Fedora 26 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 26 Security updates need testing:
 Age  URL
 150  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01   python-XStatic-jquery-ui-1.12.0.1-2.fc26
  89  https://bodhi.fedoraproject.org/updates/FEDORA-2017-2522df3526   nodejs-brace-expansion-1.1.7-1.fc26
  52  https://bodhi.fedoraproject.org/updates/FEDORA-2017-690a2548ba   openvswitch-2.7.1-2.fc26
  43  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1c053de325   memcached-1.4.39-1.fc26
  39  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7   docker-distribution-2.6.2-1.git48294d9.fc26
  21  https://bodhi.fedoraproject.org/updates/FEDORA-2017-d4248ba346   botan-1.10.16-1.fc26
  12  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab0def38cd   tomcat-8.0.46-1.fc26
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2017-0fbd57c134   drupal8-8.3.7-1.fc26
   9  https://bodhi.fedoraproject.org/updates/FEDORA-2017-3ae21f2324   copr-dist-git-0.36-1.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f27031c8f   ImageMagick-6.9.9.9-1.fc26 WindowMaker-0.95.8-3.fc26 autotrace-0.31.1-49.fc26 converseen-0.9.6.2-3.fc26 dmtx-utils-0.7.4-4.fc26 drawtiming-0.7.1-22.fc26 emacs-25.2-5.fc26 gtatool-2.2.0-6.fc26 imageinfo-0.05-27.fc26 inkscape-0.92.1-4.20170510bzr15686.fc26.1 k3d-0.8.0.6-8.fc26 kxstitch-1.2.0-9.fc26 perl-Image-SubImageFind-0.03-13.fc26 pfstools-2.0.6-3.fc26 php-pecl-imagick-3.4.3-2.fc26 psiconv-0.9.8-22.fc26 q-7.11-29.fc26 ripright-0.11-5.fc26 rss-glx-0.9.1.p-29.fc26.1 rubygem-rmagick-2.16.0-4.fc26.2 synfig-1.2.0-9.fc26.1 synfigstudio-1.2.0-5.fc26 techne-0.2.3-20.fc26 vdr-scraper2vdr-1.0.5-4.20170611git254122b.fc26 vips-8.5.7-2.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe4f93fde4   mingw-libidn2-2.0.4-1.fc26
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-43390e73b1   mingw-openjpeg2-2.2.0-3.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-77e8bc720a   mimedefang-2.81-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-840db88351   libzip-1.3.0-1.fc26


The following Fedora 26 Critical Path updates have yet to be approved:
 Age URL
  12  https://bodhi.fedoraproject.org/updates/FEDORA-2017-68611800c4   gnutls-3.5.15-1.fc26
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2017-24dcbfa22d   pungi-4.1.17-4.fc26
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f27031c8f   ImageMagick-6.9.9.9-1.fc26 WindowMaker-0.95.8-3.fc26 autotrace-0.31.1-49.fc26 converseen-0.9.6.2-3.fc26 dmtx-utils-0.7.4-4.fc26 drawtiming-0.7.1-22.fc26 emacs-25.2-5.fc26 gtatool-2.2.0-6.fc26 imageinfo-0.05-27.fc26 inkscape-0.92.1-4.20170510bzr15686.fc26.1 k3d-0.8.0.6-8.fc26 kxstitch-1.2.0-9.fc26 perl-Image-SubImageFind-0.03-13.fc26 pfstools-2.0.6-3.fc26 php-pecl-imagick-3.4.3-2.fc26 psiconv-0.9.8-22.fc26 q-7.11-29.fc26 ripright-0.11-5.fc26 rss-glx-0.9.1.p-29.fc26.1 rubygem-rmagick-2.16.0-4.fc26.2 synfig-1.2.0-9.fc26.1 synfigstudio-1.2.0-5.fc26 techne-0.2.3-20.fc26 vdr-scraper2vdr-1.0.5-4.20170611git254122b.fc26 vips-8.5.7-2.fc26
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-7b16c0f8fa   sssd-1.15.3-3.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-461b3336ee   hwdata-0.304-1.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f68f150f6   abrt-2.10.3-2.fc26 libreport-2.9.1-3.fc26
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-69dda8a5eb   publicsuffix-list-20170828-1.fc26


The following builds have been pushed to Fedora 26 updates-testing

    abrt-2.10.3-2.fc26
    abrt-java-connector-1.1.0-11.fc26
    clustershell-1.7.81-4.fc26
    golang-github-calmh-luhn-1.1.0-1.fc26
    hwdata-0.304-1.fc26
    icoutils-0.32.0-1.fc26
    libreport-2.9.1-3.fc26
    libzip-1.3.0-1.fc26
    libzypp-16.15.6-1.fc26
    mimedefang-2.81-1.fc26
    mutt-1.9.0-1.fc26
    nemo-extensions-3.4.0-9.fc26
    perl-Date-Manip-6.60-1.fc26
    perl-Net-GitHub-0.90-1.fc26
    perl-Net-HTTP-6.17-1.fc26
    php-nikic-php-parser3-3.1.1-1.fc26
    php-pear-crypt-gpg-1.6.2-1.fc26
    php-phpspec-prophecy-1.7.1-1.fc26
    postgresql-9.6.5-1.fc26
    publicsuffix-list-20170828-1.fc26
    python-mysql-1.3.12-1.fc26
    setools-4.1.0-4.fc26
    spatialite-tools-4.3.0-25.fc26
    streameye-0.8-3.fc26
    votca-csg-1.4.1-1.fc26
    votca-tools-1.4.1-1.fc26
    votca-xtp-1.4.1-1.fc26
    zeal-0.4.0-1.fc26
    zypper-1.13.32-1.fc26

Details about builds:


================================================================================
 abrt-2.10.3-2.fc26 (FEDORA-2017-3f68f150f6)
 Automatic bug detection and reporting tool
--------------------------------------------------------------------------------
Update Information:

#abrt fixes     - logging: rename log() to log_warning()     - Translation-
updates     - cli,dbus: Allow polkit to be optional at build time     - a-d
-journal-core: fix bad condition in creating reason msg     - a-d-journal-core:
use pid of crashed process in dumpdir name     Resolves: #1481205  #libreport
fixes     - logging: rename log() to log_warning()     - reporter-mantisbt: Fix
typo in help     - bugzilla: add check if option -d was entered     - dd: extend
create_dump_dir to allow set pid in dumpdir name     - lib: fix to ensure order
of login credentials when reporting using abrt-cli      - configure.ac: update
glib min. version dependency     - lib: fix newline issue with ask_password
Resolves: #1445669, #1481205
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1445669 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1445669
  [ 2 ] Bug #1481205 - libreport: Do not redefine log
        https://bugzilla.redhat.com/show_bug.cgi?id=1481205
--------------------------------------------------------------------------------


================================================================================
 abrt-java-connector-1.1.0-11.fc26 (FEDORA-2017-ac505336aa)
 JNI Agent library converting Java exceptions to ABRT problems
--------------------------------------------------------------------------------
Update Information:

- Rename log() to log_warning() - update test outputs
--------------------------------------------------------------------------------


================================================================================
 clustershell-1.7.81-4.fc26 (FEDORA-2017-1d5e87ccb9)
 Python framework for efficient cluster administration
--------------------------------------------------------------------------------
Update Information:

ClusterShell 1.8 beta1 targeted for updates-testing only. Release #4 removes the
vim-clustershell subpackage as it was confusing for the users.  VIM extensions
are just provided by the main clustershell subpackage, which now requires vim-
filesystem instead of vim-common if available (only not on el6).  ----
ClusterShell 1.8 beta1 targeted for updates-testing only.
--------------------------------------------------------------------------------


================================================================================
 golang-github-calmh-luhn-1.1.0-1.fc26 (FEDORA-2017-66ca3939b4)
 Luhn-mod-N implementation in Go
--------------------------------------------------------------------------------
Update Information:

Update to version 1.1.0.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487927 - golang-github-calmh-luhn-v1.1.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1487927
--------------------------------------------------------------------------------


================================================================================
 hwdata-0.304-1.fc26 (FEDORA-2017-461b3336ee)
 Hardware identification and configuration data
--------------------------------------------------------------------------------
Update Information:

Updated pci, usb and vendor ids.
--------------------------------------------------------------------------------


================================================================================
 icoutils-0.32.0-1.fc26 (FEDORA-2017-f4ac339174)
 Utility for extracting and converting Microsoft icon and cursor files
--------------------------------------------------------------------------------
Update Information:

Changes in version 0.32:  * Fixed invalid memory allocation in icotool with
malformed input. * Fixed infinite recursion in wrestool with malformed input. *
Added ability to specify minimum bit depth per image. * Added ability to specify
cursor hotspot per image.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487838 - icoutils-0.32.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1487838
--------------------------------------------------------------------------------


================================================================================
 libreport-2.9.1-3.fc26 (FEDORA-2017-3f68f150f6)
 Generic library for reporting various problems
--------------------------------------------------------------------------------
Update Information:

#abrt fixes     - logging: rename log() to log_warning()     - Translation-
updates     - cli,dbus: Allow polkit to be optional at build time     - a-d
-journal-core: fix bad condition in creating reason msg     - a-d-journal-core:
use pid of crashed process in dumpdir name     Resolves: #1481205  #libreport
fixes     - logging: rename log() to log_warning()     - reporter-mantisbt: Fix
typo in help     - bugzilla: add check if option -d was entered     - dd: extend
create_dump_dir to allow set pid in dumpdir name     - lib: fix to ensure order
of login credentials when reporting using abrt-cli      - configure.ac: update
glib min. version dependency     - lib: fix newline issue with ask_password
Resolves: #1445669, #1481205
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1445669 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1445669
  [ 2 ] Bug #1481205 - libreport: Do not redefine log
        https://bugzilla.redhat.com/show_bug.cgi?id=1481205
--------------------------------------------------------------------------------


================================================================================
 libzip-1.3.0-1.fc26 (FEDORA-2017-840db88351)
 C library for reading, creating, and modifying zip archives
--------------------------------------------------------------------------------
Update Information:

**Version 1.3.0**    It contains fixes for two possible security problems. The
problems were identified by Brian 'geeknik' Carpenter and Agostino Sarubbo using
AFL.    The changes are:  * Support bzip2 compressed zip archives * Improve file
progress callback code * Fix zip_fdopen() * CVE-2017-12858: Fix double free(). *
CVE-2017-14107: Improve EOCD64 parsing.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1484515 - CVE-2017-12858 libzip: Double free in _zip_dirent_read function in zip_dirent.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1484515
--------------------------------------------------------------------------------


================================================================================
 libzypp-16.15.6-1.fc26 (FEDORA-2017-fb7f2b9c19)
 A package management library
--------------------------------------------------------------------------------
Update Information:

Update to Zypper 1.13.32.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1485336 - zypper-1.13.32 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1485336
  [ 2 ] Bug #1485326 - libzypp-16.15.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1485326
--------------------------------------------------------------------------------


================================================================================
 mimedefang-2.81-1.fc26 (FEDORA-2017-77e8bc720a)
 E-Mail filtering framework using Sendmail's Milter interface
--------------------------------------------------------------------------------
Update Information:

MIMEDefang 2.81 ===============    * Don't barf if the installed version of
Sys::Syslog has a developer tag added (like 0.33_01 on Debian Stretch).   * Make
mimedefang and mimedefang-multiplexor write their PID files as root to avoid an
unprivileged user tampering with the pidfiles. Thanks to Michael Orlitzky for
pointing this issue out.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487543 - CVE-2017-14102 mimedefang: Privilege escalation via PID file manipulation
        https://bugzilla.redhat.com/show_bug.cgi?id=1487543
--------------------------------------------------------------------------------


================================================================================
 mutt-1.9.0-1.fc26 (FEDORA-2017-a0ba8fbe66)
 A text mode mail user agent
--------------------------------------------------------------------------------
Update Information:

update
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487880 - mutt-1.9.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1487880
--------------------------------------------------------------------------------


================================================================================
 nemo-extensions-3.4.0-9.fc26 (FEDORA-2017-a97c8bb896)
 Extensions for Nemo
--------------------------------------------------------------------------------
Update Information:

* Some upstream fixes
--------------------------------------------------------------------------------


================================================================================
 perl-Date-Manip-6.60-1.fc26 (FEDORA-2017-71d17ca51b)
 Date manipulation routines
--------------------------------------------------------------------------------
Update Information:

Rebase to upstream release 6.60.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487801 - perl-Date-Manip-6.60 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1487801
--------------------------------------------------------------------------------


================================================================================
 perl-Net-GitHub-0.90-1.fc26 (FEDORA-2017-6897902794)
 Perl interface for github.com
--------------------------------------------------------------------------------
Update Information:

Rebase to upstream release 0.90.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1484857 - perl-Net-GitHub-0.90 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1484857
--------------------------------------------------------------------------------


================================================================================
 perl-Net-HTTP-6.17-1.fc26 (FEDORA-2017-6f187ccc78)
 Low-level HTTP connection (client)
--------------------------------------------------------------------------------
Update Information:

This release corrects tests. We deliver it pro provide up-to-date version
string.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487808 - perl-Net-HTTP-6.17 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1487808
--------------------------------------------------------------------------------


================================================================================
 php-nikic-php-parser3-3.1.1-1.fc26 (FEDORA-2017-cdac30fb57)
 A PHP parser written in PHP
--------------------------------------------------------------------------------
Update Information:

**Version 3.1.1** (2017-09-02)  * Fixed syntax error on comment after brace-
style namespace declaration. (#412) * Added support for TraitUse statements in
trait builder. (#413)
--------------------------------------------------------------------------------


================================================================================
 php-pear-crypt-gpg-1.6.2-1.fc26 (FEDORA-2017-243ef31549)
 GNU Privacy Guard (GnuPG)
--------------------------------------------------------------------------------
Update Information:

**Version 1.6.2**  * Added options to configure digest/cipher algorithms.  ----
**Version 1.6.1**  * Fix Bug pear#21237: Use --skip-verify in decrypt() method *
Update list of hash algorithm names * Add option to ignore signature
verification errors on decrypt.
--------------------------------------------------------------------------------


================================================================================
 php-phpspec-prophecy-1.7.1-1.fc26 (FEDORA-2017-8daad7634e)
 Highly opinionated mocking framework for PHP
--------------------------------------------------------------------------------
Update Information:

**Version 1.7.1** / 2017-10-03  * Allow PHP5 keywords methods generation on PHP7
(thanks bycosta) * Allow reflection-docblock v4 (thanks GrahamCampbell) * Check
method predictions only once (thanks dontub) * Escape file path sent to
\SplFileObjectConstructor when running on Windows (thanks danmartin-epiphany)
--------------------------------------------------------------------------------


================================================================================
 postgresql-9.6.5-1.fc26 (FEDORA-2017-eb4760782e)
 PostgreSQL client programs
--------------------------------------------------------------------------------
Update Information:

update to 9.6.5 per release notes
https://www.postgresql.org/docs/9.6/static/release-9-6-5.html
--------------------------------------------------------------------------------


================================================================================
 publicsuffix-list-20170828-1.fc26 (FEDORA-2017-69dda8a5eb)
 Cross-vendor public domain suffix database
--------------------------------------------------------------------------------
Update Information:

Recent revision - 20170828
--------------------------------------------------------------------------------


================================================================================
 python-mysql-1.3.12-1.fc26 (FEDORA-2017-9b948d6e91)
 An interface to MySQL
--------------------------------------------------------------------------------
Update Information:

Update to 1.3.12
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1472985 - python-mysql lacks the mysql_real_escape_string_quote symbol
        https://bugzilla.redhat.com/show_bug.cgi?id=1472985
--------------------------------------------------------------------------------


================================================================================
 setools-4.1.0-4.fc26 (FEDORA-2017-5869cf6a4f)
 Policy analysis tools for SELinux
--------------------------------------------------------------------------------
Update Information:

This update fixes qpol python bindings on big-endian systems
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1484039 - sealert -l ... complains about undefined symbol bswap_32 in _qpol.cpython
        https://bugzilla.redhat.com/show_bug.cgi?id=1484039
--------------------------------------------------------------------------------


================================================================================
 spatialite-tools-4.3.0-25.fc26 (FEDORA-2017-30d70175d7)
 A set of useful CLI tools for SpatiaLite
--------------------------------------------------------------------------------
Update Information:

 Rebuild for sqlite 3.20.1
--------------------------------------------------------------------------------


================================================================================
 streameye-0.8-3.fc26 (FEDORA-2017-2919664de4)
 Simple MJPEG streamer for Linux
--------------------------------------------------------------------------------
Update Information:

**New package:** Simple MJPEG streamer for Linux. It acts as an HTTP server and
is capable of serving multiple simultaneous clients.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1445923 - Review Request: streameye - Simple MJPEG streamer for Linux
        https://bugzilla.redhat.com/show_bug.cgi?id=1445923
--------------------------------------------------------------------------------


================================================================================
 votca-csg-1.4.1-1.fc26 (FEDORA-2017-172ccc5dee)
 VOTCA coarse-graining engine
--------------------------------------------------------------------------------
Update Information:

Bump Votca packages to 1.4.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487881 - votca-xtp-1.4.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1487881
--------------------------------------------------------------------------------


================================================================================
 votca-tools-1.4.1-1.fc26 (FEDORA-2017-172ccc5dee)
 VOTCA tools library
--------------------------------------------------------------------------------
Update Information:

Bump Votca packages to 1.4.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487881 - votca-xtp-1.4.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1487881
--------------------------------------------------------------------------------


================================================================================
 votca-xtp-1.4.1-1.fc26 (FEDORA-2017-172ccc5dee)
 VOTCA excitation and charge properties module
--------------------------------------------------------------------------------
Update Information:

Bump Votca packages to 1.4.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487881 - votca-xtp-1.4.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1487881
--------------------------------------------------------------------------------


================================================================================
 zeal-0.4.0-1.fc26 (FEDORA-2017-e55c5790c9)
 Offline documentation browser inspired by Dash
--------------------------------------------------------------------------------
Update Information:

## New upstream release  ### New Features:  -  Added optional fuzzy search.
(#100). - Added support for user-defined styles via custom CSS file. (#268) -
Added support for a basic dark theme (webview only). (#466) -  Added support for
high resolution displays. (#111) - Switched to the CMake build system, support
for qmake will be dropped shortly. - The minimally required Qt version bumped to
5.5.1. - As the result of above, libappindicator support relies on the built-in
Qt implementation. - Dropped support for Qt WebEngine. -  Removed dependency on
Qt Sql by using SQLite directly.  ### Improvements:  - New tabs now have the
search box automatically focused. (#725) - Added a Retry button to the error box
appearing on docset list download failure. (#566) - Updated welcome page style
(includes a Carbon ad banner, which can be disabled in the settings).  ### Fixed
Issues:  - Fixed search for one-character terms. (#698) - Multiple fixes in the
search algorithm. (#603, #650, #677) - Fixed navigation in some docsets. (#641)
- Fixed portable version not saving docset storage path. (609) - Many rendering
and stability issues fixed by switching to the new Qt WebKit. (#359, #723)  ###
Known Issues:  -  Web pages using Fira Sans (e.g., PHP docset) font are rendered
in italic. This is an upstream bug with Qt WebKit (#658)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1487883 - zeal-0.4.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1487883
--------------------------------------------------------------------------------


================================================================================
 zypper-1.13.32-1.fc26 (FEDORA-2017-fb7f2b9c19)
 Command line package manager using libzypp
--------------------------------------------------------------------------------
Update Information:

Update to Zypper 1.13.32.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1485336 - zypper-1.13.32 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1485336
  [ 2 ] Bug #1485326 - libzypp-16.15.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1485326
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux