Fedora 26 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 26 Security updates need testing:
 Age  URL
  40  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01   python-XStatic-jquery-ui-1.12.0.1-2.fc26
  24  https://bodhi.fedoraproject.org/updates/FEDORA-2017-5cef2adff4   wireshark-2.2.6-1.fc26
  19  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a7161eb173   squirrelmail-1.4.22-19.fc26
  13  https://bodhi.fedoraproject.org/updates/FEDORA-2017-50b9370529   lynis-2.5.0-1.fc26
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f3ee3bea6   chicken-4.12.0-2.fc26
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-edecdcb23e   deluge-1.3.15-1.fc26
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e9936d561b   lxterminal-0.3.0-3.fc26 menu-cache-1.0.2-4.D20170514git56f6668459.fc26 pcmanfm-1.2.5-2.fc26
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-60775d65bb   FlightGear-2017.1.3-2.fc26
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f533a944e   FlightCrew-0.9.1-7.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1fe6f25af9   authconfig-7.0.1-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-6125002d79   libvncserver-0.9.11-2.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-811133dc2c   chromium-58.0.3029.110-2.fc26 chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe7c3c9c30   wordpress-4.7.5-1.fc26


The following Fedora 26 Critical Path updates have yet to be approved:
 Age URL
  55  https://bodhi.fedoraproject.org/updates/FEDORA-2017-90bcb067bf   fedora-release-26-0.6
  12  https://bodhi.fedoraproject.org/updates/FEDORA-2017-39fb5cc3d5   python-productmd-1.7-1.fc26
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2017-b2bcf2658d   nss-3.30.2-1.1.fc26
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e9936d561b   lxterminal-0.3.0-3.fc26 menu-cache-1.0.2-4.D20170514git56f6668459.fc26 pcmanfm-1.2.5-2.fc26
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-7f762b31f8   selinux-policy-3.13.1-254.fc26
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-410a632bc7   gperftools-2.5.91-1.fc26
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-d044d51c5f   python-coverage-4.4.1-1.fc26
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e11f32d40e   glusterfs-3.10.2-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-89f4e19ca0   tigervnc-1.8.0-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-455e2c1c09   gssproxy-0.7.0-6.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-782a60cd2e   uboot-tools-2017.05-1.fc26 arm-trusted-firmware-1.3-2.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c9d12f264d   gnupg2-2.1.21-2.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-46cca25356   less-487-3.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1fe6f25af9   authconfig-7.0.1-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-65d7aa02aa   kernel-4.11.1-300.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-8750e6df04   bluez-5.45-1.fc26


The following builds have been pushed to Fedora 26 updates-testing

    GeoIP-1.6.11-1.fc26
    arm-trusted-firmware-1.3-2.fc26
    authconfig-7.0.1-1.fc26
    bluez-5.45-1.fc26
    certbot-0.14.1-2.fc26
    chromium-58.0.3029.110-2.fc26
    chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc26
    copr-dist-git-0.27-1.fc26
    copr-frontend-1.109-1.fc26
    engrampa-1.18.2-1.fc26
    fedora-arm-installer-1.99.16-1.fc26
    felix-scr-2.0.10-1.fc26
    gimagereader-3.2.1-4.fc26
    gnupg2-2.1.21-2.fc26
    golang-github-10gen-openssl-0-0.12.git4c6dbaf.fc26
    golang-github-cznic-internal-1.0.0-1.20170516.git6c349f9.fc26
    golang-github-fortytw2-leaktest-1.0.0-1.fc26
    gssproxy-0.7.0-6.fc26
    inxi-2.3.8-3.fc26
    kernel-4.11.1-300.fc26
    kompose-0.6.0-0.1.fc26
    layla-fonts-2.0-1.fc26
    less-487-3.fc26
    libcxx-3.9.1-1.fc26
    libcxxabi-3.9.1-1.fc26
    libvncserver-0.9.11-2.fc26
    lightdm-autologin-greeter-1.0-1.fc26
    lightdm-settings-1.0.7-1.fc26
    mate-menu-17.10.1-1.fc26
    mate-panel-1.18.2-2.fc26
    mraa-1.7.0-1.fc26
    nfs-ganesha-2.4.5-3.fc26
    petsc-3.7.6-3.fc26
    php-justinrainbow-json-schema5-5.2.1-1.fc26
    piglit-1.0.20170515-4.GITa969d23f.fc26
    pydf-12-1.fc26
    python-Bottleneck-1.2.1-1.fc26
    python-acme-0.14.1-1.fc26
    python-cassandra-driver-3.9.0-2.fc26
    python-certbot-apache-0.14.1-1.fc26
    python-dill-0.2.6-1.fc26
    python-pandas-0.20.1-1.fc26
    python-pandas-datareader-0.3.0-1.post0.fc26
    python-statsmodels-0.8.0-1.fc26
    python-voluptuous-0.10.5-1.fc26
    python-x2go-0.5.0.5-1.fc26
    root-6.08.06-7.fc26
    rubygem-hoe-3.16.0-1.fc26
    sedutil-1.12-3.fc26
    system-config-kdump-2.0.16-6.fc26
    tigervnc-1.8.0-1.fc26
    tinycompress-1.1.4-1.fc26
    uboot-tools-2017.05-1.fc26
    waf-1.9.11-1.fc26
    wcslib-5.16-1.fc26
    wine-2.8-1.fc26
    wordpress-4.7.5-1.fc26
    ws-commons-util-1.0.2-5.fc26
    xapian-bindings-1.4.4-1.fc26
    xapian-core-1.4.4-1.fc26
    xml-maven-plugin-1.0.1-3.fc26
    xpa-2.1.18-1.fc26
    xpp3-1.1.4-15.c.fc26

Details about builds:


================================================================================
 GeoIP-1.6.11-1.fc26 (FEDORA-2017-6225329319)
 Library for country/city/organization to IP address or hostname mapping
--------------------------------------------------------------------------------
Update Information:

This update fixes a crash that could happen when reading a corrupted database
file (https://github.com/maxmind/geoip-api-c/issues/87).
--------------------------------------------------------------------------------


================================================================================
 arm-trusted-firmware-1.3-2.fc26 (FEDORA-2017-782a60cd2e)
 ARM Trusted Firmware
--------------------------------------------------------------------------------
Update Information:

u-boot 2017.05 GA release with initial support for arm-trusted-firmware and
Pine64 support
--------------------------------------------------------------------------------


================================================================================
 authconfig-7.0.1-1.fc26 (FEDORA-2017-1fe6f25af9)
 Command line tool for setting up authentication from network services
--------------------------------------------------------------------------------
Update Information:

New release fixing moderate (information leak) issue with PAM configuration when
authentication to remote services via SSSD is enabled.  To fix the incorrect
configuration run: authconfig --updateall
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1441604 - CVE-2017-7488 authconfig: Information leak when SSSD is used for authentication against remote server
        https://bugzilla.redhat.com/show_bug.cgi?id=1441604
--------------------------------------------------------------------------------


================================================================================
 bluez-5.45-1.fc26 (FEDORA-2017-8750e6df04)
 Bluetooth utilities
--------------------------------------------------------------------------------
Update Information:

Update to 5.45, Include api docs in devel package
--------------------------------------------------------------------------------


================================================================================
 certbot-0.14.1-2.fc26 (FEDORA-2017-64270716a0)
 A free, automated certificate authority client
--------------------------------------------------------------------------------
Update Information:

 * Update to 0.14.1  * Tweaks to the renew timer (bz#1444814 bz#1441846)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1441846 - Improvements to timer randomization
        https://bugzilla.redhat.com/show_bug.cgi?id=1441846
  [ 2 ] Bug #1448431 - python-certbot-apache-0.14.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1448431
  [ 3 ] Bug #1448423 - python-acme-0.14.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1448423
  [ 4 ] Bug #1444814 - certbot: error: argument --pre-hook: expected one argument
        https://bugzilla.redhat.com/show_bug.cgi?id=1444814
  [ 5 ] Bug #1448430 - certbot-0.14.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1448430
--------------------------------------------------------------------------------


================================================================================
 chromium-58.0.3029.110-2.fc26 (FEDORA-2017-811133dc2c)
 A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:

Update to chromium 58. Move chrome-remote-desktop to user systemd service.
Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,
CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,
CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443850
  [ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1443849
  [ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking
        https://bugzilla.redhat.com/show_bug.cgi?id=1443848
  [ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443847
  [ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443845
  [ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1443841
  [ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps
        https://bugzilla.redhat.com/show_bug.cgi?id=1443840
  [ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1443839
  [ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1443838
  [ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443837
  [ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview
        https://bugzilla.redhat.com/show_bug.cgi?id=1443836
  [ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1443835
  [ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc
        https://bugzilla.redhat.com/show_bug.cgi?id=1448031
--------------------------------------------------------------------------------


