Fedora 26 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 26 Security updates need testing:
 Age  URL
 130  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01   python-XStatic-jquery-ui-1.12.0.1-2.fc26
  69  https://bodhi.fedoraproject.org/updates/FEDORA-2017-2522df3526   nodejs-brace-expansion-1.1.7-1.fc26
  34  https://bodhi.fedoraproject.org/updates/FEDORA-2017-661dddc462   groovy18-1.8.9-28.fc26
  32  https://bodhi.fedoraproject.org/updates/FEDORA-2017-690a2548ba   openvswitch-2.7.1-2.fc26
  23  https://bodhi.fedoraproject.org/updates/FEDORA-2017-76ce091a43   chicken-4.12.0-3.fc26
  23  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1c053de325   memcached-1.4.39-1.fc26
  23  https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd0d5d376f   python-tablib-0.11.5-1.fc26
  20  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7   docker-distribution-2.6.2-1.git48294d9.fc26
  20  https://bodhi.fedoraproject.org/updates/FEDORA-2017-6186f95179   nasm-2.13.01-3.fc26
  14  https://bodhi.fedoraproject.org/updates/FEDORA-2017-721314e3b3   java-1.8.0-openjdk-aarch32-1.8.0.141-2.170721.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c535f23493   torbrowser-launcher-0.2.8-1.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f9e66916ec   mingw-postgresql-9.6.4-1.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f4c82d73e   mingw-libsoup-2.58.2-1.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-aab5f759f5   cryptlib-3.4.3.1-7.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f8f4cd5b67   cyrus-imapd-3.0.3-1.fc26
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-d4248ba346   botan-1.10.16-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f03b04acbb   mercurial-4.2.3-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e5a78c5ca9   cvs-1.11.23-42.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f79ae2b96f   chromium-60.0.3112.90-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-aecd25b8a9   nginx-1.12.1-1.fc26


The following Fedora 26 Critical Path updates have yet to be approved:
 Age URL
  29  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a695811465   pungi-4.1.17-1.fc26
  27  https://bodhi.fedoraproject.org/updates/FEDORA-2017-4cacf8fe60   ca-certificates-2017.2.16-1.0.fc26
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-923c28037f   qemu-2.9.0-4.fc26
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-3c92db10b8   libvirt-3.2.1-5.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c510774d90   libpsl-0.18.0-1.fc26 publicsuffix-list-20170809-1.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f11b3237a   nspr-4.16.0-1.fc26 nss-3.32.0-1.0.fc26 nss-softokn-3.32.0-1.1.fc26 nss-util-3.32.0-1.0.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-d2b5c43e67   p11-kit-0.23.8-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-6a821cea48   tracker-1.12.2-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1abea60db7   gtk3-3.22.18-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-be5c1b152f   python-setuptools-36.2.0-2.fc26 python3-3.6.2-5.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-53e5b66f7c   vim-8.0.946-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-9850f792de   file-5.30-9.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e5a78c5ca9   cvs-1.11.23-42.fc26


The following builds have been pushed to Fedora 26 updates-testing

    389-ds-base-1.3.6.7-1.fc26
    PyDrive-1.3.1-2.fc26
    alpine-2.21-3.fc26
    chromium-60.0.3112.90-1.fc26
    duplicity-0.7.13.1-2.fc26
    file-5.30-9.fc26
    filezilla-3.27.1-1.fc26
    gnome-shell-extension-freon-27-1.fc26
    gtk3-3.22.18-1.fc26
    guacamole-server-0.9.13-6.fc26
    libfastjson-0.99.6-1.fc26
    libmediainfo-0.7.98-1.fc26
    libzen-0.4.36-1.fc26
    mediaconch-17.07-1.fc26
    mediainfo-0.7.98-1.fc26
    mingw-gdk-pixbuf-2.36.8-1.fc26
    nginx-1.12.1-1.fc26
    p11-kit-0.23.8-1.fc26
    pesign-0.112-18.fc26
    php-pecl-timecop-1.2.8-1.fc26
    pure-ftpd-1.0.46-1.fc26
    python-setuptools-36.2.0-2.fc26
    python3-3.6.2-5.fc26
    syncthing-0.14.36-2.fc26
    tracker-1.12.2-1.fc26
    vim-8.0.946-1.fc26
    xfce4-statusnotifier-plugin-0.1.0-1.fc26

Details about builds:


================================================================================
 389-ds-base-1.3.6.7-1.fc26 (FEDORA-2017-431f07f52a)
 389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:

Bump version to 1.3.6.7-1
--------------------------------------------------------------------------------


================================================================================
 PyDrive-1.3.1-2.fc26 (FEDORA-2017-8ebb30441c)
 A wrapper library of google-api-python-client for Google Drive API tasks
--------------------------------------------------------------------------------
Update Information:

Initial build of PyDrive, add PyDrive dep to duplicity
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1478461 - Review Request: PyDrive - A wrapper library of google-api-python-client that simplifies many common Google Drive API tasks
        https://bugzilla.redhat.com/show_bug.cgi?id=1478461
--------------------------------------------------------------------------------


================================================================================
 alpine-2.21-3.fc26 (FEDORA-2017-0861fe3c01)
 powerful, easy to use console email client
--------------------------------------------------------------------------------
Update Information:

alpine 2.21, update URL, .spec cosmetics
--------------------------------------------------------------------------------


================================================================================
 chromium-60.0.3112.90-1.fc26 (FEDORA-2017-f79ae2b96f)
 A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:

Chromium 60. Security fix for CVE-2017-5091, CVE-2017-5092, CVE-2017-5093,
CVE-2017-5094, CVE-2017-5095, CVE-2017-5096, CVE-2017-5097, CVE-2017-5098,
CVE-2017-5099, CVE-2017-5100, CVE-2017-5101, CVE-2017-5102, CVE-2017-5103,
CVE-2017-5104, CVE-2017-7000, CVE-2017-5105, CVE-2017-5106, CVE-2017-5107,
CVE-2017-5108, CVE-2017-5109, CVE-2017-5110.  New subpackage -headless.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1475213 - CVE-2017-5110 chromium-browser: ui spoofing in payments dialog
        https://bugzilla.redhat.com/show_bug.cgi?id=1475213
  [ 2 ] Bug #1475212 - CVE-2017-5109 chromium-browser: ui spoofing in browser
        https://bugzilla.redhat.com/show_bug.cgi?id=1475212
  [ 3 ] Bug #1475211 - CVE-2017-5108 chromium-browser: type confusion in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1475211
  [ 4 ] Bug #1475210 - CVE-2017-5107 chromium-browser: user information leak via svg
        https://bugzilla.redhat.com/show_bug.cgi?id=1475210
  [ 5 ] Bug #1475209 - CVE-2017-5106 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1475209
  [ 6 ] Bug #1475208 - CVE-2017-5105 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1475208
  [ 7 ] Bug #1475207 - CVE-2017-7000 chromium-browser: pointer disclosure in sqlite
        https://bugzilla.redhat.com/show_bug.cgi?id=1475207
  [ 8 ] Bug #1475206 - CVE-2017-5104 chromium-browser: ui spoofing in browser
        https://bugzilla.redhat.com/show_bug.cgi?id=1475206
  [ 9 ] Bug #1475205 - CVE-2017-5103 chromium-browser: uninitialized use in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1475205
  [ 10 ] Bug #1475204 - CVE-2017-5102 chromium-browser: uninitialized use in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1475204
  [ 11 ] Bug #1475203 - CVE-2017-5101 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1475203
  [ 12 ] Bug #1475202 - CVE-2017-5100 chromium-browser: use after free in chrome apps
        https://bugzilla.redhat.com/show_bug.cgi?id=1475202
  [ 13 ] Bug #1475201 - CVE-2017-5099 chromium-browser: out-of-bounds write in ppapi
        https://bugzilla.redhat.com/show_bug.cgi?id=1475201
  [ 14 ] Bug #1475200 - CVE-2017-5098 chromium-browser: use after free in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1475200
  [ 15 ] Bug #1475199 - CVE-2017-5097 chromium-browser: out-of-bounds read in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1475199
  [ 16 ] Bug #1475198 - CVE-2017-5096 chromium-browser: user information leak via android intents
        https://bugzilla.redhat.com/show_bug.cgi?id=1475198
  [ 17 ] Bug #1475197 - CVE-2017-5095 chromium-browser: out-of-bounds write in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1475197
  [ 18 ] Bug #1475196 - CVE-2017-5094 chromium-browser: type confusion in extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=1475196
  [ 19 ] Bug #1475195 - CVE-2017-5093 chromium-browser: ui spoofing in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1475195
  [ 20 ] Bug #1475194 - CVE-2017-5092 chromium-browser: use after free in ppapi
        https://bugzilla.redhat.com/show_bug.cgi?id=1475194
  [ 21 ] Bug #1475193 - CVE-2017-5091 chromium-browser: use after free in indexeddb
        https://bugzilla.redhat.com/show_bug.cgi?id=1475193
--------------------------------------------------------------------------------


================================================================================
 duplicity-0.7.13.1-2.fc26 (FEDORA-2017-8ebb30441c)
 Encrypted bandwidth-efficient backup using rsync algorithm
--------------------------------------------------------------------------------
Update Information:

Initial build of PyDrive, add PyDrive dep to duplicity
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1478461 - Review Request: PyDrive - A wrapper library of google-api-python-client that simplifies many common Google Drive API tasks
        https://bugzilla.redhat.com/show_bug.cgi?id=1478461
--------------------------------------------------------------------------------


================================================================================
 file-5.30-9.fc26 (FEDORA-2017-9850f792de)
 A utility for determining file types
--------------------------------------------------------------------------------
Update Information:

- New magic file entry - gconv - Recognition of iconv/gconv module cache
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1342428 - file(1) does not recognize iconv/gconv modules cache
        https://bugzilla.redhat.com/show_bug.cgi?id=1342428
--------------------------------------------------------------------------------


================================================================================
 filezilla-3.27.1-1.fc26 (FEDORA-2017-bc1b67ad5f)
 FTP, FTPS and SFTP client
--------------------------------------------------------------------------------
Update Information:

3.27.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1481469 - filezilla-3.27.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1481469
--------------------------------------------------------------------------------


================================================================================
 gnome-shell-extension-freon-27-1.fc26 (FEDORA-2017-b28f7fd6df)
 GNOME Shell extension to display system temperature, voltage, and fan speed
--------------------------------------------------------------------------------
Update Information:

Bump to upstream version 27, which fixes Nvidia GPU label detection.
--------------------------------------------------------------------------------


================================================================================
 gtk3-3.22.18-1.fc26 (FEDORA-2017-1abea60db7)
 GTK+ graphical user interface library
--------------------------------------------------------------------------------
Update Information:

gtk+ 3.22.18 release. For details, see https://mail.gnome.org/archives/ftp-
release-list/2017-August/msg00047.html
--------------------------------------------------------------------------------


================================================================================
 guacamole-server-0.9.13-6.fc26 (FEDORA-2017-ecd3d8a846)
 Server-side native components that form the Guacamole proxy
--------------------------------------------------------------------------------
Update Information:

Update to official 0.9.13.
--------------------------------------------------------------------------------


================================================================================
 libfastjson-0.99.6-1.fc26 (FEDORA-2017-fd752fd491)
 A JSON implementation in C
--------------------------------------------------------------------------------
Update Information:

rebase to v0.99.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1462723 - libfastjson-v0.99.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1462723
--------------------------------------------------------------------------------


================================================================================
 libmediainfo-0.7.98-1.fc26 (FEDORA-2017-5ed8c54410)
 Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:

Update mediainfo to 0.7.98.
--------------------------------------------------------------------------------


================================================================================
 libzen-0.4.36-1.fc26 (FEDORA-2017-5ed8c54410)
 Shared library for libmediainfo and medianfo*
--------------------------------------------------------------------------------
Update Information:

Update mediainfo to 0.7.98.
--------------------------------------------------------------------------------


================================================================================
 mediaconch-17.07-1.fc26 (FEDORA-2017-9c702e252c)
 Most relevant technical and tag data for video and audio files (CLI)
--------------------------------------------------------------------------------
Update Information:

Update to 17.07
--------------------------------------------------------------------------------


================================================================================
 mediainfo-0.7.98-1.fc26 (FEDORA-2017-5ed8c54410)
 Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:

Update mediainfo to 0.7.98.
--------------------------------------------------------------------------------


================================================================================
 mingw-gdk-pixbuf-2.36.8-1.fc26 (FEDORA-2017-69f35f32f5)
 MinGW Windows GDK Pixbuf library
--------------------------------------------------------------------------------
Update Information:

MinGW cross compiled gdk-pixbuf 2.36.8 release.
--------------------------------------------------------------------------------


================================================================================
 nginx-1.12.1-1.fc26 (FEDORA-2017-aecd25b8a9)
 A high performance web server and reverse proxy server
--------------------------------------------------------------------------------
Update Information:

This update includes nginx 1.12.1, fixing CVE-2017-7529, and adds the
http_auth_request module.  See http://mailman.nginx.org/pipermail/nginx-
announce/2017/000200.html for more information on CVE-2017-7529.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1471106 - [patch] enable nginx http_auth_request_module
        https://bugzilla.redhat.com/show_bug.cgi?id=1471106
  [ 2 ] Bug #1469924 - CVE-2017-7529 nginx: Integer overflow in nginx range filter module leading to memory disclosure [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1469924
--------------------------------------------------------------------------------


================================================================================
 p11-kit-0.23.8-1.fc26 (FEDORA-2017-d2b5c43e67)
 Library for loading and sharing PKCS#11 modules
--------------------------------------------------------------------------------
Update Information:

This updates p11-kit to the latest upstream release:
https://github.com/p11-glue/p11-kit/releases/tag/0.23.8
--------------------------------------------------------------------------------


================================================================================
 pesign-0.112-18.fc26 (FEDORA-2017-1f31e0c5a4)
 Signing utility for UEFI binaries
--------------------------------------------------------------------------------
Update Information:

Update to make the kernel builders work again with newer opensc (I think)
libraries.
--------------------------------------------------------------------------------


================================================================================
 php-pecl-timecop-1.2.8-1.fc26 (FEDORA-2017-e7544403ce)
 Time travel and freezing extension
--------------------------------------------------------------------------------
Update Information:

A PHP extension providing "time travel" and "time freezing" capabilities,
inspired by ruby timecop gem.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1468454 - Review Request: php-pecl-timecop - Time travel and freezing extension
        https://bugzilla.redhat.com/show_bug.cgi?id=1468454
--------------------------------------------------------------------------------


================================================================================
 pure-ftpd-1.0.46-1.fc26 (FEDORA-2017-cb3caad70b)
 Lightweight, fast and secure FTP server
--------------------------------------------------------------------------------
Update Information:

Update to the latest upstream version
--------------------------------------------------------------------------------


================================================================================
 python-setuptools-36.2.0-2.fc26 (FEDORA-2017-be5c1b152f)
 Easily build and distribute Python packages
--------------------------------------------------------------------------------
Update Information:

Revert patches enhancing setuptools install command.  ----  Fix the "urllib FTP
protocol stream injection" vulnerability
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1478976 - Option -e (--excutable) conflicts with --editable when using Paver
        https://bugzilla.redhat.com/show_bug.cgi?id=1478976
  [ 2 ] Bug #1478916 - [security] Backport ftplib.FTP.putline() fix to reject newlines
        https://bugzilla.redhat.com/show_bug.cgi?id=1478916
--------------------------------------------------------------------------------


================================================================================
 python3-3.6.2-5.fc26 (FEDORA-2017-be5c1b152f)
 Version 3 of the Python programming language aka Python 3000
--------------------------------------------------------------------------------
Update Information:

Revert patches enhancing setuptools install command.  ----  Fix the "urllib FTP
protocol stream injection" vulnerability
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1478976 - Option -e (--excutable) conflicts with --editable when using Paver
        https://bugzilla.redhat.com/show_bug.cgi?id=1478976
  [ 2 ] Bug #1478916 - [security] Backport ftplib.FTP.putline() fix to reject newlines
        https://bugzilla.redhat.com/show_bug.cgi?id=1478916
--------------------------------------------------------------------------------


================================================================================
 syncthing-0.14.36-2.fc26 (FEDORA-2017-af8b6b4204)
 Continuous File Synchronization
--------------------------------------------------------------------------------
Update Information:

Initial package for fedora.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1427634 - Review Request: syncthing - Continuous File Synchronization
        https://bugzilla.redhat.com/show_bug.cgi?id=1427634
--------------------------------------------------------------------------------


================================================================================
 tracker-1.12.2-1.fc26 (FEDORA-2017-6a821cea48)
 Desktop-neutral search tool and indexer
--------------------------------------------------------------------------------
Update Information:

tracker 1.12.2 release. For details, see https://mail.gnome.org/archives/ftp-
release-list/2017-August/msg00022.html
--------------------------------------------------------------------------------


================================================================================
 vim-8.0.946-1.fc26 (FEDORA-2017-53e5b66f7c)
 The VIM editor
--------------------------------------------------------------------------------
Update Information:

The newest upstream commit.
--------------------------------------------------------------------------------


================================================================================
 xfce4-statusnotifier-plugin-0.1.0-1.fc26 (FEDORA-2017-6ec2d397fa)
 Panel area status notifier plugin for Xfce4
--------------------------------------------------------------------------------
Update Information:

Initial xfce4-statusnotifier-plugin
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1476489 - Review Request: xfce4-statusnotifier-plugin - Panel area status notifier plugin for Xfce4
        https://bugzilla.redhat.com/show_bug.cgi?id=1476489
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux