Fedora 27 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 27 Security updates need testing:
 Age  URL
  12  https://bodhi.fedoraproject.org/updates/FEDORA-2017-b444c3b9c5   libwmf-0.2.8.4-53.fc27
  10  https://bodhi.fedoraproject.org/updates/FEDORA-2017-15819d2c37   jasper-2.0.14-1.fc27
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2017-7af44272e2   ImageMagick-6.9.9.13-1.fc27 rubygem-rmagick-2.16.0-6.fc27
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-23dba9fb5d   kernel-4.13.3-300.fc27
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-d270e932a3   nagios-4.3.4-3.fc27
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-fdd3a98e8f   httpd-2.4.27-8.fc27
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-0348398d64   LibRaw-0.18.5-1.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-d3cd18fb03   mingw-LibRaw-0.18.5-1.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-109f8db088   chromium-61.0.3163.100-1.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-2d6a38c4ff   MySQL-zrm-3.0-17.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d79b43fcc   poppler-0.57.0-2.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-67ba559502   perl-5.26.1-400.fc27


The following builds have been pushed to Fedora 27 updates-testing

    LuxRender-1.6-23.fc27
    MySQL-zrm-3.0-17.fc27
    WoeUSB-2.1.3-1.fc27
    astrometry-0.72-2.fc27
    astrometry-tycho2-1.1.1-1.fc27
    chromium-61.0.3163.100-1.fc27
    dnf-2.6.3-12.fc27
    embree-2.17.0-1.fc27
    evemu-2.7.0-1.fc27
    golang-github-AudriusButkevicius-kcp-go-0-0.1.20170902.gitd17218b.fc27
    gpick-0.2.6-0.rc1.fc27
    gscan2pdf-1.8.7-1.fc27
    gtkwave-3.3.85-1.fc27
    hunspell-en-0.20140811.1-9.fc27
    i3-4.14.1-1.fc27
    lucene3-3.6.2-11.fc27
    magic-8.2.28-1.fc27
    nss-3.32.1-1.0.fc27
    perl-5.26.1-400.fc27
    perl-CPAN-Perl-Releases-3.38-1.fc27
    perl-DBD-Pg-3.7.0-1.fc27
    perl-File-Fetch-0.54-1.fc27
    perl-Module-CoreList-5.20170923-1.fc27
    perl-Safe-Isa-1.000007-1.fc27
    perl-System-Info-0.056-1.fc27
    perl-XML-LibXML-2.0129-8.fc27
    php-alcaeus-mongo-php-adapter-1.1.3-1.fc27
    php-behat-mink-1.7.1-5.fc27
    php-goutte-3.2.0-4.fc27
    php-guzzle-Guzzle-3.9.3-13.fc27
    php-jms-serializer-1.8.1-1.fc27
    php-phpunit-PHPUnit-5.7.22-1.fc27
    phpunit6-6.3.1-1.fc27
    poppler-0.57.0-2.fc27
    solr3-3.6.2-15.fc27
    stellarium-0.16.1-1.fc27
    syncthing-0.14.38-1.fc27

Details about builds:


================================================================================
 LuxRender-1.6-23.fc27 (FEDORA-2017-7bdd2e7ffb)
 Lux Renderer, an unbiased rendering system
--------------------------------------------------------------------------------
Update Information:

Rebuild from embree 2.17.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494058 - embree-2.17.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1494058
--------------------------------------------------------------------------------


================================================================================
 MySQL-zrm-3.0-17.fc27 (FEDORA-2017-2d6a38c4ff)
 MySQL backup manager
--------------------------------------------------------------------------------
Update Information:

Fix command logging
--------------------------------------------------------------------------------


================================================================================
 WoeUSB-2.1.3-1.fc27 (FEDORA-2017-69b1f9cb32)
 Windows USB installation media creator
--------------------------------------------------------------------------------
Update Information:

Initial release for F25 and F27.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494089 - Review Request: WoeUSB - Windows USB installation media creator
        https://bugzilla.redhat.com/show_bug.cgi?id=1494089
--------------------------------------------------------------------------------


================================================================================
 astrometry-0.72-2.fc27 (FEDORA-2017-37cbeee31d)
 Blind astrometric calibration of arbitrary astronomical images
--------------------------------------------------------------------------------
Update Information:

New packages for astrometry and the astrometry index files for Tycho-2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1470470 - Review Request: astrometry-tycho2 - Tycho-2 catalogue for astrometry.net
        https://bugzilla.redhat.com/show_bug.cgi?id=1470470
  [ 2 ] Bug #1470436 - Review Request: astrometry - Blind astrometric calibration of arbitrary astronomical images
        https://bugzilla.redhat.com/show_bug.cgi?id=1470436
--------------------------------------------------------------------------------


================================================================================
 astrometry-tycho2-1.1.1-1.fc27 (FEDORA-2017-37cbeee31d)
 Tycho-2 catalogue for astrometry.net
--------------------------------------------------------------------------------
Update Information:

New packages for astrometry and the astrometry index files for Tycho-2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1470470 - Review Request: astrometry-tycho2 - Tycho-2 catalogue for astrometry.net
        https://bugzilla.redhat.com/show_bug.cgi?id=1470470
  [ 2 ] Bug #1470436 - Review Request: astrometry - Blind astrometric calibration of arbitrary astronomical images
        https://bugzilla.redhat.com/show_bug.cgi?id=1470436
--------------------------------------------------------------------------------


================================================================================
 chromium-61.0.3163.100-1.fc27 (FEDORA-2017-109f8db088)
 A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:

Update to 61.0.3163.100. Security fix for CVE-2017-5111, CVE-2017-5112,
CVE-2017-5113, CVE-2017-5114, CVE-2017-5115, CVE-2017-5116, CVE-2017-5117,
CVE-2017-5118, CVE-2017-5119, CVE-2017-5120, CVE-2017-5121, CVE-2017-5122
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1488782 - CVE-2017-5120 chromium-browser: potential https downgrade during redirect navigation
        https://bugzilla.redhat.com/show_bug.cgi?id=1488782
  [ 2 ] Bug #1488781 - CVE-2017-5119 chromium-browser: use of uninitialized value in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1488781
  [ 3 ] Bug #1488779 - CVE-2017-5118 chromium-browser: bypass of content security policy in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1488779
  [ 4 ] Bug #1488778 - CVE-2017-5117 chromium-browser: use of uninitialized value in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1488778
  [ 5 ] Bug #1488777 - CVE-2017-5116 chromium-browser: type confusion in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1488777
  [ 6 ] Bug #1488776 - CVE-2017-5115 chromium-browser: type confusion in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1488776
  [ 7 ] Bug #1488775 - CVE-2017-5114 chromium-browser: memory lifecycle issue in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1488775
  [ 8 ] Bug #1488774 - CVE-2017-5113 chromium-browser: heap buffer overflow in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1488774
  [ 9 ] Bug #1488773 - CVE-2017-5112 chromium-browser: heap buffer overflow in webgl
        https://bugzilla.redhat.com/show_bug.cgi?id=1488773
  [ 10 ] Bug #1488772 - CVE-2017-5111 chromium-browser: use after free in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1488772
  [ 11 ] Bug #1494392 - CVE-2017-5122 chromium-browser: out-of-bounds access in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1494392
  [ 12 ] Bug #1494391 - CVE-2017-5121 chromium-browser: out-of-bounds access in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1494391
--------------------------------------------------------------------------------


================================================================================
 dnf-2.6.3-12.fc27 (FEDORA-2017-4cdd5194e2)
 Package manager forked from Yum, using libsolv as a dependency resolver
--------------------------------------------------------------------------------
Update Information:

** DNF **  - Add pre_configure() for commands
--------------------------------------------------------------------------------


================================================================================
 embree-2.17.0-1.fc27 (FEDORA-2017-7bdd2e7ffb)
 Collection of high-performance ray tracing kernels developed at Intel
--------------------------------------------------------------------------------
Update Information:

Rebuild from embree 2.17.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494058 - embree-2.17.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1494058
--------------------------------------------------------------------------------


================================================================================
 evemu-2.7.0-1.fc27 (FEDORA-2017-8a4705ecfc)
 Event Device Query and Emulation Program
--------------------------------------------------------------------------------
Update Information:

Evemu 2.7.0
--------------------------------------------------------------------------------


================================================================================
 golang-github-AudriusButkevicius-kcp-go-0-0.1.20170902.gitd17218b.fc27 (FEDORA-2017-a969ce651a)
 Full-featured reliable UDP communication library
--------------------------------------------------------------------------------
Update Information:

Initial package for fedora (new dependency of syncthing 0.14.38).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494869 - Review Request: golang-github-AudriusButkevicius-kcp-go - Full-featured reliable UDP communication library
        https://bugzilla.redhat.com/show_bug.cgi?id=1494869
--------------------------------------------------------------------------------


================================================================================
 gpick-0.2.6-0.rc1.fc27 (FEDORA-2017-a62a87dcb8)
 Advanced color picker
--------------------------------------------------------------------------------
Update Information:

Update to 0.2.6rc1 with GTK3 support enabled
--------------------------------------------------------------------------------


================================================================================
 gscan2pdf-1.8.7-1.fc27 (FEDORA-2017-9a17934dcb)
 GUI for producing a multipage PDF from a scan
--------------------------------------------------------------------------------
Update Information:

This releae fixes frontend selection, Poppler PostScript backend, setting a
recursion limit in Preferences, a crach in scanimage frontend, ghosting buttons
in save dialogue, and selecting range of pages. It also updates Hungarian
translation and it adds units to scan adn edit paper dialogues.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494759 - gscan2pdf-1.8.7 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1494759
--------------------------------------------------------------------------------


================================================================================
 gtkwave-3.3.85-1.fc27 (FEDORA-2017-9d94bfa292)
 Waveform Viewer
--------------------------------------------------------------------------------
Update Information:

Current upstream maintenance release.
--------------------------------------------------------------------------------


================================================================================
 hunspell-en-0.20140811.1-9.fc27 (FEDORA-2017-d4a388a428)
 English hunspell dictionaries
--------------------------------------------------------------------------------
Update Information:

- perl regex rules changed so rebuilds of hunspell-en were truncated  ----  *
Treat etc/etc. the same in en_GB/AU/... as en_US
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494698 - Hunspell spell checking is broken and highlights most words as if they are misspelled.
        https://bugzilla.redhat.com/show_bug.cgi?id=1494698
  [ 2 ] Bug #1492306 - English (Australia) marks "etc etc." as misspelled
        https://bugzilla.redhat.com/show_bug.cgi?id=1492306
--------------------------------------------------------------------------------


================================================================================
 i3-4.14.1-1.fc27 (FEDORA-2017-9b8c122baf)
 Improved tiling window manager
--------------------------------------------------------------------------------
Update Information:

Bugfix update
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1495029 - i3-4.14.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1495029
--------------------------------------------------------------------------------


================================================================================
 lucene3-3.6.2-11.fc27 (FEDORA-2017-f76e7f3f89)
 High-performance, full-featured text search engine
--------------------------------------------------------------------------------
Update Information:

Fixes a packaging problem causing failure to build from source.
--------------------------------------------------------------------------------


================================================================================
 magic-8.2.28-1.fc27 (FEDORA-2017-5e830ff674)
 A very capable VLSI layout tool
--------------------------------------------------------------------------------
Update Information:

New version 8.2.28 is released.
--------------------------------------------------------------------------------


================================================================================
 nss-3.32.1-1.0.fc27 (FEDORA-2017-96ce22f1fd)
 Network Security Services
--------------------------------------------------------------------------------
Update Information:

Updates the nss family of packages to upstream NSS 3.32.1.  Note that, only the
nss package has changed since the previous upstream release 3.32.1.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1490652 - nss-3.32.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1490652
--------------------------------------------------------------------------------


================================================================================
 perl-5.26.1-400.fc27 (FEDORA-2017-67ba559502)
 Practical Extraction and Report Language
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2017-12837 CVE-2017-12883 (see
<http://search.cpan.org/dist/perl-5.26.1/pod/perldelta.pod>)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1492091 - CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler
        https://bugzilla.redhat.com/show_bug.cgi?id=1492091
  [ 2 ] Bug #1492093 - CVE-2017-12883 perl: Buffer over-read in regular expression parser
        https://bugzilla.redhat.com/show_bug.cgi?id=1492093
--------------------------------------------------------------------------------


================================================================================
 perl-CPAN-Perl-Releases-3.38-1.fc27 (FEDORA-2017-897060f8ec)
 Mapping Perl releases on CPAN to the location of the tarballs
--------------------------------------------------------------------------------
Update Information:

Updated to the latest version
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494820 - perl-CPAN-Perl-Releases-3.38 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1494820
--------------------------------------------------------------------------------


================================================================================
 perl-DBD-Pg-3.7.0-1.fc27 (FEDORA-2017-d75d92d779)
 A PostgreSQL interface for perl
--------------------------------------------------------------------------------
Update Information:

Updated to the latest version
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1495028 - perl-DBD-Pg-3.7.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1495028
--------------------------------------------------------------------------------


================================================================================
 perl-File-Fetch-0.54-1.fc27 (FEDORA-2017-81015ac4d0)
 Generic file fetching mechanism
--------------------------------------------------------------------------------
Update Information:

This release updates tests.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1495026 - perl-File-Fetch-0.54 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1495026
--------------------------------------------------------------------------------


================================================================================
 perl-Module-CoreList-5.20170923-1.fc27 (FEDORA-2017-e1d01bc380)
 What modules are shipped with versions of perl
--------------------------------------------------------------------------------
Update Information:

This release brings data about Perl 5.26.1 and 5.24.3.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494826 - perl-Module-CoreList-5.20170923 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1494826
--------------------------------------------------------------------------------


================================================================================
 perl-Safe-Isa-1.000007-1.fc27 (FEDORA-2017-d921cb4c57)
 Call isa, can, does and DOES safely on things that may not be objects
--------------------------------------------------------------------------------
Update Information:

Current upstream maintenance release.
--------------------------------------------------------------------------------


================================================================================
 perl-System-Info-0.056-1.fc27 (FEDORA-2017-03727382be)
 Factory for system specific information objects
--------------------------------------------------------------------------------
Update Information:

Updated to the latest version
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494774 - perl-System-Info-0.056 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1494774
--------------------------------------------------------------------------------


================================================================================
 perl-XML-LibXML-2.0129-8.fc27 (FEDORA-2017-eb3fae70d6)
 Perl interface to the libxml2 library
--------------------------------------------------------------------------------
Update Information:

This release adjusts tests to libxml2-2.9.5.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1489529 - perl-XML-LibXML-2.0129-7.fc28 FTBFS: tests fail with libxml2-2.9.5
        https://bugzilla.redhat.com/show_bug.cgi?id=1489529
--------------------------------------------------------------------------------


================================================================================
 php-alcaeus-mongo-php-adapter-1.1.3-1.fc27 (FEDORA-2017-037809899f)
 Mongo PHP Adapter
--------------------------------------------------------------------------------
Update Information:

**Version 1.1.3** (2017-09-24)  All issues and pull requests under this release
may be found under the [1.1.3](https://github.com/alcaeus/mongo-php-
adapter/issues?q=milestone%3A1.1.3) milestone.   *
[#203](https://github.com/alcaeus/mongo-php-adapter/pull/203) fixes the
detection of empty keys in update queries which were sometimes not properly
handled.  * [#187](https://github.com/alcaeus/mongo-php-adapter/pull/187) forces
a  primary read preference to certain commands that need to write data.  *
[#195](https://github.com/alcaeus/mongo-php-adapter/pull/195) fixes a wrong
calculation leading to a wrong `updatedExisting` field in the result of an
`update` query.  * [#193](https://github.com/alcaeus/mongo-php-adapter/pull/193)
fixes leaking  new driver exceptions when calling `MongoClient::getHosts`.   *
[#191](https://github.com/alcaeus/mongo-php-adapter/pull/191) fixes cursor
iteration when calling `hasNext` before resetting the cursor.  *
[#189](https://github.com/alcaeus/mongo-php-adapter/pull/189) fixes type
conversion for a `query` passed to the `explain` command.   *
[#186](https://github.com/alcaeus/mongo-php-adapter/pull/186) fixes errors when
using the 1.3 version of `ext-mongodb`. It also fixes an issue where new fields
in `MongoDB::listCollections` were not properly reported.
--------------------------------------------------------------------------------


================================================================================
 php-behat-mink-1.7.1-5.fc27 (FEDORA-2017-4e43ace41a)
 Browser controller/emulator abstraction for PHP
--------------------------------------------------------------------------------
Update Information:

RPM only releases  - Add max versions to BuildRequires - Allow Symfony 3 -
Modify tests
--------------------------------------------------------------------------------


================================================================================
 php-goutte-3.2.0-4.fc27 (FEDORA-2017-4e43ace41a)
 A simple PHP web scraper
--------------------------------------------------------------------------------
Update Information:

RPM only releases  - Add max versions to BuildRequires - Allow Symfony 3 -
Modify tests
--------------------------------------------------------------------------------


================================================================================
 php-guzzle-Guzzle-3.9.3-13.fc27 (FEDORA-2017-4e43ace41a)
 PHP HTTP client library and framework for building RESTful web service clients
--------------------------------------------------------------------------------
Update Information:

RPM only releases  - Add max versions to BuildRequires - Allow Symfony 3 -
Modify tests
--------------------------------------------------------------------------------


================================================================================
 php-jms-serializer-1.8.1-1.fc27 (FEDORA-2017-6aea60dd2a)
 Library for (de-)serializing data of any complexity
--------------------------------------------------------------------------------
Update Information:

This library allows you to (de-)serialize data of any complexity. Currently, it
supports XML, JSON, and YAML.  It also provides you with a rich tool-set to
adapt the output to your specific needs.  Built-in features include:  *
(De-)serialize data of any complexity; circular references are handled
gracefully. * Supports many built-in PHP types (such as dates) * Integrates with
Doctrine ORM, et. al. * Supports versioning, e.g. for APIs * Configurable via
PHP, XML, YAML, or Doctrine Annotations  Autoloader:
`/usr/share/php/JMS/Serializer/autoload.php`
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1470358 - Review Request: php-jms-serializer - Library for (de-)serializing data of any complexity
        https://bugzilla.redhat.com/show_bug.cgi?id=1470358
--------------------------------------------------------------------------------


================================================================================
 php-phpunit-PHPUnit-5.7.22-1.fc27 (FEDORA-2017-a8782452d7)
 The PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:

**Version 5.7.22** - 2017-09-24   * Fixed
[#2769](https://github.com/sebastianbergmann/phpunit/issues/2769): Usage of
`setUseErrorHandler()` produces `Undefined variable` error
--------------------------------------------------------------------------------


================================================================================
 phpunit6-6.3.1-1.fc27 (FEDORA-2017-fdbb6189cb)
 The PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:

**Version 6.3.1** - 2017-09-24  * Fixed
[#2769](https://github.com/sebastianbergmann/phpunit/issues/2769): Usage of
`setUseErrorHandler()` produces `Undefined variable` error
--------------------------------------------------------------------------------


================================================================================
 poppler-0.57.0-2.fc27 (FEDORA-2017-5d79b43fcc)
 PDF rendering library
--------------------------------------------------------------------------------
Update Information:

- CVE-2017-14520  Floating point exception in Splash::scaleImageYuXd
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494583 - CVE-2017-14520 poppler: Floating point exception in Splash::scaleImageYuXd() function in Splash.cc [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1494583
--------------------------------------------------------------------------------


================================================================================
 solr3-3.6.2-15.fc27 (FEDORA-2017-f76e7f3f89)
 Apache Solr
--------------------------------------------------------------------------------
Update Information:

Fixes a packaging problem causing failure to build from source.
--------------------------------------------------------------------------------


================================================================================
 stellarium-0.16.1-1.fc27 (FEDORA-2017-63577628a7)
 Photo-realistic nightsky renderer
--------------------------------------------------------------------------------
Update Information:

0.16.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1494772 - stellarium-0.16.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1494772
--------------------------------------------------------------------------------


================================================================================
 syncthing-0.14.38-1.fc27 (FEDORA-2017-a390fc7eb3)
 Continuous File Synchronization
--------------------------------------------------------------------------------
Update Information:

Update to version 0.14.38.
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux