The following Fedora 26 Security updates need testing: Age URL 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2ae4a42cd4 wordpress-4.7.3-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a861eb07ee icoutils-0.31.2-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-23535a31f8 libupnp-1.6.21-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-da50233929 sscg-2.0.3-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ffd4a36f09 thunderbird-45.8.0-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3bfbe2acb9 firefox-52.0-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-45ebf1e164 knot-resolver-1.2.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-748f2e67d7 php-onelogin-php-saml-2.10.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-07c8f3ea2b rkward-0.6.5-5.fc26 rpy-2.8.5-3.fc26 R-3.3.3-1.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bf0adb82c1 libtevent-0.9.31-4.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2c7a774f26 js-1.8.5-27.fc26 pam-1.3.0-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f4268a8102 gcc-7.0.1-0.12.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-52e704bb92 selinux-policy-3.13.1-244.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-53b8a32d5a flatpak-0.8.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c5e572f32b samba-4.6.0-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5a1773a5d1 baloo-widgets-16.12.3-1.fc26 dolphin-16.12.3-1.fc26 dolphin-plugins-16.12.3-1.fc26 kate-16.12.3-1.fc26 kdelibs-4.14.30-1.fc26 kde-runtime-16.12.3-1.fc26 konsole5-16.12.3-1.fc26 khelpcenter-16.12.3-1.fc26 kde-l10n-16.12.3-1.fc26 konqueror-16.12.3-1.fc26 kfind-16.12.3-1.fc26 keditbookmarks-16.12.3-1.fc26 kdialog-16.12.3-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-86ffc76a09 ibus-1.5.15-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2ad09f3011 coreutils-8.27-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3bfbe2acb9 firefox-52.0-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0a6a34a726 libepoxy-1.4.1-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-264354dd11 mutter-3.23.91-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ffd4a36f09 thunderbird-45.8.0-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-764d09cea5 libxslt-1.1.29-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-328842aed1 curl-7.53.1-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-717259858a perl-5.24.1-390.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e880d818c2 krb5-1.15.1-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-39782730a2 livecd-tools-24.2-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8a70348517 vim-8.0.427-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bccc719e38 hwdata-0.298-1.fc26 The following builds have been pushed to Fedora 26 updates-testing Agda-2.5.2-4.fc26 ImageMagick-6.9.3.0-6.fc26 R-3.3.3-1.fc26 git-archive-all-1.16-1.fc26 librdkafka-0.9.4-1.fc26 postgrey-1.37-1.fc26 python-furl-0.5.7-1.fc26 python-lib389-1.0.3-1.fc26 rkward-0.6.5-5.fc26 roundcubemail-1.2.4-1.fc26 rpy-2.8.5-3.fc26 scudcloud-1.43-1.fc26 Details about builds: ================================================================================ Agda-2.5.2-4.fc26 (FEDORA-2017-53017fab86) A dependently typed functional programming language and proof assistant -------------------------------------------------------------------------------- Update Information: Update to 2.5.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1224825 - Agda-2.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1224825 -------------------------------------------------------------------------------- ================================================================================ ImageMagick-6.9.3.0-6.fc26 (FEDORA-2017-6f51c4776d) An X application for displaying and manipulating images -------------------------------------------------------------------------------- Update Information: * flag configuration files rh#1374050 * fix inter-package dependencies rh#1422773 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1422773 - Inter package dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1422773 [ 2 ] Bug #1374050 - /etc/ImageMagick-6/* not flagged as %config files https://bugzilla.redhat.com/show_bug.cgi?id=1374050 -------------------------------------------------------------------------------- ================================================================================ R-3.3.3-1.fc26 (FEDORA-2017-07c8f3ea2b) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information: Update to 3.3.3. Fix CVE-2016-8714. ---- Rebuilt for fc26 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431171 - CVE-2016-8714 R: Buffer overflow in the LoadEncoding functionality https://bugzilla.redhat.com/show_bug.cgi?id=1431171 -------------------------------------------------------------------------------- ================================================================================ git-archive-all-1.16-1.fc26 (FEDORA-2017-42e8b38880) Archive git repository with its submodules -------------------------------------------------------------------------------- Update Information: Update to 1.16 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1428620 - git-archive-all-1.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1428620 -------------------------------------------------------------------------------- ================================================================================ librdkafka-0.9.4-1.fc26 (FEDORA-2017-ea111b0657) The Apache Kafka C library -------------------------------------------------------------------------------- Update Information: Rebase to upstream version 0.9.4. Enabling sasl, ssl and lz4. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1413524 - EPEL build https://bugzilla.redhat.com/show_bug.cgi?id=1413524 [ 2 ] Bug #1422707 - librdkafka-v0.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1422707 [ 3 ] Bug #1423367 - missing features https://bugzilla.redhat.com/show_bug.cgi?id=1423367 -------------------------------------------------------------------------------- ================================================================================ postgrey-1.37-1.fc26 (FEDORA-2017-8dd997566f) Postfix Greylisting Policy Server -------------------------------------------------------------------------------- Update Information: This updates postgrey to the current upstream bugfix and enhancement release. Additionally, a bug was fixed in the shipped sysconfig file, which could prevent postgrey from starting. Upstream notes about version 1.37: - added initial test suite - testing using travis-ci (https://travis- ci.org/schweikert/postgrey) - removed IP pool-detection code for --lookup-by- net, because it matched also the naming of some big hosters like facebook (#32, Michal Petrucha, Andrew Ayer, Jon Sailor) - fix early logging of errors and warnings to syslog - simplified IP matching code - added support for IPv6 whitelists with netmask - add network-range based whitelist for Office 365 (Holger Stember) - updated whitelist -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292066 - postgrey.service: Ignoring invalid environment assignment '--inet=127.0.0.1:10023': /etc/sysconfig/postgrey https://bugzilla.redhat.com/show_bug.cgi?id=1292066 [ 2 ] Bug #1378478 - postgrey-1.37 is available https://bugzilla.redhat.com/show_bug.cgi?id=1378478 -------------------------------------------------------------------------------- ================================================================================ python-furl-0.5.7-1.fc26 (FEDORA-2017-caf91ea62f) URL manipulation made simple -------------------------------------------------------------------------------- Update Information: Update to 0.5.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1429064 - python-furl-v0.5.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1429064 -------------------------------------------------------------------------------- ================================================================================ python-lib389-1.0.3-1.fc26 (FEDORA-2017-b29aeabf21) A library for accessing, testing, and configuring the 389 Directory Server -------------------------------------------------------------------------------- Update Information: Bump version to 1.0.3-1 -------------------------------------------------------------------------------- ================================================================================ rkward-0.6.5-5.fc26 (FEDORA-2017-07c8f3ea2b) Graphical frontend for R language -------------------------------------------------------------------------------- Update Information: Update to 3.3.3. Fix CVE-2016-8714. ---- Rebuilt for fc26 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431171 - CVE-2016-8714 R: Buffer overflow in the LoadEncoding functionality https://bugzilla.redhat.com/show_bug.cgi?id=1431171 -------------------------------------------------------------------------------- ================================================================================ roundcubemail-1.2.4-1.fc26 (FEDORA-2017-1f15bdef6e) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: **RELEASE 1.2.4** - Managesieve: Fix handling of scripts with nested rules (#5540) - Managesieve: Fix parser issue with empty lines between comments (#5657) - Managesieve: Fix possible defect in handling \r\n in scripts (#5685) - Enigma: Fix handling of messages with nested PGP encrypted parts (#5634) - Enigma: Fix PHP fatal error when decrypting a message with invalid signature (#5555) - Enigma: Fix missing require statement for Crypt_GPG_KeyGenerator (#5641) - Fix variable substitution in ldap host for some use-cases, e.g. new_user_identity (#5544) - Fix adding images to new identity signatures - Fix rsync error handling in installto.sh script (#5562) - Fix some advanced search issues with multiple addressbooks (#5572) - Fix so group/addressbook selection is retained on page refresh - Fix bug where image data URIs in css style were treated as evil/remote in mail preview (#5580) - Fix bug where external content in src attribute of input/video tags was not secured (#5583) - Fix PHP error on update of a contact with multiple email addresses when using PHP 7.1 (#5587) - Fix bug where mail content frame couldn't be reset in some corner cases (#5608) - Fix bug where some classic skin images were not displayed in IE/Edge (#5614) - Fix bug where signature couldn't be added above the quote in Firefox 51 (#5628) - Fix regression where groups with email address were resolved to its members' addresses - Fix update of group name in the contacts list header on group rename (#5648) - Add rewrite rule to disable access to /vendor/bin folder in .htaccess (#5630) - Fix bug where it was too easy accidentally move a folder when using the subscription checkbox (#5655) - Fix XSS issue in handling of a style tag inside of an svg element -------------------------------------------------------------------------------- ================================================================================ rpy-2.8.5-3.fc26 (FEDORA-2017-07c8f3ea2b) Python interface to the R language -------------------------------------------------------------------------------- Update Information: Update to 3.3.3. Fix CVE-2016-8714. ---- Rebuilt for fc26 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431171 - CVE-2016-8714 R: Buffer overflow in the LoadEncoding functionality https://bugzilla.redhat.com/show_bug.cgi?id=1431171 -------------------------------------------------------------------------------- ================================================================================ scudcloud-1.43-1.fc26 (FEDORA-2017-f6da38364c) Non official desktop client for Slack -------------------------------------------------------------------------------- Update Information: Update to 1.43 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1429150 - scudcloud-1.40 is available https://bugzilla.redhat.com/show_bug.cgi?id=1429150 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
