On 24 Sep 2014 17:12, "Johnny Hughes" <johnny at centos.org> wrote: > > > > For informational purposes: > > https://access.redhat.com/articles/1200223 > As a by heads up that advisory has been updated since the updated packages were released. The fix in the previous packages is incomplete and there is a new cve being tracked as a result: https://access.redhat.com/security/cve/CVE-2014-7169