The following Fedora 26 Security updates need testing: Age URL 38 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01 python-XStatic-jquery-ui-1.12.0.1-2.fc26 22 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5cef2adff4 wireshark-2.2.6-1.fc26 18 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a7161eb173 squirrelmail-1.4.22-19.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-50b9370529 lynis-2.5.0-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f7849e04f4 smb4k-1.2.2-3.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a45fb81029 postgresql-9.6.3-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0d5817efc0 mingw-postgresql-9.6.3-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f3ee3bea6 chicken-4.12.0-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-edecdcb23e deluge-1.3.15-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e9936d561b pcmanfm-1.2.5-2.fc26 menu-cache-1.0.2-4.D20170514git56f6668459.fc26 lxterminal-0.3.0-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-60775d65bb FlightGear-2017.1.3-2.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 53 https://bodhi.fedoraproject.org/updates/FEDORA-2017-90bcb067bf fedora-release-26-0.6 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-39fb5cc3d5 python-productmd-1.7-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b2bcf2658d nss-3.30.2-1.1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f15d37502c pungi-4.1.15-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8733e65d13 qemu-2.9.0-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dcc53ddb5f gnome-software-3.24.3-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-27fbf57af3 glib2-2.52.2-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-87b588310c ibus-1.5.16-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e9936d561b pcmanfm-1.2.5-2.fc26 menu-cache-1.0.2-4.D20170514git56f6668459.fc26 lxterminal-0.3.0-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8962b314e9 v4l-utils-1.12.5-1.fc26 The following builds have been pushed to Fedora 26 updates-testing FlightGear-2017.1.3-2.fc26 bcm283x-firmware-20170504-1.284e48a.fc26 collectl-4.1.3-1.fc26 eclipse-jgit-4.7.0-6.fc26 glib2-2.52.2-2.fc26 gnome-software-3.24.3-1.fc26 ibus-1.5.16-1.fc26 lightdm-settings-1.0.5-1.fc26 lxterminal-0.3.0-3.fc26 magic-8.1.166-1.fc26 mapserver-7.0.5-1.git208bb3a.fc26 menu-cache-1.0.2-4.D20170514git56f6668459.fc26 mint-x-icons-1.4.2-4.fc26 pcmanfm-1.2.5-2.fc26 perl-Archive-Tar-2.26-1.fc26 perl-Code-TidyAll-0.59-1.fc26 perl-Devel-PPPort-3.36-1.fc26 perl-Inline-C-0.77-1.fc26 perl-Net-HTTP-6.15-1.fc26 perl-Sys-Hostname-Long-1.5-8.fc26 php-alcaeus-mongo-php-adapter-1.1.0-1.fc26 php-egulias-email-validator-1.2.13-3.fc26 php-gitter-0.3.0-8.fc26 php-gliph-0.1.8-7.fc26 php-guzzlehttp-guzzle-5.3.1-3.fc26 php-guzzlehttp-ringphp-1.1.0-9.fc26 php-guzzlehttp-streams-3.0.0-9.fc26 php-mongodb-1.1.2-2.fc26 php-pecl-xdebug-2.5.4-1.fc26 php-phpmyadmin-motranslator-3.1-1.fc26 poedit-2.0.2-1.fc26 puzzle-master-2.5.3-1.fc26 qemu-2.9.0-1.fc26 qmapshack-1.8.1-1.fc26 udisks2-2.6.5-1.fc26 xfce4-terminal-0.8.5.1-1.fc26 Details about builds: ================================================================================ FlightGear-2017.1.3-2.fc26 (FEDORA-2017-60775d65bb) The FlightGear Flight Simulator -------------------------------------------------------------------------------- Update Information: This updates fixes a security bug in the route manager, to prevent it from overwriting arbitrary files (CVE-2017-8921) -------------------------------------------------------------------------------- ================================================================================ bcm283x-firmware-20170504-1.284e48a.fc26 (FEDORA-2017-c6043bfd36) Broadcom bcm283x firmware for the Raspberry Pi -------------------------------------------------------------------------------- Update Information: Enable DMA driver in initrd, latest firmware update -------------------------------------------------------------------------------- ================================================================================ collectl-4.1.3-1.fc26 (FEDORA-2017-01a1a3a5db) A utility to collect various Linux performance data -------------------------------------------------------------------------------- Update Information: - updated to 4.1.3 - http://collectl.sourceforge.net/Releases.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450536 - collectl-4.1.3.src is available https://bugzilla.redhat.com/show_bug.cgi?id=1450536 -------------------------------------------------------------------------------- ================================================================================ eclipse-jgit-4.7.0-6.fc26 (FEDORA-2017-e27bfddeb1) Eclipse JGit -------------------------------------------------------------------------------- Update Information: Installs ant configuration to allow using jgit from ant-based build scripts. -------------------------------------------------------------------------------- ================================================================================ glib2-2.52.2-2.fc26 (FEDORA-2017-27fbf57af3) A library of handy utility functions -------------------------------------------------------------------------------- Update Information: This update adds an upstream patch to fix issues with main loop wakeup in qemu and timedatex. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1438539 - Include conditional_wakeup fix in glib2 https://bugzilla.redhat.com/show_bug.cgi?id=1438539 [ 2 ] Bug #1450628 - timedatex high CPU usage https://bugzilla.redhat.com/show_bug.cgi?id=1450628 -------------------------------------------------------------------------------- ================================================================================ gnome-software-3.24.3-1.fc26 (FEDORA-2017-dcc53ddb5f) A software center for GNOME -------------------------------------------------------------------------------- Update Information: Fix a common crash when installing flatpakrepo files -------------------------------------------------------------------------------- ================================================================================ ibus-1.5.16-1.fc26 (FEDORA-2017-87b588310c) Intelligent Input Bus for Linux OS -------------------------------------------------------------------------------- Update Information: Bumped to 1.5.16. - The translations are integrated. -------------------------------------------------------------------------------- ================================================================================ lightdm-settings-1.0.5-1.fc26 (FEDORA-2017-51fcacdb2f) Configuration tool for the LightDM display manager -------------------------------------------------------------------------------- Update Information: * New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450706 - lightdm-settings-1.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450706 -------------------------------------------------------------------------------- ================================================================================ lxterminal-0.3.0-3.fc26 (FEDORA-2017-e9936d561b) Desktop-independent VTE-based terminal emulator -------------------------------------------------------------------------------- Update Information: A potential security flaw is found on LXDE products, which create socket under /tmp with some predictable names, which may leads to DOS. The security flow on lxterminal is now assigned as CVE-2016-10369. Some other components also had similar issues. These new rpms should fix these issues. At least relogin is required to make this fix effect. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1449114 - CVE-2016-10369 lxterminal: Insecure use of /tmp for a socket file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1449114 -------------------------------------------------------------------------------- ================================================================================ magic-8.1.166-1.fc26 (FEDORA-2017-0de767fcc4) A very capable VLSI layout tool -------------------------------------------------------------------------------- Update Information: New version 8.1.166 is released. -------------------------------------------------------------------------------- ================================================================================ mapserver-7.0.5-1.git208bb3a.fc26 (FEDORA-2017-d4fccc75d4) Environment for building spatially-enabled internet applications -------------------------------------------------------------------------------- Update Information: Update to 7.0.5 -------------------------------------------------------------------------------- ================================================================================ menu-cache-1.0.2-4.D20170514git56f6668459.fc26 (FEDORA-2017-e9936d561b) Caching mechanism for freedesktop.org compliant menus -------------------------------------------------------------------------------- Update Information: A potential security flaw is found on LXDE products, which create socket under /tmp with some predictable names, which may leads to DOS. The security flow on lxterminal is now assigned as CVE-2016-10369. Some other components also had similar issues. These new rpms should fix these issues. At least relogin is required to make this fix effect. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1449114 - CVE-2016-10369 lxterminal: Insecure use of /tmp for a socket file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1449114 -------------------------------------------------------------------------------- ================================================================================ mint-x-icons-1.4.2-4.fc26 (FEDORA-2017-321f21ed4f) Icon theme for Linux Mint -------------------------------------------------------------------------------- Update Information: Fix wifi icons -------------------------------------------------------------------------------- ================================================================================ pcmanfm-1.2.5-2.fc26 (FEDORA-2017-e9936d561b) Extremly fast and lightweight file manager -------------------------------------------------------------------------------- Update Information: A potential security flaw is found on LXDE products, which create socket under /tmp with some predictable names, which may leads to DOS. The security flow on lxterminal is now assigned as CVE-2016-10369. Some other components also had similar issues. These new rpms should fix these issues. At least relogin is required to make this fix effect. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1449114 - CVE-2016-10369 lxterminal: Insecure use of /tmp for a socket file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1449114 -------------------------------------------------------------------------------- ================================================================================ perl-Archive-Tar-2.26-1.fc26 (FEDORA-2017-080e76793d) A module for Perl manipulation of .tar files -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450531 - perl-Archive-Tar-2.26 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450531 -------------------------------------------------------------------------------- ================================================================================ perl-Code-TidyAll-0.59-1.fc26 (FEDORA-2017-f78e64d0cb) Engine for tidyall, your all-in-one code tidier and validator -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450704 - perl-Code-TidyAll-0.59 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450704 -------------------------------------------------------------------------------- ================================================================================ perl-Devel-PPPort-3.36-1.fc26 (FEDORA-2017-38d4e00d31) Perl Pollution Portability header generator -------------------------------------------------------------------------------- Update Information: This release fixes building on Perl without "." in @INC path. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450650 - perl-Devel-PPPort-3.36 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450650 -------------------------------------------------------------------------------- ================================================================================ perl-Inline-C-0.77-1.fc26 (FEDORA-2017-4526b7d638) Write Perl subroutines in C -------------------------------------------------------------------------------- Update Information: This release fixes tests and updates documentation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450537 - perl-Inline-C-0.77 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450537 -------------------------------------------------------------------------------- ================================================================================ perl-Net-HTTP-6.15-1.fc26 (FEDORA-2017-3242feab99) Low-level HTTP connection (client) -------------------------------------------------------------------------------- Update Information: This release fixes a test. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450543 - perl-Net-HTTP-6.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450543 -------------------------------------------------------------------------------- ================================================================================ perl-Sys-Hostname-Long-1.5-8.fc26 (FEDORA-2017-281d963a51) Try every conceivable way to get full hostname -------------------------------------------------------------------------------- Update Information: This update adds a dependency on the hostname package, which allows the module to work when networking is unavailable. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450746 - perl-Sys-Hostname-Long-1.5-6.fc27 FTBFS in mock-1.4.1 https://bugzilla.redhat.com/show_bug.cgi?id=1450746 -------------------------------------------------------------------------------- ================================================================================ php-alcaeus-mongo-php-adapter-1.1.0-1.fc26 (FEDORA-2017-b2e313e045) Mongo PHP Adapter -------------------------------------------------------------------------------- Update Information: **Version 1.1.0** (2017-05-13) All issues and pull requests under this release may be found under the [1.1.0](https://github.com/alcaeus/mongo-php- adapter/issues?q=milestone%3A1.1.0) milestone. * [#173](https://github.com/alcaeus/mongo-php-adapter/pull/173) adds tests for authentication options in `MongoClient`. * [#168](https://github.com/alcaeus /mongo-php-adapter/pull/168) adds support for `MongoCursor::explain()`. * [#128](https://github.com/alcaeus/mongo-php-adapter/pull/128) removes support for PHP 5.5. * [#127](https://github.com/alcaeus/mongo-php-adapter/pull/127) reads the `code` and `scope` properties of `MongoDB\BSON\Javascript` objects when converting them to `MongoCode` objects. -------------------------------------------------------------------------------- ================================================================================ php-egulias-email-validator-1.2.13-3.fc26 (FEDORA-2017-9df33ce3b0) A library for validating emails -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-gitter-0.3.0-8.fc26 (FEDORA-2017-9df33ce3b0) Object oriented interaction with Git repositories -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-gliph-0.1.8-7.fc26 (FEDORA-2017-9df33ce3b0) A graph library for PHP -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-guzzle-5.3.1-3.fc26 (FEDORA-2017-9df33ce3b0) PHP HTTP client and webservice framework -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-ringphp-1.1.0-9.fc26 (FEDORA-2017-9df33ce3b0) Simple handler system used to power clients and servers in PHP -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-streams-3.0.0-9.fc26 (FEDORA-2017-9df33ce3b0) Provides a simple abstraction over streams of data -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-mongodb-1.1.2-2.fc26 (FEDORA-2017-c931fe7f70) MongoDB driver library -------------------------------------------------------------------------------- Update Information: Switch to fedora/autoloader -------------------------------------------------------------------------------- ================================================================================ php-pecl-xdebug-2.5.4-1.fc26 (FEDORA-2017-04e7840f49) PECL package for debugging PHP scripts -------------------------------------------------------------------------------- Update Information: ** Xdebug 2.5.4** - 2017-05-15 * Fixed bug #799: Function traces report base class instead of object name * Fixed bug #1421: Fix set_time_limit hanging on PHP 5.6 when pcntl_exec does not exist (Frode E. Moe) * Fixed bug #1429: Code coverage does not cover null coalesce * Fixed bug #1434: Code coverage segfaults on 32-bit arch -------------------------------------------------------------------------------- ================================================================================ php-phpmyadmin-motranslator-3.1-1.fc26 (FEDORA-2017-972b998eb1) Translation API for PHP using Gettext MO files -------------------------------------------------------------------------------- Update Information: **Version 3.1** * Released on 2017-05-15. * Documentation improvements. ---- **Packaging change** * Allow Symfony 3 -------------------------------------------------------------------------------- ================================================================================ poedit-2.0.2-1.fc26 (FEDORA-2017-0a7e9e1355) GUI editor for GNU gettext .po files -------------------------------------------------------------------------------- Update Information: New upstream version: * Unusual whitespace (2+ spaces) in the middle of strings is now highlighted. * Strings with warnings are now put at the top together with errors. * Fixed crash when clicking on an item with plurals in a POT file. * Added --line command line argument to open a file at specified item. ---- New upstream version -------------------------------------------------------------------------------- ================================================================================ puzzle-master-2.5.3-1.fc26 (FEDORA-2017-52981cbd45) Fun jigsaw puzzle game -------------------------------------------------------------------------------- Update Information: Use new upstream release v2.5.3 -------------------------------------------------------------------------------- ================================================================================ qemu-2.9.0-1.fc26 (FEDORA-2017-8733e65d13) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: Rebase to qemu-2.9.0 GA -------------------------------------------------------------------------------- ================================================================================ qmapshack-1.8.1-1.fc26 (FEDORA-2017-2a48d871af) GPS mapping and management tool -------------------------------------------------------------------------------- Update Information: - updated to 1.8.1 - https://bitbucket.org/maproom/qmapshack/raw/87b93cd14edc78c 57da70b66b33b013965d6dfe2/changelog.txt -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450653 - qmapshack-1.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450653 -------------------------------------------------------------------------------- ================================================================================ udisks2-2.6.5-1.fc26 (FEDORA-2017-b1fd799ba3) Disk Manager -------------------------------------------------------------------------------- Update Information: Version 2.6.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1438232 - gvfs-udisks2-volume-monitor excessive CPU usage during raid check https://bugzilla.redhat.com/show_bug.cgi?id=1438232 [ 2 ] Bug #1424869 - Missing dependenices in scriptlets https://bugzilla.redhat.com/show_bug.cgi?id=1424869 -------------------------------------------------------------------------------- ================================================================================ xfce4-terminal-0.8.5.1-1.fc26 (FEDORA-2017-00f84706bf) Terminal Emulator for the Xfce Desktop environment -------------------------------------------------------------------------------- Update Information: - Update to 0.8.5.1 - lots of bug fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431694 - [abrt] xfce4-terminal: _vte_table_free(): xfce4-terminal killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1431694 [ 2 ] Bug #1353342 - xfce4-terminal disappears on remote display when monitor goes into energy saving mode https://bugzilla.redhat.com/show_bug.cgi?id=1353342 [ 3 ] Bug #1349050 - [abrt] xfce4-terminal: _g_log_abort(): xfce4-terminal killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1349050 [ 4 ] Bug #1427164 - [abrt] xfce4-terminal: rawmemchr(): xfce4-terminal killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1427164 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