================================================================================
 chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc26 (FEDORA-2017-811133dc2c)
 Google Native Client Toolchain
--------------------------------------------------------------------------------
Update Information:

Update to chromium 58. Move chrome-remote-desktop to user systemd service.
Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,
CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,
CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443850
  [ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1443849
  [ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking
        https://bugzilla.redhat.com/show_bug.cgi?id=1443848
  [ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443847
  [ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443845
  [ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1443841
  [ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps
        https://bugzilla.redhat.com/show_bug.cgi?id=1443840
  [ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1443839
  [ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1443838
  [ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1443837
  [ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview
        https://bugzilla.redhat.com/show_bug.cgi?id=1443836
  [ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1443835
  [ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc
        https://bugzilla.redhat.com/show_bug.cgi?id=1448031
--------------------------------------------------------------------------------


================================================================================
 copr-dist-git-0.27-1.fc26 (FEDORA-2017-dfa471a067)
 Copr services for Dist Git server
--------------------------------------------------------------------------------
Update Information:

Fixes problem with fedpkg builds, see
https://bugzilla.redhat.com/show_bug.cgi?id=1447102
--------------------------------------------------------------------------------


================================================================================
 copr-frontend-1.109-1.fc26 (FEDORA-2017-cd3e36a1cc)
 Frontend for Copr
--------------------------------------------------------------------------------
Update Information:

- debugging infos in build_on_pagure_commit.py - error handling in
build_on_pagure_commit.py - Bug 1448333 - Unable to edit someone's else project
settings - do not require .git suffix in Git repo URL for webhook rebuilds of
Tito and MockSCM packages - use MBS for building modules via UI - add class for
communicating with MBS - add NSV property for modulemd generator - "#55 Builds
triggered by GitHub WebHook (tag event) do not enable Internet during build" -
use ModulemdGenerator for construnting the yaml file  ----  - use custom chroot
for modules instead of F24 - send the original filename to MBS - get rid of
'unknown key username' warning - fix modularity unit test - validate uploaded
yaml file - dont print how to use a module when it is not succeeded - move
MBS_URL to config - allow to submit optional params to mbs - frontend act as a
gateway between user and mbs - allow to create module and it's action separately
- make new-lines work in <code> blocks - Bug 1442047 - Regenerate action is not
restricted to an owner of the project. - redirect output of update_indexes_quick
in cron into /dev/null - validate fork name characters (RhBug: 1435123) - Bug
1433508 - Half-cancelled builds are not deleted correctly. - Add extra step for
setting up GitHub Webhook - add "buildroot" repository into generated build-
config - python3 compatibility fixes in frontend core - correctly set repo and
ref to point to our dist-git - replace fedorahosted links - replace no-longer
working fedorahosted links with the pagure ones
--------------------------------------------------------------------------------


================================================================================
 engrampa-1.18.2-1.fc26 (FEDORA-2017-666387bb92)
 MATE Desktop file archiver
--------------------------------------------------------------------------------
Update Information:

- update to 1.18.2
--------------------------------------------------------------------------------


================================================================================
 fedora-arm-installer-1.99.16-1.fc26 (FEDORA-2017-abf0e69a89)
 Writes binary image files to any specified block device
--------------------------------------------------------------------------------
Update Information:

Update to 1.99.16  ----  Update to 1.99.15  ----  Add support for numerous new
devices, various bug fixes and improvements
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1447456 - fedora-arm-installer ask for sudo root password uselessly
        https://bugzilla.redhat.com/show_bug.cgi?id=1447456
  [ 2 ] Bug #1447457 - --supported-boards do not work
        https://bugzilla.redhat.com/show_bug.cgi?id=1447457
--------------------------------------------------------------------------------


================================================================================
 felix-scr-2.0.10-1.fc26 (FEDORA-2017-0007037957)
 Apache Felix Service Component Runtime (SCR)
--------------------------------------------------------------------------------
Update Information:

