The following Fedora 27 Security updates need testing: Age URL 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b444c3b9c5 libwmf-0.2.8.4-53.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d270e932a3 nagios-4.3.4-3.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d3cd18fb03 mingw-LibRaw-0.18.5-1.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-109f8db088 chromium-61.0.3163.100-1.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2d6a38c4ff MySQL-zrm-3.0-17.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7ae07e9f1f perl-5.26.1-401.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-274d763ed8 dnsmasq-2.77-7.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-655f0d38c3 git-2.14.2-2.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4166994614 ruby-2.4.2-84.fc27 The following builds have been pushed to Fedora 27 updates-testing NetworkManager-openvpn-1.8.0-3.fc27 anaconda-27.20.1-6.fc27 darcs-2.12.5-9.fc27 dnf-plugin-spacewalk-2.7.9-1.fc27 flatpak-0.9.98.2-1.fc27 flatpak-builder-0.9.98-1.fc27 freeipa-4.6.1-1.fc27 ghc-crypto-cipher-types-0.0.9-13.fc27 ghc-cryptohash-0.11.9-5.fc27 ghc-cryptonite-0.24-2.fc27 ghc-file-embed-0.0.10-5.fc27 ghc-hakyll-4.9.7.0-4.fc27 ghc-securemem-0.1.9-4.fc27 git-2.14.2-2.fc27 globus-ftp-control-8.1-1.fc27 globus-gass-copy-9.28-1.fc27 globus-gridftp-server-12.3-1.fc27 globus-gssapi-gsi-13.1-1.fc27 golang-github-dchest-siphash-1.0.0-1.20160831git4ebf1de.fc27 golang-github-gorilla-mux-0-0.26.gitbcd8bc7.fc27 hledger-1.2-5.fc27 mirrormanager2-0.8.3-1.fc27 mock-core-configs-27.3-1.fc27 nfs-ganesha-2.5.2-6.fc27 perl-PAR-Packer-1.037-8.fc27 php-7.1.10-1.fc27 php-pecl-redis-3.1.4-1.fc27 python-autobahn-17.9.3-1.gitd398c4d.fc27 python-paramiko-2.3.1-2.fc27 python-pytools-2017.6-1.fc27 python-toml-0.9.3-1.fc27 python3-pytest-asyncio-0.8.0-1.git18535c3.fc27 qt5-qtbase-5.9.1-7.fc27 redis-3.2.11-1.fc27 ruby-2.4.2-84.fc27 slingshot-launcher-2.2.0-1.fc27 systemd-234-8.fc27 translate-toolkit-2.2.5-1.fc27 webkit2-sharp-0-0.3.20170219gita59fd76.fc27 Details about builds: ================================================================================ NetworkManager-openvpn-1.8.0-3.fc27 (FEDORA-2017-46106470aa) NetworkManager VPN plugin for OpenVPN -------------------------------------------------------------------------------- Update Information: Update to 1.8.0 release - properties: fix handling user-ca in GUI - properties: fix validation of static-key in GUI (bgo#788226) -------------------------------------------------------------------------------- ================================================================================ anaconda-27.20.1-6.fc27 (FEDORA-2017-a8adecb3c5) Graphical system installer -------------------------------------------------------------------------------- Update Information: Use name instead of index in TUI env selection (#1495204) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1495204 - TypeError: list indices must be integers or slices, not str https://bugzilla.redhat.com/show_bug.cgi?id=1495204 -------------------------------------------------------------------------------- ================================================================================ darcs-2.12.5-9.fc27 (FEDORA-2017-36682cafae) Distributed Advanced Revision Control System -------------------------------------------------------------------------------- Update Information: Rebuilds for dependency package changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1426896 - Review Request: ghc-file-embed - Use Template Haskell to embed file contents directly https://bugzilla.redhat.com/show_bug.cgi?id=1426896 -------------------------------------------------------------------------------- ================================================================================ dnf-plugin-spacewalk-2.7.9-1.fc27 (FEDORA-2017-820746c48d) DNF plugin for Spacewalk -------------------------------------------------------------------------------- Update Information: An update to the latest released Spacewalk 2.7 version. -------------------------------------------------------------------------------- ================================================================================ flatpak-0.9.98.2-1.fc27 (FEDORA-2017-646d5dfc5d) Application deployment framework for desktop apps -------------------------------------------------------------------------------- Update Information: flatpak and flatpak-builder 0.9.98 releases. For details, see https://github.com/flatpak/flatpak/releases/tag/0.9.98 and https://github.com/flatpak/flatpak-builder/releases/tag/0.9.98 -------------------------------------------------------------------------------- ================================================================================ flatpak-builder-0.9.98-1.fc27 (FEDORA-2017-646d5dfc5d) Tool to build flatpaks from source -------------------------------------------------------------------------------- Update Information: flatpak and flatpak-builder 0.9.98 releases. For details, see https://github.com/flatpak/flatpak/releases/tag/0.9.98 and https://github.com/flatpak/flatpak-builder/releases/tag/0.9.98 -------------------------------------------------------------------------------- ================================================================================ freeipa-4.6.1-1.fc27 (FEDORA-2017-7806cebb23) The Identity, Policy and Audit system -------------------------------------------------------------------------------- Update Information: For freeIPA: Firefox reports insecure TLS configuration when visiting FreeIPA web UI after standard server deployment Full release notes are available at http://www.freeipa.org/page/Releases/4.6.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1491053 - Firefox reports insecure TLS configuration when visiting FreeIPA web UI after standard server deployment https://bugzilla.redhat.com/show_bug.cgi?id=1491053 -------------------------------------------------------------------------------- ================================================================================ ghc-crypto-cipher-types-0.0.9-13.fc27 (FEDORA-2017-36682cafae) Generic cryptography cipher types -------------------------------------------------------------------------------- Update Information: Rebuilds for dependency package changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1426896 - Review Request: ghc-file-embed - Use Template Haskell to embed file contents directly https://bugzilla.redhat.com/show_bug.cgi?id=1426896 -------------------------------------------------------------------------------- ================================================================================ ghc-cryptohash-0.11.9-5.fc27 (FEDORA-2017-36682cafae) Collection of crypto hashes, fast, pure and practical -------------------------------------------------------------------------------- Update Information: Rebuilds for dependency package changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1426896 - Review Request: ghc-file-embed - Use Template Haskell to embed file contents directly https://bugzilla.redhat.com/show_bug.cgi?id=1426896 -------------------------------------------------------------------------------- ================================================================================ ghc-cryptonite-0.24-2.fc27 (FEDORA-2017-36682cafae) Cryptography Primitives sink -------------------------------------------------------------------------------- Update Information: Rebuilds for dependency package changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1426896 - Review Request: ghc-file-embed - Use Template Haskell to embed file contents directly https://bugzilla.redhat.com/show_bug.cgi?id=1426896 -------------------------------------------------------------------------------- ================================================================================ ghc-file-embed-0.0.10-5.fc27 (FEDORA-2017-36682cafae) Use Template Haskell to embed file contents directly -------------------------------------------------------------------------------- Update Information: Rebuilds for dependency package changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1426896 - Review Request: ghc-file-embed - Use Template Haskell to embed file contents directly https://bugzilla.redhat.com/show_bug.cgi?id=1426896 -------------------------------------------------------------------------------- ================================================================================ ghc-hakyll-4.9.7.0-4.fc27 (FEDORA-2017-36682cafae) A static website compiler library -------------------------------------------------------------------------------- Update Information: Rebuilds for dependency package changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1426896 - Review Request: ghc-file-embed - Use Template Haskell to embed file contents directly https://bugzilla.redhat.com/show_bug.cgi?id=1426896 -------------------------------------------------------------------------------- ================================================================================ ghc-securemem-0.1.9-4.fc27 (FEDORA-2017-36682cafae) Auto-scrubbing bytestring memory chunks -------------------------------------------------------------------------------- Update Information: Rebuilds for dependency package changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1426896 - Review Request: ghc-file-embed - Use Template Haskell to embed file contents directly https://bugzilla.redhat.com/show_bug.cgi?id=1426896 -------------------------------------------------------------------------------- ================================================================================ git-2.14.2-2.fc27 (FEDORA-2017-655f0d38c3) Fast Version Control System -------------------------------------------------------------------------------- Update Information: These releases are about hardening `git shell` that is used on servers against an unsafe user input, which `git cvsserver` copes with poorly. From the release notes: * "git cvsserver" no longer is invoked by "git shell" by default, as it is old and largely unmaintained. * Various Perl scripts did not use safe_pipe_capture() instead of backticks, leaving them susceptible to end-user input. They have been corrected. Credits go to joernchen <joernchen@xxxxxxxxxxxx> for finding the unsafe constructs in "git cvsserver", and to Jeff King at GitHub for finding and fixing instances of the same issue in other scripts. References: <http://seclists.org/oss- sec/2017/q3/534> <https://public- inbox.org/git/xmqqy3p29ekj.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxxx/> -------------------------------------------------------------------------------- ================================================================================ globus-ftp-control-8.1-1.fc27 (FEDORA-2017-7ab72d2920) Globus Toolkit - GridFTP Control Library -------------------------------------------------------------------------------- Update Information: Globus Toolkit update. * globus-ftp-control 8.1 * globus-gass-copy 9.28 * globus-gridftp-server 12.3 * globus-gssapi-gsi 13.1 -------------------------------------------------------------------------------- ================================================================================ globus-gass-copy-9.28-1.fc27 (FEDORA-2017-7ab72d2920) Globus Toolkit - Globus Gass Copy -------------------------------------------------------------------------------- Update Information: Globus Toolkit update. * globus-ftp-control 8.1 * globus-gass-copy 9.28 * globus-gridftp-server 12.3 * globus-gssapi-gsi 13.1 -------------------------------------------------------------------------------- ================================================================================ globus-gridftp-server-12.3-1.fc27 (FEDORA-2017-7ab72d2920) Globus Toolkit - Globus GridFTP Server -------------------------------------------------------------------------------- Update Information: Globus Toolkit update. * globus-ftp-control 8.1 * globus-gass-copy 9.28 * globus-gridftp-server 12.3 * globus-gssapi-gsi 13.1 -------------------------------------------------------------------------------- ================================================================================ globus-gssapi-gsi-13.1-1.fc27 (FEDORA-2017-7ab72d2920) Globus Toolkit - GSSAPI library -------------------------------------------------------------------------------- Update Information: Globus Toolkit update. * globus-ftp-control 8.1 * globus-gass-copy 9.28 * globus-gridftp-server 12.3 * globus-gssapi-gsi 13.1 -------------------------------------------------------------------------------- ================================================================================ golang-github-dchest-siphash-1.0.0-1.20160831git4ebf1de.fc27 (FEDORA-2017-f88cf5029e) Go implementation of SipHash-2-4, a fast short-input PRF -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- ================================================================================ golang-github-gorilla-mux-0-0.26.gitbcd8bc7.fc27 (FEDORA-2017-a47d4c66b2) A powerful URL router and dispatcher for golang -------------------------------------------------------------------------------- Update Information: Bump to upstream bcd8bc72b08df0f70df986b97f95590779502d31 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249384 - Tracker for golang-github-gorilla-mux https://bugzilla.redhat.com/show_bug.cgi?id=1249384 -------------------------------------------------------------------------------- ================================================================================ hledger-1.2-5.fc27 (FEDORA-2017-36682cafae) Command-line interface for the hledger accounting tool -------------------------------------------------------------------------------- Update Information: Rebuilds for dependency package changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1426896 - Review Request: ghc-file-embed - Use Template Haskell to embed file contents directly https://bugzilla.redhat.com/show_bug.cgi?id=1426896 -------------------------------------------------------------------------------- ================================================================================ mirrormanager2-0.8.3-1.fc27 (FEDORA-2017-53886e2f3a) Mirror management application -------------------------------------------------------------------------------- Update Information: Update to 0.8.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1495032 - mirrormanager2-0.8.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1495032 -------------------------------------------------------------------------------- ================================================================================ mock-core-configs-27.3-1.fc27 (FEDORA-2017-b75714887c) Mock core config files basic chroots -------------------------------------------------------------------------------- Update Information: - use primary key for F-27+ on s390x -------------------------------------------------------------------------------- ================================================================================ nfs-ganesha-2.5.2-6.fc27 (FEDORA-2017-f2a25db006) NFS-Ganesha is a NFS Server running in user space -------------------------------------------------------------------------------- Update Information: /var/log/ganesha -> ganesha_var_log_t ---- /var/log/ganesha -> ganesha_var_log_t ---- /var/log/ganesha owner ganesha.ganesha -> ganesha.root -------------------------------------------------------------------------------- ================================================================================ perl-PAR-Packer-1.037-8.fc27 (FEDORA-2017-741d7d5bd7) PAR Packager -------------------------------------------------------------------------------- Update Information: Rebuild for Perl 5.26.1 -------------------------------------------------------------------------------- ================================================================================ php-7.1.10-1.fc27 (FEDORA-2017-a8f468fae9) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information: **PHP version 7.1.10** (28 Sep 2017) **Core:** * Fixed bug php#75042 (run- tests.php issues with EXTENSION block). (John Boehr) **BCMath:** * Fixed bug php#44995 (bcpowmod() fails if scale != 0). (cmb) * Fixed bug php#46781 (BC math handles minus zero incorrectly). (cmb) * Fixed bug php#54598 (bcpowmod() may return 1 if modulus is 1). (okano1220, cmb) * Fixed bug php#75178 (bcpowmod() misbehaves for non-integer base or modulus). (cmb) **CLI server:** * Fixed bug php#70470 (Built-in server truncates headers spanning over TCP packets). (bouk) **CURL:** * Fixed bug php#75093 (OpenSSL support not detected). (Remi) **GD:** * Fixed bug php#75124 (gdImageGrayScale() may produce colors). (cmb) * Fixed bug php#75139 (libgd/gd_interpolation.c:1786: suspicious if ?). (cmb) **Gettext:** * Fixed bug php#73730 (textdomain(null) throws in strict mode). (cmb) **Intl:** * Fixed bug php#75090 (IntlGregorianCalendar doesn't have constants from parent class). (tpunt) * Fixed bug php#75193 (segfault in collator_convert_object_to_string). (Remi) **SPL:** * Fixed bug php#75155 (AppendIterator::append() is broken when appending another AppendIterator). (Nikita) * Fixed bug php#75173 (incorrect behavior of AppendIterator::append in foreach loop). (jhdxr) **Standard:** * Fixed bug php#75152 (signed integer overflow in parse_iv). (Laruence) * Fixed bug php#75097 (gethostname fails if your host name is 64 chars long). (Andrea) **Fedora configuration change** * as the **Apache HTTP Web Server** now used event MPM by default, and as mod_php in threded mode in not supported, **php-fpm** is now used as the default handler for PHP scripts (mod_php still available but disabled). -------------------------------------------------------------------------------- ================================================================================ php-pecl-redis-3.1.4-1.fc27 (FEDORA-2017-1cf9b6cc83) Extension for communicating with the Redis key-value store -------------------------------------------------------------------------------- Update Information: **Version 3.1.4** The primary new feature phpredis 3.1.4 is the ability to send MULTI .. EXEC blocks in pipeline mode. There are also many bugfixes and minor improvements to the api, listed below: * Allow mixing MULTI and PIPELINE modes (experimental)! [5874b0] (Pavlo Yatsukhnenko) * Added integration for coverty static analysis and fixed several warnings [faac8b0, eff7398, 4766c25, 0438ab4, 1e0b065, 733732a, 26eeda5, 735025, 42f1c9, af71d4] (Pavlo Yatsukhnenko) * Fixed link to redis cluster documentation [3b0b06] (Pavlo Yatsukhnenko) * Remove unused PHP_RINIT and PHP_RSHUTDOWN functions [c760bf] (Pavlo Yatsukhnenko) * Removed duplicate HGET in redis array hash table, formatting [d0b9c5] (Pavlo Yatsukhnenko) * Treat NULL bulk as success for session read [659450] (Pavlo Yatsukhnenko) * Refactor redis_send_discard [ea15ce] (Pavlo Yatsukhnenko) * Updated runtime exception handling [8dcaa4, 7c1407] (Pavlo Yatsukhnenko) * Added a github issue template [61aba9] (Pavlo Yatsukhnenko) * Initialize gc member of zend_string [37f569) (Pavlo Yatsukhnenko) * Fix valgrind warnings [471ce07, 1ab89e1, b624a8b] (Pavlo Yatsukhnenko) * Fix php5/php7 compatibility layer [1ab89e, 4e3225] (Pavlo Yatsukhnenko) * Fix typo in README.markdown [e47e44] (Mark Shehata) * Improve redis array rehash [577a91] (Pavlo Yatsukhnenko) * Change redis array pure_cmds from zval to hashtable [a56ed7] (Pavlo Yatsukhnenko) * Don't try to set TCP_NODELAY on a unix socket and don't warn on multiple calls to pipeline [d11798, 77aeba] (Michael Grunder) * Use zend_string rather than char* for various context fields (err, prefix, etc) [2bf7b2] (Pavlo Yatsukhnenko) * Various other library fixes [142b51, 4452f6, e672f4, 658ee3, c9df77, 4a0a46] (Pavlo Yatsukhnenko) ----- **Version 3.1.3** This release contains two big improvements: * Adding a new printf like command construction function with additionaly format specifiers specific to phpredis. * Implementation of custom objects for Redis and RedisArray wich eliminates double hash lookup. Also many small improvements and bug fixes were made. * A printf like method to construct a Redis RESP command [a4a0ed, d75081, bdd287, 0eaeae, b3d00d] (Michael Grunder) * Use custom objects instead of zend_list for storing Redis/RedisArray [a765f8, 8fa85a] (Pavlo Yatsukhnenko) * Make sure redisCluster members are all initialized on (re)creation [162d88] (Michael Grunder) * Fix Null Bulk String response parsing in cluster library [058753] (Alberto Fern?ndez) * Add hStrLen command [c52077, fb88e1] (Pavlo Yatsukhnenko) * Add optional COUNT argument to sPop [d2e203] (Michael Grunder) * Allow sInterStore to take one arg [26aec4, 4cd06b] (Michael Grunder) * Allow MIGRATE to accept multiple keys [9aa3db] (Michael Grunder) * Allow using numeric string in zInter command [ba0070] (Pavlo Yatsukhnenko) * Use crc32 table from PHP distro [f81694] (Pavlo Yatsukhnenko) * Use ZVAL_DEREF macros for dereference input variables [ad4596] (Pavlo Yatsukhnenko) * Add configureoption tag to package.xml [750963] (Pavlo Yatsukhnenko) * Fix read_timeout [18149e, b56dc4] (Pavlo Yatsukhnenko) * Fix zval_get_string impl for PHP5 [4e56ba] (Pavlo Yatsukhnenko) * Fix Redis/RedisArray segfaults [be5c1f, 635c3a, 1f8dde, 43e1e0] (Pavlo Yatsukhnenko) * Fix memory leak and potential segfault [aa6ff7, 88efaa] (Michael Grunder) * Throw exception for all non recoverable errors [e37239] (Pavlo Yatsukhnenko) * Assume "NULL bulk" reply as success (empty session data) [4a81e1] (Pavlo Yatsukhnenko) * Increase read buffers size [520e06] (Pavlo Yatsukhnenko) * Better documentation [f0c25a, c5991f, 9ec9ae] (Michael Grunder) * Better TravisCI integration [e37c08] (Pavlo Yatsukhnenko) * Refactoring (Pavlo Yatsukhnenko, Michael Grunder) -------------------------------------------------------------------------------- ================================================================================ python-autobahn-17.9.3-1.gitd398c4d.fc27 (FEDORA-2017-a5a4185935) Python networking library for WebSocket and WAMP -------------------------------------------------------------------------------- Update Information: Update to 17.9.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1494966 - python-autobahn-17.9.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1494966 -------------------------------------------------------------------------------- ================================================================================ python-paramiko-2.3.1-2.fc27 (FEDORA-2017-4e4d9a724c) SSH2 protocol library for python -------------------------------------------------------------------------------- Update Information: Remove weak deps, paramiko does not support recent gssapi (rhbz #1496148) ---- Update to 2.3.1 (rhbz #1494764) / Fix upstream bug #1071: AttributeError: 'Ed25519Key' object has no attribute 'public_blob' ---- Current upstream maintenance release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1496148 - Please remove weak dependency on python3-gssapi https://bugzilla.redhat.com/show_bug.cgi?id=1496148 [ 2 ] Bug #1494764 - python-paramiko-2.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1494764 [ 3 ] Bug #1493324 - python-paramiko-2.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1493324 -------------------------------------------------------------------------------- ================================================================================ python-pytools-2017.6-1.fc27 (FEDORA-2017-f0a2a5e1c4) Collection of tools for Python -------------------------------------------------------------------------------- Update Information: Update to 2017.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1495386 - python-pytools-2017.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1495386 -------------------------------------------------------------------------------- ================================================================================ python-toml-0.9.3-1.fc27 (FEDORA-2017-1e4965f172) Python Library for Tom's Obvious, Minimal Language -------------------------------------------------------------------------------- Update Information: Update to 0.9.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1495189 - python-toml-0.9.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1495189 -------------------------------------------------------------------------------- ================================================================================ python3-pytest-asyncio-0.8.0-1.git18535c3.fc27 (FEDORA-2017-47dba9fc0b) Pytest support for asyncio -------------------------------------------------------------------------------- Update Information: Update to 0.8.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1494831 - python3-pytest-asyncio-0.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1494831 -------------------------------------------------------------------------------- ================================================================================ qt5-qtbase-5.9.1-7.fc27 (FEDORA-2017-373b7d360a) Qt5 - QtBase components -------------------------------------------------------------------------------- Update Information: Backport fix for mysql/mariadb sql plugin -------------------------------------------------------------------------------- References: [ 1 ] Bug #1491316 - akonadi: Plugin pvio_socket could not be loaded: not initialized https://bugzilla.redhat.com/show_bug.cgi?id=1491316 -------------------------------------------------------------------------------- ================================================================================ redis-3.2.11-1.fc27 (FEDORA-2017-6d0c7eb24e) A persistent key-value database -------------------------------------------------------------------------------- Update Information: Upstream 3.2.11 bug-fix-only release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1172841 - Service start returns success even when service fails to start https://bugzilla.redhat.com/show_bug.cgi?id=1172841 [ 2 ] Bug #788500 - redis bundles jemalloc and hiredis and lua https://bugzilla.redhat.com/show_bug.cgi?id=788500 -------------------------------------------------------------------------------- ================================================================================ ruby-2.4.2-84.fc27 (FEDORA-2017-4166994614) An interpreter of object-oriented scripting language -------------------------------------------------------------------------------- Update Information: Update to the Ruby 2.4.2. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1492015 - CVE-2017-0898 ruby: Buffer underrun vulnerability in Kernel.sprintf https://bugzilla.redhat.com/show_bug.cgi?id=1492015 [ 2 ] Bug #1492012 - CVE-2017-10784 ruby: Escape sequence injection vulnerability in the Basic authentication of WEBrick https://bugzilla.redhat.com/show_bug.cgi?id=1492012 [ 3 ] Bug #1491866 - CVE-2017-14033 ruby: Buffer underrun in OpenSSL ASN1 decode https://bugzilla.redhat.com/show_bug.cgi?id=1491866 -------------------------------------------------------------------------------- ================================================================================ slingshot-launcher-2.2.0-1.fc27 (FEDORA-2017-bdc1fbe9b8) Lightweight and stylish app launcher -------------------------------------------------------------------------------- Update Information: Update to version 2.2.0. More information: https://github.com/elementary /applications-menu/issues?q=is%3Aclosed+milestone%3A2.2.0 -------------------------------------------------------------------------------- ================================================================================ systemd-234-8.fc27 (FEDORA-2017-2c4b2ee2e9) System and Service Manager -------------------------------------------------------------------------------- Update Information: Backport /etc/crypttab _netdev option support. -------------------------------------------------------------------------------- ================================================================================ translate-toolkit-2.2.5-1.fc27 (FEDORA-2017-4ddd16060c) Tools to assist with translation and software localization -------------------------------------------------------------------------------- Update Information: https://github.com/translate/translate/releases/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1462208 - translate-toolkit-2.2.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1462208 -------------------------------------------------------------------------------- ================================================================================ webkit2-sharp-0-0.3.20170219gita59fd76.fc27 (FEDORA-2017-8669a0e23a) C# bindings for WebKit 2 with GTK+ 3 -------------------------------------------------------------------------------- Update Information: Disable static libraries -------------------------------------------------------------------------------- References: [ 1 ] Bug #1494981 - Review Request: webkit2-sharp - C# bindings for WebKit 2 with GTK+ 3 https://bugzilla.redhat.com/show_bug.cgi?id=1494981 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
