.
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by eseyman.
This update has been pushed to stable.