Update Felix SCR to the latest release. See the upstream changelog for details:
http://svn.apache.org/repos/asf/felix/releases/org.apache.felix.scr-2.0.10/chang
elog.txt  Also eliminates an unnecessary dependency on the "xml-commons-apis"
package.
--------------------------------------------------------------------------------


================================================================================
 gimagereader-3.2.1-4.fc26 (FEDORA-2017-e46ec0bbe8)
 A front-end to tesseract-ocr
--------------------------------------------------------------------------------
Update Information:

This update backports a patch to fix some missing icons in the Gtk interface.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1451357 - There seems to be some missing icons.
        https://bugzilla.redhat.com/show_bug.cgi?id=1451357
--------------------------------------------------------------------------------


================================================================================
 gnupg2-2.1.21-2.fc26 (FEDORA-2017-c9d12f264d)
 Utility for secure communication and data storage
--------------------------------------------------------------------------------
Update Information:

New upstream release fixing possible corruption of key databases in old format
--------------------------------------------------------------------------------


================================================================================
 golang-github-10gen-openssl-0-0.12.git4c6dbaf.fc26 (FEDORA-2017-b89641d196)
 OpenSSL bindings for Go (forked from github.com/spacemonkeygo/openssl)
--------------------------------------------------------------------------------
Update Information:

Use compat-openssl and disable building on ppc64 to solve FTBFS.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1423638 - golang-github-10gen-openssl: FTBFS in rawhide
        https://bugzilla.redhat.com/show_bug.cgi?id=1423638
--------------------------------------------------------------------------------


================================================================================
 golang-github-cznic-internal-1.0.0-1.20170516.git6c349f9.fc26 (FEDORA-2017-e9dc7f81fa)
 Shared dependencies for other cznic Go libraries
--------------------------------------------------------------------------------
Update Information:

Initial package for fedora.  This is one of the (indirect) dependencies of
syncthing.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1431740 - Review Request: golang-github-cznic-internal - Shared dependencies for other cznic Go libraries
        https://bugzilla.redhat.com/show_bug.cgi?id=1431740
--------------------------------------------------------------------------------


================================================================================
 golang-github-fortytw2-leaktest-1.0.0-1.fc26 (FEDORA-2017-4aa88be2fa)
 Goroutine Leak Detector
--------------------------------------------------------------------------------
Update Information:

Use upstream version tag
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1451530 - golang-github-fortytw2-leaktest-v1.0.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1451530
--------------------------------------------------------------------------------


================================================================================
 gssproxy-0.7.0-6.fc26 (FEDORA-2017-455e2c1c09)
 GSSAPI Proxy
--------------------------------------------------------------------------------
Update Information:

* Fix segfault when no gssproxy config files are present. * Ported to gcc7.
--------------------------------------------------------------------------------


================================================================================
 inxi-2.3.8-3.fc26 (FEDORA-2017-d6f45529dd)
 A full featured system information script
--------------------------------------------------------------------------------
Update Information:

Removed deprecated net-tools dependency.
--------------------------------------------------------------------------------


================================================================================
 kernel-4.11.1-300.fc26 (FEDORA-2017-65d7aa02aa)
 The Linux kernel
--------------------------------------------------------------------------------
Update Information:

The 4.11.1 update contains a number of important fixes across the tree.
--------------------------------------------------------------------------------


================================================================================
 kompose-0.6.0-0.1.fc26 (FEDORA-2017-acd2196245)
 Tool to move from 'docker-compose' to Kubernetes
--------------------------------------------------------------------------------
Update Information:

Updated to latest release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1446862 - kompose-v0.6.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1446862
--------------------------------------------------------------------------------


================================================================================
 layla-fonts-2.0-1.fc26 (FEDORA-2017-e1d681f65d)
 A collection of traditional Arabic fonts
--------------------------------------------------------------------------------
Update Information:

- Fixed fonts. They work on MacOS now - Changed Latin letters and numbers
--------------------------------------------------------------------------------


================================================================================
 less-487-3.fc26 (FEDORA-2017-46cca25356)
 A text file browser similar to more, but better
--------------------------------------------------------------------------------
Update Information:

read correctly text files named accidentally '*.rpm' (rhbz#1449790)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1449790 - README.rpm is bad name for readme file
        https://bugzilla.redhat.com/show_bug.cgi?id=1449790
--------------------------------------------------------------------------------


================================================================================
 libcxx-3.9.1-1.fc26 (FEDORA-2017-770b0e3907)
 C++ standard library targeting C++11
--------------------------------------------------------------------------------
Update Information:

Sync with the rest of the llvm/clang stack.
--------------------------------------------------------------------------------


================================================================================
 libcxxabi-3.9.1-1.fc26 (FEDORA-2017-770b0e3907)
 Low level support for a standard C++ library
--------------------------------------------------------------------------------
Update Information:

Sync with the rest of the llvm/clang stack.
--------------------------------------------------------------------------------


================================================================================
 libvncserver-0.9.11-2.fc26 (FEDORA-2017-6125002d79)
 Library to make writing a VNC server easy
--------------------------------------------------------------------------------
Update Information:

Update to latest stable release, include fixes for gnutls and gtk-vnc
compatibility.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1410168 - CVE-2016-9942 libvncserver: Heap-based buffer overflow in ultra.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1410168
  [ 2 ] Bug #1410166 - CVE-2016-9941 libvncserver: Heap-based buffer overflow in rfbproto.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1410166
--------------------------------------------------------------------------------


================================================================================
 lightdm-autologin-greeter-1.0-1.fc26 (FEDORA-2017-34b2988430)
 Autologin greeter using LightDM
--------------------------------------------------------------------------------
Update Information:

Initial import
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1451134 - Review Request: lightdm-autologin-greeter - Autologin greeter using LightDM
        https://bugzilla.redhat.com/show_bug.cgi?id=1451134
--------------------------------------------------------------------------------


================================================================================
 lightdm-settings-1.0.7-1.fc26 (FEDORA-2017-b1007bc3b5)
 Configuration tool for the LightDM display manager
--------------------------------------------------------------------------------
Update Information:

* New upstream release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1451532 - lightdm-settings-1.0.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1451532
--------------------------------------------------------------------------------


================================================================================
 mate-menu-17.10.1-1.fc26 (FEDORA-2017-9c2cc59359)
 Advanced Menu for the MATE Desktop
--------------------------------------------------------------------------------
Update Information:

update to 17.10.1
--------------------------------------------------------------------------------


================================================================================
 mate-panel-1.18.2-2.fc26 (FEDORA-2017-4c43516fb5)
 MATE Desktop panel and applets
--------------------------------------------------------------------------------
Update Information:

- panel-launcher: fix translation in tooltip comment
--------------------------------------------------------------------------------


================================================================================
 mraa-1.7.0-1.fc26 (FEDORA-2017-0e423f623f)
 A low level skeleton library for Industrial IO Communication
--------------------------------------------------------------------------------
Update Information:

Update to 1.7.0
--------------------------------------------------------------------------------


================================================================================
 nfs-ganesha-2.4.5-3.fc26 (FEDORA-2017-75d29a9898)
 NFS-Ganesha is a NFS Server running in user space
--------------------------------------------------------------------------------
Update Information:

rebuild with libntirpc-1.4.4
--------------------------------------------------------------------------------


================================================================================
 petsc-3.7.6-3.fc26 (FEDORA-2017-484e6de0e1)
 Portable Extensible Toolkit for Scientific Computation
--------------------------------------------------------------------------------
Update Information:

- Update to 3.7.6 - Install petscvariables/petscrules - Install pkgconfig files
--------------------------------------------------------------------------------


================================================================================
 php-justinrainbow-json-schema5-5.2.1-1.fc26 (FEDORA-2017-4f26f03d0c)
 A library to validate a json schema
--------------------------------------------------------------------------------
Update Information:

**Version 5.2.1**   * fix #353 Validation of JSON-Schema * fix #405 fix bug when
applying defaults * fix #408 SchemaStorage::addSchema() should call
BaseConsstraint::arrayToObjectRecursive() on the provide schemas * fix #409
[BUGFIX] Cast empty schema arrays to object * fix #411 [BUGFIX] Split
$objectDefinition into $schema and $properties * fix #415 Issue-414: Allow The
Option of T or space for Date time. * fix #416 Testcase for minProperties with
properties defined + Fix Test * fix #419 [BUGFIX] Split "uri" format into "uri"
& "uri-reference", fix meta-schema bug * fix #421 [BUGFIX] Tweak phpdocumentor
dependency to avoid install conflicts
--------------------------------------------------------------------------------


================================================================================
 piglit-1.0.20170515-4.GITa969d23f.fc26 (FEDORA-2017-ba4064bfcb)
 Collection of automated tests for OpenGL implementations
--------------------------------------------------------------------------------
Update Information:

Update to the latest upstream to test Vulcan cards
--------------------------------------------------------------------------------


================================================================================
 pydf-12-1.fc26 (FEDORA-2017-6670143f8d)
 Fully colorized df clone written in python
--------------------------------------------------------------------------------
Update Information:

Update to version 12
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1338050 - Update pydf to version 12
        https://bugzilla.redhat.com/show_bug.cgi?id=1338050
--------------------------------------------------------------------------------


================================================================================
 python-Bottleneck-1.2.1-1.fc26 (FEDORA-2017-71e9127c26)
 Collection of fast NumPy array functions written in Cython
--------------------------------------------------------------------------------
Update Information:

* New upstream release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1451146 - python-Bottleneck-1.2.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1451146
--------------------------------------------------------------------------------


================================================================================
 python-acme-0.14.1-1.fc26 (FEDORA-2017-64270716a0)
 Python library for the ACME protocol
--------------------------------------------------------------------------------
Update Information:

 * Update to 0.14.1  * Tweaks to the renew timer (bz#1444814 bz#1441846)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1441846 - Improvements to timer randomization
        https://bugzilla.redhat.com/show_bug.cgi?id=1441846
  [ 2 ] Bug #1448431 - python-certbot-apache-0.14.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1448431
  [ 3 ] Bug #1448423 - python-acme-0.14.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1448423
  [ 4 ] Bug #1444814 - certbot: error: argument --pre-hook: expected one argument
        https://bugzilla.redhat.com/show_bug.cgi?id=1444814
  [ 5 ] Bug #1448430 - certbot-0.14.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1448430
--------------------------------------------------------------------------------


================================================================================
 python-cassandra-driver-3.9.0-2.fc26 (FEDORA-2017-4a94e48981)
 Python driver for Apache Cassandra
--------------------------------------------------------------------------------
Update Information:

Fix and enable tests on more (big endian) platforms
--------------------------------------------------------------------------------


================================================================================
 python-certbot-apache-0.14.1-1.fc26 (FEDORA-2017-64270716a0)
 The apache plugin for certbot
--------------------------------------------------------------------------------
Update Information:

 * Update to 0.14.1  * Tweaks to the renew timer (bz#1444814 bz#1441846)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1441846 - Improvements to timer randomization
        https://bugzilla.redhat.com/show_bug.cgi?id=1441846
  [ 2 ] Bug #1448431 - python-certbot-apache-0.14.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1448431
  [ 3 ] Bug #1448423 - python-acme-0.14.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1448423
  [ 4 ] Bug #1444814 - certbot: error: argument --pre-hook: expected one argument
        https://bugzilla.redhat.com/show_bug.cgi?id=1444814
  [ 5 ] Bug #1448430 - certbot-0.14.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1448430
--------------------------------------------------------------------------------


================================================================================
 python-dill-0.2.6-1.fc26 (FEDORA-2017-01908e05bd)
 Serialize all of Python
--------------------------------------------------------------------------------
Update Information:

New upstream source
--------------------------------------------------------------------------------


================================================================================
 python-pandas-0.20.1-1.fc26 (FEDORA-2017-52c39f311c)
 Python library providing high-performance data analysis tools
--------------------------------------------------------------------------------
Update Information:

Update pandas to new upstream release 0.20. See changes here:
http://pandas.pydata.org/pandas-docs/stable/whatsnew.html#v0-20-1-may-5-2017
--------------------------------------------------------------------------------


================================================================================
 python-pandas-datareader-0.3.0-1.post0.fc26 (FEDORA-2017-52c39f311c)
 Data readers from the pandas codebase
--------------------------------------------------------------------------------
Update Information:

Update pandas to new upstream release 0.20. See changes here:
http://pandas.pydata.org/pandas-docs/stable/whatsnew.html#v0-20-1-may-5-2017
--------------------------------------------------------------------------------


================================================================================
 python-statsmodels-0.8.0-1.fc26 (FEDORA-2017-2a7ce62bb9)
 Statistics in Python
--------------------------------------------------------------------------------
Update Information:

See details here: http://www.statsmodels.org/devel/release/index.html
--------------------------------------------------------------------------------


================================================================================
 python-voluptuous-0.10.5-1.fc26 (FEDORA-2017-9eda96b9cb)
 A Python data validation library
--------------------------------------------------------------------------------
Update Information:

See changes here:
https://github.com/alecthomas/voluptuous/blob/master/CHANGELOG.md
--------------------------------------------------------------------------------


================================================================================
 python-x2go-0.5.0.5-1.fc26 (FEDORA-2017-77cb3985e4)
 Python module providing X2Go client API
--------------------------------------------------------------------------------
Update Information:

Update to 0.5.0.5 - support for newer gevent versions (1.1 and higher)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1451150 - python-x2go-0.5.0.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1451150
--------------------------------------------------------------------------------


================================================================================
 root-6.08.06-7.fc26 (FEDORA-2017-4880048a1c)
 Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:

Backport python 3 compatibility fixes from upstream.  Fix for macro scope issue.
Rebuild for OCE 0.18.1.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1437135 - Upstream Bug in python3-jupyroot
        https://bugzilla.redhat.com/show_bug.cgi?id=1437135
  [ 2 ] Bug #1448289 - variables declared in gROOT->Macro lost from scope
        https://bugzilla.redhat.com/show_bug.cgi?id=1448289
  [ 3 ] Bug #1451362 - CMake config refers to the wrong libJupyROOT.so
        https://bugzilla.redhat.com/show_bug.cgi?id=1451362
--------------------------------------------------------------------------------


================================================================================
 rubygem-hoe-3.16.0-1.fc26 (FEDORA-2017-d112f64fe0)
 Hoe is a simple rake/rubygems helper for project Rakefiles
--------------------------------------------------------------------------------
Update Information:

New version 3.16.0 is released.
--------------------------------------------------------------------------------


================================================================================
 sedutil-1.12-3.fc26 (FEDORA-2017-16408468c4)
 Tools to manage the activation and use of self encrypting drives
--------------------------------------------------------------------------------
Update Information:

sedutil is the follow on developement to msed.  The sedutil-cli command replaces
the msed command.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1447741 - Review Request: sedutil - Tools to manage the activation and use of self encrypting drives
        https://bugzilla.redhat.com/show_bug.cgi?id=1447741
  [ 2 ] Bug #1352870 - update msed to sedutil v. 1.12
        https://bugzilla.redhat.com/show_bug.cgi?id=1352870
--------------------------------------------------------------------------------


================================================================================
 system-config-kdump-2.0.16-6.fc26 (FEDORA-2017-d5c66c44b6)
 A graphical interface for configuring kernel crash dumping
--------------------------------------------------------------------------------
Update Information:

Remove warning related to GtkRadioButton
--------------------------------------------------------------------------------


================================================================================
 tigervnc-1.8.0-1.fc26 (FEDORA-2017-89f4e19ca0)
 A TigerVNC remote display system
--------------------------------------------------------------------------------
Update Information:

Tigervnc 1.8.0 release.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1451535 - tigervnc-1.8.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1451535
--------------------------------------------------------------------------------


================================================================================
 tinycompress-1.1.4-1.fc26 (FEDORA-2017-50a1f67110)
 A library for compress audio offload in alsa
--------------------------------------------------------------------------------
Update Information:

1.1.4 release
--------------------------------------------------------------------------------


================================================================================
 uboot-tools-2017.05-1.fc26 (FEDORA-2017-782a60cd2e)
 U-Boot utilities
--------------------------------------------------------------------------------
Update Information:

u-boot 2017.05 GA release with initial support for arm-trusted-firmware and
Pine64 support
--------------------------------------------------------------------------------


================================================================================
 waf-1.9.11-1.fc26 (FEDORA-2017-9d0693e65b)
 A Python-based build system
--------------------------------------------------------------------------------
Update Information:

#### NEW IN WAF 1.9.11 ####  * Detect Visual Studio 2017 Build Tools using
vswhere.exe #1945 * Improve preprocessor performance on system paths in verbose
mode #1950 * Better installation defaults for windows import libraries #1860 *
cpplint enhancements: --cpplint-root #1953 #1956 * eclipse project generator
enhancements #1957 #1958
--------------------------------------------------------------------------------


================================================================================
 wcslib-5.16-1.fc26 (FEDORA-2017-06f3242470)
 An implementation of the FITS World Coordinate System standard
--------------------------------------------------------------------------------
Update Information:

Contains minor improvements and bugfixes, see
http://www.atnf.csiro.au/people/mcalabre/WCS/CHANGES
--------------------------------------------------------------------------------


================================================================================
 wine-2.8-1.fc26 (FEDORA-2017-985f3ea413)
 A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:

- Direct3D command stream runs asynchronously.   - Better serial and parallel
ports autodetection.   - Still more fixes for high DPI settings.   - System tray
notifications on macOS.   - Various bug fixes.  Wine-Staging  - Improved fake
dll generation. - Implement updating shared data time fields. - Reset debug
registers on thread creation. - Added basic ACL viewer in file properties. -
Various smaller improvements and bug fixes.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1450548 - wine-2.8 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1450548
--------------------------------------------------------------------------------


================================================================================
 wordpress-4.7.5-1.fc26 (FEDORA-2017-fe7c3c9c30)
 Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:

**WordPress 4.7.5** is now available. This is a security release for all
previous versions and we strongly encourage you to update your sites
immediately.  WordPress versions 4.7.4 and earlier are affected by six security
issues:  *    Insufficient redirect validation in the HTTP class. Reported by
Ronni Skansing. *    Improper handling of post meta data values in the XML-RPC
API. Reported by Sam Thomas. *    Lack of capability checks for post meta data
in the XML-RPC API. Reported by Ben Bidner of the WordPress Security Team. *
A Cross Site Request Forgery (CRSF)  vulnerability was discovered in the
filesystem credentials dialog. Reported by Yorick Koster. *    A cross-site
scripting (XSS) vulnerability was discovered when attempting to upload very
large files. Reported by Ronni Skansing. *    A cross-site scripting (XSS)
vulnerability was discovered related to the Customizer. Reported by Weston Ruter
of the WordPress Security Team.  Thank you to the reporters of these issues for
practicing responsible disclosure.  In addition to the security issues above,
WordPress 4.7.5 contains 3 maintenance fixes to the 4.7 release series. For more
information, see the [release notes](https://codex.wordpress.org/Version_4.7.5)
or consult the [list of changes](https://core.trac.wordpress.org/query?status=cl
osed&milestone=4.7.5&group=component&col=id&col=summary&col=component&col=status
&col=owner&col=type&col=priority&col=keywords&order=priority).
--------------------------------------------------------------------------------


================================================================================
 ws-commons-util-1.0.2-5.fc26 (FEDORA-2017-741f0d6273)
 Common utilities from the Apache Web Services Project
--------------------------------------------------------------------------------
Update Information:

Removes unnecessary runtime dependencies on xml-commons-apis and junit.
--------------------------------------------------------------------------------


================================================================================
 xapian-bindings-1.4.4-1.fc26 (FEDORA-2017-3e71a36123)
 Bindings for the Xapian Probabilistic Information Retrieval Library
--------------------------------------------------------------------------------
Update Information:

Update to 1.4.4
--------------------------------------------------------------------------------


================================================================================
 xapian-core-1.4.4-1.fc26 (FEDORA-2017-3e71a36123)
 The Xapian Probabilistic Information Retrieval Library
--------------------------------------------------------------------------------
Update Information:

Update to 1.4.4
--------------------------------------------------------------------------------


================================================================================
 xml-maven-plugin-1.0.1-3.fc26 (FEDORA-2017-99801cac35)
 Maven XML Plugin
--------------------------------------------------------------------------------
Update Information:

Removes an unnecessary dependency on the "xml-commons-apis" package. The
javax.xml classes are now supplied by the JRE.
--------------------------------------------------------------------------------


================================================================================
 xpa-2.1.18-1.fc26 (FEDORA-2017-3cce920fcb)
 The X Public Access messaging system
--------------------------------------------------------------------------------
Update Information:

New upstream version
--------------------------------------------------------------------------------


================================================================================
 xpp3-1.1.4-15.c.fc26 (FEDORA-2017-0007037957)
 XML Pull Parser
--------------------------------------------------------------------------------
Update Information:

Update Felix SCR to the latest release. See the upstream changelog for details:
http://svn.apache.org/repos/asf/felix/releases/org.apache.felix.scr-2.0.10/chang
elog.txt  Also eliminates an unnecessary dependency on the "xml-commons-apis"
package.
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx





[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux