The following Fedora 27 Security updates need testing: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-159a1060f6 lightdm-1.24.0-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a9c79eed83 libgcrypt-1.8.1-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-81cf93b7c2 rubygems-2.6.13-100.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a22a80c7e krb5-1.15.1-28.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-689e9b1af5 cyrus-imapd-3.0.4-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-45beeef896 FlightGear-2017.2.1-4.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ea4ed9e540 freexl-1.0.4-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6a10869603 file-5.31-10.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d5487d0f80 mingw-libzip-1.3.0-1.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8aad495d9b rawtherapee-5.2-2.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a5bb95b447 openjpeg2-2.2.0-3.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-25114a9d7f drupal7-views-3.18-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-34a899396f firefox-55.0.3-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2d9152a7e5 emacs-25.3-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b444c3b9c5 libwmf-0.2.8.4-53.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-60f90dbe89 LibRaw-0.18.4-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-333ea49a63 xen-4.9.0-10.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-65f6ccf760 mingw-LibRaw-0.18.4-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5128c8cfe2 libwpd-0.10.2-1.fc27 The following builds have been pushed to Fedora 27 updates-testing alembic-1.7.3-1.fc27 blender-2.79-1.fc27 boost-1.64.0-2.fc27 compiler-rt-4.0.1-5.fc27 distgen-0.15-1.fc27 dnf-2.6.3-11.fc27 eosrei-emojione-fonts-1.0-5.fc27 fedmsg-1.0.1-3.fc27 fprintd-0.8.0-1.fc27 frama-c-15.0-2.fc27 ghc-concurrent-output-1.9.2-2.fc27 ghc-rpm-macros-1.6.50-1.fc27 gluster-block-0.2.1-2.fc27 gnome-shell-extension-ibus-font-0.20170217-2.fc27 golang-github-docopt-docopt-go-0-0.8.git.854c423.fc27 golang-github-russross-blackfriday-1.5-1.fc27 groonga-7.0.6-1.fc27 haproxy-1.7.9-1.fc27 keepalived-1.3.6-1.fc27 libmediainfo-0.7.99-1.fc27 libwpd-0.10.2-1.fc27 libwpg-0.3.2-1.fc27 libzen-0.4.37-1.fc27 mate-applets-1.19.1-2.fc27 mate-sensors-applet-1.19.0-4.fc27 mediaconch-17.08-1.fc27 mediainfo-0.7.99-1.fc27 menu-cache-1.0.2-6.D20170913gitfd52af607c.fc27 meson-0.42.1-1.fc27 mingw-LibRaw-0.18.4-1.fc27 module-build-service-1.3.27-2.fc27 ocaml-result-1.2-2.fc27 openvdb-4.0.2-1.fc27 perl-Apache-Session-Browseable-1.2.6-1.fc27 perl-MCE-1.830-1.fc27 perl-MCE-Shared-1.828-1.fc27 php-symfony3-3.3.9-1.fc27 pki-console-10.4.8-3.fc27 pki-core-10.4.8-6.fc27 python-docker-2.5.1-2.fc27 rubygem-rake-12.1.0-100.fc27 scudcloud-1.63-1.fc27 webkitgtk4-2.18.0-1.fc27 wingpanel-2.0.4-1.fc27 wingpanel-indicator-network-2.1.0-1.fc27 xen-4.9.0-10.fc27 Details about builds: ================================================================================ alembic-1.7.3-1.fc27 (FEDORA-2017-00917a13b3) Open framework for storing and sharing scene data -------------------------------------------------------------------------------- Update Information: Blender 2.79 and updated dependencies. Has HiDPI support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473982 - alembic-1.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1473982 [ 2 ] Bug #1256068 - Incorrect dpi detected: blender thinks I have 72 dpi https://bugzilla.redhat.com/show_bug.cgi?id=1256068 [ 3 ] Bug #1450645 - [abrt] blender: gc_list_merge(): blender killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1450645 [ 4 ] Bug #1490876 - blender-2.79 is available https://bugzilla.redhat.com/show_bug.cgi?id=1490876 -------------------------------------------------------------------------------- ================================================================================ blender-2.79-1.fc27 (FEDORA-2017-00917a13b3) 3D modeling, animation, rendering and post-production -------------------------------------------------------------------------------- Update Information: Blender 2.79 and updated dependencies. Has HiDPI support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473982 - alembic-1.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1473982 [ 2 ] Bug #1256068 - Incorrect dpi detected: blender thinks I have 72 dpi https://bugzilla.redhat.com/show_bug.cgi?id=1256068 [ 3 ] Bug #1450645 - [abrt] blender: gc_list_merge(): blender killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1450645 [ 4 ] Bug #1490876 - blender-2.79 is available https://bugzilla.redhat.com/show_bug.cgi?id=1490876 -------------------------------------------------------------------------------- ================================================================================ boost-1.64.0-2.fc27 (FEDORA-2017-8eb1196657) The free peer-reviewed portable C++ source libraries -------------------------------------------------------------------------------- Update Information: This update fixes a compilation error when using Boost.ICL with C++17. ---- This update only changes the descriptions of the RPM packages, there are no changes to the libraries themselves. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1485641 - Boost ICL compile error with GCC and C++17 https://bugzilla.redhat.com/show_bug.cgi?id=1485641 -------------------------------------------------------------------------------- ================================================================================ compiler-rt-4.0.1-5.fc27 (FEDORA-2017-44f8591be5) LLVM "compiler-rt" runtime libraries -------------------------------------------------------------------------------- Update Information: Package libFuzzer for compiler-rt. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1449633 - Please package libFuzzer https://bugzilla.redhat.com/show_bug.cgi?id=1449633 -------------------------------------------------------------------------------- ================================================================================ distgen-0.15-1.fc27 (FEDORA-2017-a26ddfe3a0) Templating system/generator for distributions -------------------------------------------------------------------------------- Update Information: Introduce distgen package for f26 and f27. -------------------------------------------------------------------------------- ================================================================================ dnf-2.6.3-11.fc27 (FEDORA-2017-f2f4fe090e) Package manager forked from Yum, using libsolv as a dependency resolver -------------------------------------------------------------------------------- Update Information: Obey repository priority configuration again. ---- Add missing dnf-automatic services -------------------------------------------------------------------------------- References: [ 1 ] Bug #1470050 - the 'priority=' option in /etc/yum.repos.d/*.repo is not respected https://bugzilla.redhat.com/show_bug.cgi?id=1470050 [ 2 ] Bug #1489595 - dnf-automatic in 2.x is not compatible with 1.x, this is not explained in the docs anywhere, docs for new timer-based approach are unclear https://bugzilla.redhat.com/show_bug.cgi?id=1489595 -------------------------------------------------------------------------------- ================================================================================ eosrei-emojione-fonts-1.0-5.fc27 (FEDORA-2017-25da69a47f) A color emoji font -------------------------------------------------------------------------------- Update Information: This update adds a description file to be used in software installation front- ends. ---- This new package contains the Emoji One font, for use in GNOME and other desktops. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1491265 - Request to add appstream metainfo file https://bugzilla.redhat.com/show_bug.cgi?id=1491265 [ 2 ] Bug #1487123 - Review Request: eosrei-emojione-fonts - A color emoji font https://bugzilla.redhat.com/show_bug.cgi?id=1487123 -------------------------------------------------------------------------------- ================================================================================ fedmsg-1.0.1-3.fc27 (FEDORA-2017-d1c3ca3ad5) Tools for Fedora Infrastructure real-time messaging -------------------------------------------------------------------------------- Update Information: Update to latest upstream -------------------------------------------------------------------------------- ================================================================================ fprintd-0.8.0-1.fc27 (FEDORA-2017-65297dc913) D-Bus service for Fingerprint reader access -------------------------------------------------------------------------------- Update Information: This update locks the fprintd daemon down, thus reducing the reach of potential security issues. It also makes it possible to avoid waking up fingerprint readers when no fingerprints are enrolled. -------------------------------------------------------------------------------- ================================================================================ frama-c-15.0-2.fc27 (FEDORA-2017-e1f3f61ab3) Framework for source code analysis of C software -------------------------------------------------------------------------------- Update Information: See http://blog.frama-c.com/index.php?post/2017/06/13/Frama-C-15-%28Phosphorus%2 9-released%2C-and-open-source-case-studies for information on new features in this release. -------------------------------------------------------------------------------- ================================================================================ ghc-concurrent-output-1.9.2-2.fc27 (FEDORA-2017-50d50823cd) Ungarble output from several threads or commands -------------------------------------------------------------------------------- Update Information: Initial package of concurrent-output for Haskell. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1486592 - Review Request: ghc-concurrent-output - Ungarble output from several threads or commands https://bugzilla.redhat.com/show_bug.cgi?id=1486592 -------------------------------------------------------------------------------- ================================================================================ ghc-rpm-macros-1.6.50-1.fc27 (FEDORA-2017-941e0fac49) RPM macros for building Haskell packages for GHC -------------------------------------------------------------------------------- Update Information: Fix sub-packaging builds with new rpm-4.14 macro args scope -------------------------------------------------------------------------------- ================================================================================ gluster-block-0.2.1-2.fc27 (FEDORA-2017-ba009a9b52) Gluster block storage utility -------------------------------------------------------------------------------- Update Information: Introducing gluster-block - A framework for gluster block storage management -------------------------------------------------------------------------------- References: [ 1 ] Bug #1467677 - Review Request: gluster-block - A framework for gluster block storage management https://bugzilla.redhat.com/show_bug.cgi?id=1467677 -------------------------------------------------------------------------------- ================================================================================ gnome-shell-extension-ibus-font-0.20170217-2.fc27 (FEDORA-2017-ddfc7765a6) A GNOME Shell extension for ibus-setup custom font settings -------------------------------------------------------------------------------- Update Information: new package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1424963 - Review Request: gnome-shell-extension-ibus-font - use to change ibus font style. https://bugzilla.redhat.com/show_bug.cgi?id=1424963 -------------------------------------------------------------------------------- ================================================================================ golang-github-docopt-docopt-go-0-0.8.git.854c423.fc27 (FEDORA-2017-523f7d6826) Command-line interface description language in Go -------------------------------------------------------------------------------- Update Information: Build for supported go_arches only -------------------------------------------------------------------------------- ================================================================================ golang-github-russross-blackfriday-1.5-1.fc27 (FEDORA-2017-74ca3661ce) Markdown processor implemented in Go -------------------------------------------------------------------------------- Update Information: Update to v1.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222338 - Tracker for golang-github-russross-blackfriday https://bugzilla.redhat.com/show_bug.cgi?id=1222338 -------------------------------------------------------------------------------- ================================================================================ groonga-7.0.6-1.fc27 (FEDORA-2017-a87e3cf3d9) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information: http://groonga.org/ja/blog/2017/08/29/groonga-7.0.6.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1476249 - groonga-7.0.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1476249 -------------------------------------------------------------------------------- ================================================================================ haproxy-1.7.9-1.fc27 (FEDORA-2017-ba31e289a0) HAProxy reverse proxy for high availability environments -------------------------------------------------------------------------------- Update Information: Update to 1.7.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1485084 - haproxy-1.7.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1485084 -------------------------------------------------------------------------------- ================================================================================ keepalived-1.3.6-1.fc27 (FEDORA-2017-22bd95c219) High Availability monitor built upon LVS, VRRP and service pollers -------------------------------------------------------------------------------- Update Information: Update to 1.3.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1481471 - keepalived-1.3.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1481471 -------------------------------------------------------------------------------- ================================================================================ libmediainfo-0.7.99-1.fc27 (FEDORA-2017-2f238f8c02) Library for supplies technical and tag information about a video or audio file -------------------------------------------------------------------------------- Update Information: Update libzen and medianfo. -------------------------------------------------------------------------------- ================================================================================ libwpd-0.10.2-1.fc27 (FEDORA-2017-5128c8cfe2) A library for import of WordPerfect documents -------------------------------------------------------------------------------- Update Information: new upstream release ---- * heap overflow in libwpd -------------------------------------------------------------------------------- References: [ 1 ] Bug #1489337 - There is a heap overflow in libwpd. This vulnerability has been triggered in libreoffice. https://bugzilla.redhat.com/show_bug.cgi?id=1489337 -------------------------------------------------------------------------------- ================================================================================ libwpg-0.3.2-1.fc27 (FEDORA-2017-478fc8ff75) A library for import of WordPerfect Graphics images -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ================================================================================ libzen-0.4.37-1.fc27 (FEDORA-2017-2f238f8c02) Shared library for libmediainfo and medianfo* -------------------------------------------------------------------------------- Update Information: Update libzen and medianfo. -------------------------------------------------------------------------------- ================================================================================ mate-applets-1.19.1-2.fc27 (FEDORA-2017-674d903525) MATE Desktop panel applets -------------------------------------------------------------------------------- Update Information: - improvement for drivemount applet -------------------------------------------------------------------------------- ================================================================================ mate-sensors-applet-1.19.0-4.fc27 (FEDORA-2017-e48e691168) MATE panel applet for hardware sensors -------------------------------------------------------------------------------- Update Information: - fix invisible graphs -------------------------------------------------------------------------------- ================================================================================ mediaconch-17.08-1.fc27 (FEDORA-2017-f44582806c) Most relevant technical and tag data for video and audio files (CLI) -------------------------------------------------------------------------------- Update Information: Update to 17.08. -------------------------------------------------------------------------------- ================================================================================ mediainfo-0.7.99-1.fc27 (FEDORA-2017-2f238f8c02) Supplies technical and tag information about a video or audio file (CLI) -------------------------------------------------------------------------------- Update Information: Update libzen and medianfo. -------------------------------------------------------------------------------- ================================================================================ menu-cache-1.0.2-6.D20170913gitfd52af607c.fc27 (FEDORA-2017-3a66146368) Caching mechanism for freedesktop.org compliant menus -------------------------------------------------------------------------------- Update Information: Updates to the latest git. Some bug fixes are included. -------------------------------------------------------------------------------- ================================================================================ meson-0.42.1-1.fc27 (FEDORA-2017-569a08abad) High productivity build system -------------------------------------------------------------------------------- Update Information: Update to 0.42.1 -------------------------------------------------------------------------------- ================================================================================ mingw-LibRaw-0.18.4-1.fc27 (FEDORA-2017-65f6ccf760) Library for reading RAW files obtained from digital photo cameras -------------------------------------------------------------------------------- Update Information: Update to version 0.18.4, see https://github.com/LibRaw/LibRaw/blob/0.18-stable/Changelog.txt for details. ---- Update to version 0.18.3, see https://www.libraw.org/news/libraw-0-18-3 for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1488946 - CVE-2017-13735 mingw-LibRaw: libraw: Floating point exception in kodak_radc_load_raw function in internal/dcraw_common.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1488946 -------------------------------------------------------------------------------- ================================================================================ module-build-service-1.3.27-2.fc27 (FEDORA-2017-faeba0e0a1) The Module Build Service for Modularity -------------------------------------------------------------------------------- Update Information: Latest upstream. ---- Backport patches to fix skiptests behavior -------------------------------------------------------------------------------- ================================================================================ ocaml-result-1.2-2.fc27 (FEDORA-2017-cbc702fa43) Compat result type -------------------------------------------------------------------------------- Update Information: Compat result type -------------------------------------------------------------------------------- References: [ 1 ] Bug #1487877 - Review Request: ocaml-result - Compat result type https://bugzilla.redhat.com/show_bug.cgi?id=1487877 -------------------------------------------------------------------------------- ================================================================================ openvdb-4.0.2-1.fc27 (FEDORA-2017-00917a13b3) C++ library for sparse volumetric data discretized on three-dimensional grids -------------------------------------------------------------------------------- Update Information: Blender 2.79 and updated dependencies. Has HiDPI support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473982 - alembic-1.7.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1473982 [ 2 ] Bug #1256068 - Incorrect dpi detected: blender thinks I have 72 dpi https://bugzilla.redhat.com/show_bug.cgi?id=1256068 [ 3 ] Bug #1450645 - [abrt] blender: gc_list_merge(): blender killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1450645 [ 4 ] Bug #1490876 - blender-2.79 is available https://bugzilla.redhat.com/show_bug.cgi?id=1490876 -------------------------------------------------------------------------------- ================================================================================ perl-Apache-Session-Browseable-1.2.6-1.fc27 (FEDORA-2017-104d767c2c) Add index and search methods to Apache::Session -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. -------------------------------------------------------------------------------- ================================================================================ perl-MCE-1.830-1.fc27 (FEDORA-2017-258bc3f7b0) Many-core Engine for Perl providing parallel processing capabilities -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1491068 - perl-MCE-1.830 is available https://bugzilla.redhat.com/show_bug.cgi?id=1491068 -------------------------------------------------------------------------------- ================================================================================ perl-MCE-Shared-1.828-1.fc27 (FEDORA-2017-258bc3f7b0) MCE extension for sharing data, supporting threads and processes -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1491068 - perl-MCE-1.830 is available https://bugzilla.redhat.com/show_bug.cgi?id=1491068 -------------------------------------------------------------------------------- ================================================================================ php-symfony3-3.3.9-1.fc27 (FEDORA-2017-1217525cff) Symfony PHP framework (version 3) -------------------------------------------------------------------------------- Update Information: **Version 3.3.9** (2017-09-11) * bug #24141 [DomCrawler] Fix conversion to int on GetPhpFiles (MaraBlaga) * bug #23853 Filtering empty uuids in ORMQueryBuilderLoader. (mlazovla) * bug #24101 [Security] Fix exception when use_referer option is true and referer is not set or empty (linniksa) * bug #24105 [Filesystem] check permissions if dump target dir is missing (xabbuh) * bug #24126 [HttpKernel] "controller.service_arguments" services should be public (nicolas-grekas) * bug #24113 [FrameworkBundle] Get KERNEL_CLASS through $_ENV too for KernelTestCase (yceruto) * bug #24115 [FrameworkBundle] Get KERNEL_DIR through $_ENV too for KernelTestCase (yceruto) * bug #24041 [ExpressionLanguage] throws an exception on calling uncallable method (fmata) * bug #24096 Fix ArrayInput::toString() for VALUE_IS_ARRAY options/args (chalasr) * bug #24082 [DI] Minor fix in dumped code (nicolas-grekas) * bug #23969 [Cache] Use namespace versioning for backends that dont support clearing by keys (nicolas-grekas) * bug #24021 [DI] Don't track merged configs when the extension doesn't expose it (nicolas-grekas) * bug #24011 [Cache] Always require symfony/polyfill-apcu to provide APCuIterator everywhere (guillaumelecerf) * bug #23730 Fixed the escaping of back slashes and << in console output (javiereguiluz) -------------------------------------------------------------------------------- ================================================================================ pki-console-10.4.8-3.fc27 (FEDORA-2017-f8235b91e7) Certificate System - PKI Console -------------------------------------------------------------------------------- Update Information: Require "jss >= 4.4.2-5" as a build and runtime requirement -------------------------------------------------------------------------------- ================================================================================ pki-core-10.4.8-6.fc27 (FEDORA-2017-b3613f733f) Certificate System - PKI Core Components -------------------------------------------------------------------------------- Update Information: Resolves: dogtagpki Pagure Issue #2796,2788,2789,2664,2764,2772,2793 -------------------------------------------------------------------------------- ================================================================================ python-docker-2.5.1-2.fc27 (FEDORA-2017-d3f63ddfbf) A Python library for the Docker Engine API -------------------------------------------------------------------------------- Update Information: - Add patch3 to remove pip dependency - Rewrite patch2 to conditionally apply extra dependencies - Update dependencies to be RHEL-compatible - Don't provide python-docker-py - Update obsoletes to be RHEL-compatible -------------------------------------------------------------------------------- ================================================================================ rubygem-rake-12.1.0-100.fc27 (FEDORA-2017-4cddf076c4) Rake is a Make-like program implemented in Ruby -------------------------------------------------------------------------------- Update Information: New version 12.1.0 is released. -------------------------------------------------------------------------------- ================================================================================ scudcloud-1.63-1.fc27 (FEDORA-2017-2710a1dd06) Non official desktop client for Slack -------------------------------------------------------------------------------- Update Information: Update to 1.63 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1464631 - scudcloud-1.63 is available https://bugzilla.redhat.com/show_bug.cgi?id=1464631 -------------------------------------------------------------------------------- ================================================================================ webkitgtk4-2.18.0-1.fc27 (FEDORA-2017-135297f38f) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information: This update brings the following changes: * Initial WebDriver support. * New remote inspector infrastructure. * WebCrypto API support is now enabled by default. * GStreamerGL is enabled by default when building with GStreamer >= 1.10. * Kinetic scrolling support. * New API to create a WebKitContextMenuItem from a GAction. * New API to allow overriding the popup menu of select elements. -------------------------------------------------------------------------------- ================================================================================ wingpanel-2.0.4-1.fc27 (FEDORA-2017-6374278ed9) Stylish top panel -------------------------------------------------------------------------------- Update Information: Update to version 2.0.4. ---- Bump to commit 434f674, fixing running atop libmutter 3.25+. ---- Bump to git snapshot 7a1a583, fixing compilation against mutter 3.25+. -------------------------------------------------------------------------------- ================================================================================ wingpanel-indicator-network-2.1.0-1.fc27 (FEDORA-2017-085791854c) Network Indicator for wingpanel -------------------------------------------------------------------------------- Update Information: Update to version 2.1.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1490892 - wingpanel-indicator-network-2.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1490892 -------------------------------------------------------------------------------- ================================================================================ xen-4.9.0-10.fc27 (FEDORA-2017-333ea49a63) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: xen: various flaws (#1490884) Missing NUMA node parameter verification [XSA-231, CVE-2017-14316] Missing check for grant table [XSA-232, CVE-2017-14318] cxenstored: Race in domain cleanup [XSA-233, CVE-2017-14317] insufficient grant unmapping checks for x86 PV guests [XSA-234, CVE-2017-14319] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1486707 - CVE-2017-14316 xsa231 xen: Missing NUMA node parameter verification (XSA-231) https://bugzilla.redhat.com/show_bug.cgi?id=1486707 [ 2 ] Bug #1486708 - CVE-2017-14318 xsa232 xen: Missing check for grant table (XSA-232) https://bugzilla.redhat.com/show_bug.cgi?id=1486708 [ 3 ] Bug #1486709 - CVE-2017-14317 xsa233 xen: cxenstored: Race in domain cleanup (XSA-233) https://bugzilla.redhat.com/show_bug.cgi?id=1486709 [ 4 ] Bug #1486710 - CVE-2017-14319 xsa234 xen: insufficient grant unmapping checks for x86 PV guests (XSA-234) https://bugzilla.redhat.com/show_bug.cgi?id=1486710 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
