The following Fedora 26 Security updates need testing: Age URL 95 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01 python-XStatic-jquery-ui-1.12.0.1-2.fc26 35 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2522df3526 nodejs-brace-expansion-1.1.7-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-313712a583 jabberd-2.6.1-1.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-42e41e9d25 perl-DBD-MySQL-4.043-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0eea793538 globus-ftp-client-8.36-1.fc26 globus-gass-cache-program-6.7-1.fc26 globus-gass-copy-9.27-1.fc26 globus-gram-client-13.18-1.fc26 globus-gram-job-manager-14.36-1.fc26 globus-gram-job-manager-condor-2.6-5.fc26 globus-gridftp-server-12.2-1.fc26 globus-gssapi-gsi-12.17-1.fc26 globus-io-11.9-1.fc26 globus-net-manager-0.17-1.fc26 globus-xio-5.16-1.fc26 globus-xio-gsi-driver-3.11-1.fc26 globus-xio-pipe-driver-3.10-1.fc26 globus-xio-udt-driver-1.28-1.fc26 myproxy-6.1.28-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7ab0179693 cacti-1.1.12-2.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3fb16e3a65 openvas-cli-1.4.5-3.fc26 openvas-gsa-7.0.2-2.fc26 openvas-manager-7.0.2-1.fc26 openvas-scanner-5.1.1-1.fc26 openvas-libraries-9.0.1-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b8bb4b86e2 php-7.1.7-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-18601ad5d2 expat-2.2.1-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d3d38a53f9 knot-2.4.5-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-114e1abf9d irssi-1.0.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bbe2ee70cd qt5-qtwebkit-5.212.0-0.5.alpha2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-661dddc462 groovy18-1.8.9-28.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e6aaef4475 knot-resolver-1.3.1-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-357f9df699 spatialite-tools-4.3.0-23.fc26 sqlite-3.19.3-1.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-73370082fb garcon-0.6.1-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ad3832d881 ostree-2017.8-2.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-706c04d233 pcre-8.41-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-18601ad5d2 expat-2.2.1-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-357f9df699 spatialite-tools-4.3.0-23.fc26 sqlite-3.19.3-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7d9f1a2ae1 openssh-7.5p1-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccf0088652 koji-1.13.0-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2721b7375 selinux-policy-3.13.1-260.1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bea66311ff xorg-x11-utils-7.5-23.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-244f799ac9 nss-3.31.0-1.0.fc26 nss-util-3.31.0-1.0.fc26 nss-softokn-3.31.0-1.0.fc26 nspr-4.15.0-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-30f24d8999 vim-8.0.705-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-16b93b066d brltty-5.5-5.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-654872eda8 lorax-26.9-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9ac76b08ad lz4-1.7.5-4.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-45b006e169 efivar-31-1.fc26 efibootmgr-15-1.fc26 dbxtool-7-4.fc26 fwupdate-8-4.fc26 mokutil-0.3.0-5.fc26 pesign-0.112-7.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f941efd84c koji-1.13.0-1.fc26 The following builds have been pushed to Fedora 26 updates-testing arduino-1.6.6-2.fc26 atoum-3.1.0-1.fc26 condor-8.6.4-1.fc26 fedrepo-req-0.1.9-1.fc26 gabedit-2.5.0-1.fc26 gnome-pkg-tools-0.19.8-1.fc26 gnome-shell-extension-activities-configurator-57-1.fc26 httpd-2.4.27-2.fc26 koji-1.13.0-2.fc26 kvirc-5.0.0-0.7.alpha2.fc26 libreoffice-5.3.4.2-3.fc26 mariadb-10.1.25-1.fc26 mod_http2-1.10.7-1.fc26 module-build-service-1.3.24-3.fc26 mosquitto-1.4.14-1.fc26 nodejs-qtdatastream-1.0.0-2.fc26 nrpe-3.1.1-6.fc26 openssh-7.5p1-3.fc26 openzwave-1.4.164-1.fc26 perl-ExtUtils-MakeMaker-7.24-3.fc26 php-zendframework-zend-eventmanager-3.2.0-1.fc26 php-zendframework-zend-modulemanager-2.8.0-1.fc26 python-biopython-1.70-1.fc26 python-trezor-0.7.16-2.fc26 python3-mypy-0.520-1.fc26 spatialite-tools-4.3.0-23.fc26 spice-protocol-0.12.13-1.fc26 sqlite-3.19.3-1.fc26 xmlrpc-3.1.3-17.fc26 Details about builds: ================================================================================ arduino-1.6.6-2.fc26 (FEDORA-2017-6576714231) An IDE for Arduino-compatible electronics prototyping platforms -------------------------------------------------------------------------------- Update Information: update astyle patch for 3.0 (#1444550) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1444550 - Crashes at startup with "java.lang.UnsatisfiedLinkError: Can't load library: /usr/lib/libastyle-2.05.so" https://bugzilla.redhat.com/show_bug.cgi?id=1444550 -------------------------------------------------------------------------------- ================================================================================ atoum-3.1.0-1.fc26 (FEDORA-2017-e3de7515f5) PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: **Version 3.1.0** - 2017-07-11 * [#726](https://github.com/atoum/atoum/pull/726) Remove an autoloader cache warning ([hywan]) * [#719](https://github.com/atoum/atoum/pull/719) Add nullable type support in the mock engine ([grummfy]) * [#723](https://github.com/atoum/atoum/pull/724) `object` is a reserved keyword as of PHP 7.2 ([trasher]) * [#713](https://github.com/atoum/atoum/pull/713) Results are folded on Travis CI ([jubianchi]) * [#709](https://github.com/atoum/atoum/pull/709) Exception asserter now has `isInstanceOf` without parenthesis ([guiled]) * [#705](https://github.com/atoum/atoum/pull/705) Stream asserter now has `isRead` and `isWritten` assertion (without brackets) ([guiled]) * [#701](https://github.com/atoum/atoum/pull/701) Mock generator supports `strict_types` ([jubianchi]) -------------------------------------------------------------------------------- ================================================================================ condor-8.6.4-1.fc26 (FEDORA-2017-40bd3c4ef4) Condor: High Throughput Computing -------------------------------------------------------------------------------- Update Information: Update to latest upstream 8.6.4 -------------------------------------------------------------------------------- ================================================================================ fedrepo-req-0.1.9-1.fc26 (FEDORA-2017-cc9edfb024) CLI for Fedora package repo requests -------------------------------------------------------------------------------- Update Information: Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469331 - Review Request: fedrepo-req - A CLI tool that provides an easy way to submit ticket requests for packaging tasks in Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1469331 -------------------------------------------------------------------------------- ================================================================================ gabedit-2.5.0-1.fc26 (FEDORA-2017-2d516185dc) GUI for computational chemistry -------------------------------------------------------------------------------- Update Information: * Minor bugs fixed. * New tools for VASP : * read geometries (Optimization or M. Dynamic) from VASP OUTCAR file * read geometry from VASP POSCAR file. * Create VASP POSCAR file. * Read dielectric function from a VASP xml file and compute optic properties : the refractive index n(w), the extinction coefficient k(w), the absorption coefficient alpha(w), the reflectivity R(w), the energy loss spectrum L(w), and the optical conductivity sigma(w). * read data from vasprun.xml and plot DOS, pDOS and, Bands structures * Gabedit can now read the hessian from .hess orca file. After reading of the hessian, Gabedit compute frequencies, modes and effective masses. * Export in CChemI : update * Tv accepted (used by Gaussian and Mopac for periodic system). Using Tv, Gabedit can generate other cells * deMon2k is now supported (Thanks to Dennis Salahub, Mauricio Chagas da Silva, Jonathan Kung and Morteza Chehelamirani for their suggestions, corrections, comments,...) * Gabedit can now compute the anharmonic spectrum by QM/MMFF94 method using iGVPT2 program. Gabedit can read the harmonic and anharmonic spectra from an iGVPT2 output file. * Energy, geometry optimization, MD, MD Conformations search by MMFF94, MMFF94s, UFF and Ghemical potentials are now supported by Gabedit via Open Babel. * Energy, geometry optimization, MD, MD Conformations search using your own program (potential) are now supported. DFTB+ is supported via this new tool. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469316 - gabedit-250 is available https://bugzilla.redhat.com/show_bug.cgi?id=1469316 -------------------------------------------------------------------------------- ================================================================================ gnome-pkg-tools-0.19.8-1.fc26 (FEDORA-2017-f8bc1799af) Tools for the Debian GNOME Packaging Team -------------------------------------------------------------------------------- Update Information: Update to version 0.19.8, see http://metadata.ftp- master.debian.org/changelogs/main/g/gnome-pkg-tools/gnome-pkg- tools_0.19.8_changelog for details. -------------------------------------------------------------------------------- ================================================================================ gnome-shell-extension-activities-configurator-57-1.fc26 (FEDORA-2017-1e64d936a2) Configure the top bar and Activities button in GNOME Shell -------------------------------------------------------------------------------- Update Information: Bump to upstream version 57, which fixes a translation error. -------------------------------------------------------------------------------- ================================================================================ httpd-2.4.27-2.fc26 (FEDORA-2017-5f65279a9f) Apache HTTP Server -------------------------------------------------------------------------------- Update Information: File /etc/sysconfig/httpd is ghosted now ---- Version update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469959 - httpd update cleaned out /etc/sysconfig https://bugzilla.redhat.com/show_bug.cgi?id=1469959 [ 2 ] Bug #1469103 - httpd-2.4.27 is available https://bugzilla.redhat.com/show_bug.cgi?id=1469103 -------------------------------------------------------------------------------- ================================================================================ koji-1.13.0-2.fc26 (FEDORA-2017-ccf0088652) Build system tools -------------------------------------------------------------------------------- Update Information: Require python2-koji on Fedora <= 26. -------------------------------------------------------------------------------- ================================================================================ kvirc-5.0.0-0.7.alpha2.fc26 (FEDORA-2017-b55e2dfd7b) Free portable IRC client -------------------------------------------------------------------------------- Update Information: - Switch to compat-openssl10-devel - Fix FTBFS (rhbz 1423830) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1423830 - kvirc: FTBFS in rawhide: invalid use of incomplete type 'DH {aka struct dh_st}' https://bugzilla.redhat.com/show_bug.cgi?id=1423830 -------------------------------------------------------------------------------- ================================================================================ libreoffice-5.3.4.2-3.fc26 (FEDORA-2017-113b0cbdd3) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1463839 libanimcore is needed by Draw too -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463839 - LibreOffice Draw crash on document save on F25 due to missing dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1463839 -------------------------------------------------------------------------------- ================================================================================ mariadb-10.1.25-1.fc26 (FEDORA-2017-1c581dc391) A community developed branch of MySQL -------------------------------------------------------------------------------- Update Information: Smaller update fixing few bugs: * CrackLib and GSSApi plugins disabled by default - rhbz#1468028, rhbz#1464070 * First build to include fix for rhbz#1455811 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1455811 - fix %global pidfiledir and other references to legacy /var/run https://bugzilla.redhat.com/show_bug.cgi?id=1455811 [ 2 ] Bug #1464070 - The default config is incompatible with mysqladmin password https://bugzilla.redhat.com/show_bug.cgi?id=1464070 [ 3 ] Bug #1468028 - auth_gssapi plugin should be disabled by default https://bugzilla.redhat.com/show_bug.cgi?id=1468028 -------------------------------------------------------------------------------- ================================================================================ mod_http2-1.10.7-1.fc26 (FEDORA-2017-99f1a521fa) module implementing HTTP/2 for Apache 2 -------------------------------------------------------------------------------- Update Information: Version update -------------------------------------------------------------------------------- ================================================================================ module-build-service-1.3.24-3.fc26 (FEDORA-2017-13d3aa895f) The Module Build Service for Modularity -------------------------------------------------------------------------------- Update Information: Fix the pdc-client runtime dep. /cc @langdon. ---- Update to new version 1.3.24. ---- New version 1.3.22. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1456336 - FTBFS on epel-testing https://bugzilla.redhat.com/show_bug.cgi?id=1456336 [ 2 ] Bug #1457276 - module-build-service-1.3.23 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457276 [ 3 ] Bug #1435222 - module-build-service-1.3.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1435222 -------------------------------------------------------------------------------- ================================================================================ mosquitto-1.4.14-1.fc26 (FEDORA-2017-445e54c075) An Open Source MQTT v3.1/v3.1.1 Broker -------------------------------------------------------------------------------- Update Information: Update to new upstream version 1.4.14 -------------------------------------------------------------------------------- ================================================================================ nodejs-qtdatastream-1.0.0-2.fc26 (FEDORA-2017-b3d0cbedc2) Nodejs lib which can read/write Qt formatted Datastreams -------------------------------------------------------------------------------- Update Information: Add missing index.js file to package. -------------------------------------------------------------------------------- ================================================================================ nrpe-3.1.1-6.fc26 (FEDORA-2017-d9a7b840d8) Host/service/network monitoring agent for Nagios -------------------------------------------------------------------------------- Update Information: Put in fix for 1204683 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1204683 - check_ide_smart cannot be started by nrpe https://bugzilla.redhat.com/show_bug.cgi?id=1204683 -------------------------------------------------------------------------------- ================================================================================ openssh-7.5p1-3.fc26 (FEDORA-2017-7d9f1a2ae1) An open source implementation of SSH protocol versions 1 and 2 -------------------------------------------------------------------------------- Update Information: Fix potential issues with OpenSSL 1.1.0 patch and behavior in FIPS mode. -------------------------------------------------------------------------------- ================================================================================ openzwave-1.4.164-1.fc26 (FEDORA-2017-959b609e7d) Sample Executables for OpenZWave -------------------------------------------------------------------------------- Update Information: Initial package release. http://www.openzwave.net/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1468766 - Review Request: openzwave - OpenZWave is a library to support for Z-Wave home-automation devices https://bugzilla.redhat.com/show_bug.cgi?id=1468766 -------------------------------------------------------------------------------- ================================================================================ perl-ExtUtils-MakeMaker-7.24-3.fc26 (FEDORA-2017-d98fbf0786) Create a module Makefile -------------------------------------------------------------------------------- Update Information: This release fixes a test that started to fail due to bad order of setting permissions for a file and removing the file. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-eventmanager-3.2.0-1.fc26 (FEDORA-2017-c7b6eef877) Trigger and listen to events within a PHP application -------------------------------------------------------------------------------- Update Information: **Version 3.2.0** - 2017-07-11 - [#47](https://github.com/zendframework/zend- eventmanager/pull/47) removes support for PHP 5.5 and HHVM. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-modulemanager-2.8.0-1.fc26 (FEDORA-2017-80d94a32d1) Zend Framework ModuleManager component -------------------------------------------------------------------------------- Update Information: **Version 2.8.0** - 2017-07-11 * Added - [#4](https://github.com/zendframework/zend-modulemanager/pull/4) adds a new `ListenerOptions` option, `use_zend_loader`. The option defaults to `true`, which keeps the current behavior of registering the `ModuleAutoloader` and `AutoloaderProvider`. If you disable it, these features will no longer be loaded, allowing `ModuleManager` to be used without zend-loader. - [#5](https://github.com/zendframework/zend-modulemanager/pull/5) adds the ability to use a class of any name for a module, so long as you provide the fully qualified class name when registering the module with the module manager. * Removed - [#62](https://github.com/zendframework/zend- modulemanager/pull/62) removes support for PHP 5.5 and HHVM. * Fixed - [#53](https://github.com/zendframework/zend-modulemanager/pull/53) preventing race conditions when writing cache files (merged configuration) **Version 2.7.3** - 2017-07-11 * Fixed - [#39](https://github.com/zendframework /zend-modulemanager/pull/39) and [#53](https://github.com/zendframework/zend- modulemanager/pull/53) prevent race conditions when writing cache files (merged configuration). - [#36](https://github.com/zendframework/zend- modulemanager/pull/36) removes a throw from `ServiceListener::onLoadModulesPost()` that was previously emitted when a named plugin manager did not have an associated service present yet. Doing so allows plugin managers to be registered after configuration is fully merged, instead of requiring they be defined early. This change allows components to define their plugin managers via their `Module` classes. - [#58](https://github.com/zendframework/zend-modulemanager/pull/58) corrects the typehint for the `ServiceListener::$listeners` property. -------------------------------------------------------------------------------- ================================================================================ python-biopython-1.70-1.fc26 (FEDORA-2017-530f0f1ebe) Python tools for computational molecular biology -------------------------------------------------------------------------------- Update Information: - Update to biopython-1.70 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1440337 - python-biopython-1.70 is available https://bugzilla.redhat.com/show_bug.cgi?id=1440337 -------------------------------------------------------------------------------- ================================================================================ python-trezor-0.7.16-2.fc26 (FEDORA-2017-3c406b052d) Python library for communicating with TREZOR Hardware Wallet -------------------------------------------------------------------------------- Update Information: Included another patch to have it work with Fedora 25 with protobuf2 ---- Updated to latest version and fixed bug on f25 related to protobuffer 2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1462577 - python-trezor-0.7.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1462577 -------------------------------------------------------------------------------- ================================================================================ python3-mypy-0.520-1.fc26 (FEDORA-2017-84648b39ff) A static type checker for Python -------------------------------------------------------------------------------- Update Information: 0.520 -------------------------------------------------------------------------------- ================================================================================ spatialite-tools-4.3.0-23.fc26 (FEDORA-2017-357f9df699) A set of useful CLI tools for SpatiaLite -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-10989: Heap-buffer overflow in the getNodeSize function Additionally sqlite has been updated to version 3.19.3, and spatialite-tools rebuilt for the update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469672 - CVE-2017-10989 sqlite: Heap-buffer overflow in the getNodeSize function https://bugzilla.redhat.com/show_bug.cgi?id=1469672 -------------------------------------------------------------------------------- ================================================================================ spice-protocol-0.12.13-1.fc26 (FEDORA-2017-d8fcfcf98f) Spice protocol header files -------------------------------------------------------------------------------- Update Information: Update to 0.12.13 release -------------------------------------------------------------------------------- ================================================================================ sqlite-3.19.3-1.fc26 (FEDORA-2017-357f9df699) Library that implements an embeddable SQL database engine -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-10989: Heap-buffer overflow in the getNodeSize function Additionally sqlite has been updated to version 3.19.3, and spatialite-tools rebuilt for the update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469672 - CVE-2017-10989 sqlite: Heap-buffer overflow in the getNodeSize function https://bugzilla.redhat.com/show_bug.cgi?id=1469672 -------------------------------------------------------------------------------- ================================================================================ xmlrpc-3.1.3-17.fc26 (FEDORA-2017-59a2906489) Java XML-RPC implementation -------------------------------------------------------------------------------- Update Information: Resolves failure to build from source -------------------------------------------------------------------------------- References: [ 1 ] Bug #1460767 - xmlrpc fails to build in Fedora 26 https://bugzilla.redhat.com/show_bug.cgi?id=1460767 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
