The following Fedora 26 Security updates need testing: Age URL 203 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01 python-XStatic-jquery-ui-1.12.0.1-2.fc26 142 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2522df3526 nodejs-brace-expansion-1.1.7-1.fc26 97 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1c053de325 memcached-1.4.39-1.fc26 93 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 22 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e6f4f95e6 ruby-2.4.2-84.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6bff3cf26c suricata-3.2.4-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9149114fba qemu-2.9.1-2.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4a42419c16 libextractor-1.6-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2e7badfe67 seamonkey-2.49.1-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9c29af2c64 lame-3.100-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-94a173c491 modulemd-1.3.2-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a47c76eeb1 glusterfs-3.10.6-4.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b52f851dea calamares-3.1.7-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-51ff8fe326 poppler-0.52.0-9.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5b132e3803 SDL2-2.0.7-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0af85ae851 php-7.1.11-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ef7c118dbc tomcat-8.0.47-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-41957e0f90 krb5-1.15.2-4.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7b17451b82 java-1.8.0-openjdk-1.8.0.151-1.b12.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9232eac8e8 rpm-4.13.0.2-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6f8fcff58c systemd-233-7.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5c17b4934f nodejs-6.11.5-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-009bc68243 xen-4.8.2-5.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d2cfc3752 apr-1.6.3-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-329e5fb4c9 apr-util-1.5.4-6.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0b3231763 wget-1.19.2-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-50c790aaed community-mysql-5.7.20-1.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 26 https://bodhi.fedoraproject.org/updates/FEDORA-2017-621a9b4828 iproute-4.13.0-1.fc26 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8e91b32f31 python3-3.6.3-2.fc26 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-19f599ecd6 chrony-3.2-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dc751fa21c libguestfs-1.36.10-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2b44217ccc kobo-0.7.0-3.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e89163acc6 corosync-2.4.3-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9149114fba qemu-2.9.1-2.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a99e657ce pykickstart-2.35-2.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a47c76eeb1 glusterfs-3.10.6-4.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-04dc465e5b ModemManager-1.6.10-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f3aa1f4515 ibus-1.5.17-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9232eac8e8 rpm-4.13.0.2-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a07c506558 gnome-online-accounts-3.24.4-2.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d312739a4e selinux-policy-3.13.1-260.14.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d6edc4194d libinput-1.9.0-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-41957e0f90 krb5-1.15.2-4.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-34604dbcd8 gtk3-3.22.21-2.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4adafcbb5e samba-4.6.9-0.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5158af062e sssd-1.16.0-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4bbc227910 gnome-software-3.24.3-3.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5b132e3803 SDL2-2.0.7-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-717c61268f libsolv-0.6.30-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-67025b87e7 python-cryptography-2.0.2-2.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-51ff8fe326 poppler-0.52.0-9.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-34b7ce4fee libappstream-glib-0.7.3-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c133443edc calibre-3.1.1-2.fc26 fcitx-qt5-1.1.1-2.fc26 gammaray-2.8.1-2.fc26 kf5-akonadi-server-17.04.1-4.fc26 kf5-frameworkintegration-5.38.0-2.fc26 kf5-kdeclarative-5.38.0-2.fc26 kf5-kwayland-5.38.0-2.fc26 kwin-5.10.5-2.fc26 libfm-qt-0.11.2-7.fc26 libqtxdg-2.0.0-6.fc26 lxqt-qtplugin-0.11.1-7.fc26 plasma-integration-5.10.5-2.fc26 python-qt5-5.9-8.fc26 qgnomeplatform-0.3-5.fc26 qstardict-1.2-5.fc26 qt-creator-4.2.2-7.fc26 qt5-doc-5.9.2-1.fc26 qt5-qt3d-5.9.2-1.fc26 qt5-qtbase-5.9.2-3.fc26 qt5-qtcanvas3d-5.9.2-1.fc26 qt5-qtconnectivity-5.9.2-1.fc26 qt5-qtdeclarative-5.9.2-1.fc26 qt5-qtdoc-5.9.2-1.fc26 qt5-qtgraphicaleffects-5.9.2-1.fc26 qt5-qtimageformats-5.9.2-1.fc26 qt5-qtlocation-5.9.2-1.fc26 qt5-qtmultimedia-5.9.2-1.fc26 qt5-qtquickcontrols-5.9.2-1.fc26 qt5-qtquickcontrols2-5.9.2-1.fc26 qt5-qtscript-5.9.2-1.fc26 qt5-qtsensors-5.9.2-1.fc26 qt5-qtserialbus-5.9.2-1.fc26 qt5-qtserialport-5.9.2-1.fc26 qt5-qtstyleplugins-5.0.0-2 1.fc26 qt5-qtsvg-5.9.2-1.fc26 qt5-qttools-5.9.2-1.fc26 qt5-qttranslations-5.9.2-1.fc26 qt5-qtvirtualkeyboard-5.9.2-1.fc26 qt5-qtwayland-5.9.2-1.fc26 qt5-qtwebchannel-5.9.2-1.fc26 qt5-qtwebengine-5.9.1-5.fc26 qt5-qtwebkit-5.212.0-0.12.alpha2.fc26 qt5-qtwebsockets-5.9.2-1.fc26 qt5-qtx11extras-5.9.2-1.fc26 qt5-qtxmlpatterns-5.9.2-1.fc26 qt5ct-0.33-2.fc26 sip-4.19.3-4.fc26 ugene-1.27.0-8.fc26 yarock-1.1.6-7.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-de495550cf gdb-8.0.1-30.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-009bc68243 xen-4.8.2-5.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6f8fcff58c systemd-233-7.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8e7d5f5eb0 flatpak-0.10.0-1.fc26 flatpak-builder-0.10.1-1.fc26 The following builds have been pushed to Fedora 26 updates-testing R-3.4.2-1.fc26 R-stringr-1.2.0-1.fc26 blueberry-1.1.16-1.fc26 community-mysql-5.7.20-1.fc26 fedfind-3.7.1-1.fc26 flatpak-0.10.0-1.fc26 flatpak-builder-0.10.1-1.fc26 gdb-8.0.1-30.fc26 lightdm-settings-1.1.2-1.fc26 mate-session-manager-1.18.2-1.fc26 opencv-3.2.0-13.fc26 python-rstcheck-3.1-4.fc26 rkward-0.6.5-10.fc26 rpy-2.8.6-4.fc26 rubygem-hiera-vault-0.2.2-1.fc26 rubygem-vault-0.10.1-1.fc26 slick-greeter-1.0.9-1.fc26 wget-1.19.2-1.fc26 Details about builds: ================================================================================ R-3.4.2-1.fc26 (FEDORA-2017-d4b99515d7) A language for data analysis and graphics -------------------------------------------------------------------------------- Update Information: Update R to 3.4.2, rebuild rpy and rkward to sync. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1497191 - R-3.4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1497191 -------------------------------------------------------------------------------- ================================================================================ R-stringr-1.2.0-1.fc26 (FEDORA-2017-f5a3e9ee26) Simple, Consistent Wrappers for Common String Operations -------------------------------------------------------------------------------- Update Information: Initial package of stringr for R. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1506413 - Review Request: R-stringr - Simple, Consistent Wrappers for Common String Operations https://bugzilla.redhat.com/show_bug.cgi?id=1506413 -------------------------------------------------------------------------------- ================================================================================ blueberry-1.1.16-1.fc26 (FEDORA-2017-b43151270c) Bluetooth configuration tool -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1496185 - [abrt] blueberry: update_connected_state(): blueberry-tray.py:64:update_connected_state:TypeError: sequence item 0: expected string, NoneType found https://bugzilla.redhat.com/show_bug.cgi?id=1496185 [ 2 ] Bug #1493009 - [abrt] blueberry: update_connected_state(): blueberry-tray.py:64:update_connected_state:TypeError: sequence item 1: expected string, NoneType found https://bugzilla.redhat.com/show_bug.cgi?id=1493009 -------------------------------------------------------------------------------- ================================================================================ community-mysql-5.7.20-1.fc26 (FEDORA-2017-50c790aaed) MySQL client programs and shared libraries -------------------------------------------------------------------------------- Update Information: A quarter year regular dose of fixed CVE's. https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-20.html . rhbz#1497694: Fix owner and perms on log file in post script CVE fixes: rhbz#1503701 CVE-2017-10155 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-10286 CVE-2017-10294 CVE-2017-10314 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384 Others: Move all test binaries to -test package Dont ship unneeded man pages on systemd platforms Remove mysql_config_editor from -devel package, shipped in client -------------------------------------------------------------------------------- References: [ 1 ] Bug #1503701 - CVE-2017-10155 CVE-2017-10227 CVE-2017-10268 CVE-2017-10276 CVE-2017-10279 CVE-2017-10283 CVE-2017-10286 CVE-2017-10294 CVE-2017-10314 CVE-2017-10378 CVE-2017-10379 CVE-2017-10384 community-mysql: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1503701 [ 2 ] Bug #1497694 - mysqld service not working by default after bd72127 https://bugzilla.redhat.com/show_bug.cgi?id=1497694 [ 3 ] Bug #1503357 - community-mysql-5.7.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1503357 -------------------------------------------------------------------------------- ================================================================================ fedfind-3.7.1-1.fc26 (FEDORA-2017-fbf67f6580) Fedora compose and image finder -------------------------------------------------------------------------------- Update Information: This new version of fedfind improves handling of various new compose types introduced by release engineering. The new nightly modular composes from master branch, now versioned `Bikeshed` rather than `Rawhide`, are handled with a new `BikeshedModularNightly` class. 'updates' and 'updates-testing' composes are explicitly not supported (`get_release` will raise a `ValueError` with a specific text for these) as they do not contain images and so fedfind can't do much with them. Note that the `fedfind.helpers.parse_cid` function is entirely rewritten in support of this; the new version is much more capable and accurate and should handle all compose IDs the previous version handled correctly, but please report any issues you find. -------------------------------------------------------------------------------- ================================================================================ flatpak-0.10.0-1.fc26 (FEDORA-2017-8e7d5f5eb0) Application deployment framework for desktop apps -------------------------------------------------------------------------------- Update Information: flatpak 0.10.0 and flatpak-builder 0.10.1 releases. For details, see https://github.com/flatpak/flatpak/releases/tag/0.10.0 and https://github.com/flatpak/flatpak-builder/releases/tag/0.10.1 -------------------------------------------------------------------------------- ================================================================================ flatpak-builder-0.10.1-1.fc26 (FEDORA-2017-8e7d5f5eb0) Tool to build flatpaks from source -------------------------------------------------------------------------------- Update Information: flatpak 0.10.0 and flatpak-builder 0.10.1 releases. For details, see https://github.com/flatpak/flatpak/releases/tag/0.10.0 and https://github.com/flatpak/flatpak-builder/releases/tag/0.10.1 -------------------------------------------------------------------------------- ================================================================================ gdb-8.0.1-30.fc26 (FEDORA-2017-de495550cf) A stub package for GNU source-level debugger -------------------------------------------------------------------------------- Update Information: Use inlined func name for printing breakpoints (RH BZ 1228556, Keith Seitz). -------------------------------------------------------------------------------- ================================================================================ lightdm-settings-1.1.2-1.fc26 (FEDORA-2017-6456122ef9) Configuration tool for the LightDM display manager -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ mate-session-manager-1.18.2-1.fc26 (FEDORA-2017-7f9359a6c6) MATE Desktop session manager -------------------------------------------------------------------------------- Update Information: - update to 1.18.2 -------------------------------------------------------------------------------- ================================================================================ opencv-3.2.0-13.fc26 (FEDORA-2017-5a7aa96fee) Collection of algorithms for computer vision -------------------------------------------------------------------------------- Update Information: Require python3-numpy instead numpy for opencv-python3 (#1504555) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1504555 - Wrong deps, opencv-python3 pulls python2-numpy https://bugzilla.redhat.com/show_bug.cgi?id=1504555 -------------------------------------------------------------------------------- ================================================================================ python-rstcheck-3.1-4.fc26 (FEDORA-2017-81ca3751bc) Checks syntax of reStructuredText and code blocks nested within it -------------------------------------------------------------------------------- Update Information: New package - python-rstcheck -------------------------------------------------------------------------------- References: [ 1 ] Bug #1506405 - Review Request: python-rstcheck - Checks syntax of reStructuredText and code blocks nested within it https://bugzilla.redhat.com/show_bug.cgi?id=1506405 -------------------------------------------------------------------------------- ================================================================================ rkward-0.6.5-10.fc26 (FEDORA-2017-d4b99515d7) Graphical frontend for R language -------------------------------------------------------------------------------- Update Information: Update R to 3.4.2, rebuild rpy and rkward to sync. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1497191 - R-3.4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1497191 -------------------------------------------------------------------------------- ================================================================================ rpy-2.8.6-4.fc26 (FEDORA-2017-d4b99515d7) Python interface to the R language -------------------------------------------------------------------------------- Update Information: Update R to 3.4.2, rebuild rpy and rkward to sync. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1497191 - R-3.4.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1497191 -------------------------------------------------------------------------------- ================================================================================ rubygem-hiera-vault-0.2.2-1.fc26 (FEDORA-2017-5f1d7ab985) Module for using vault as a hiera backend -------------------------------------------------------------------------------- Update Information: First packages for Fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1506451 - Review Request: rubygem-vault - A Ruby API client for interacting with a Vault server https://bugzilla.redhat.com/show_bug.cgi?id=1506451 [ 2 ] Bug #1506453 - Review Request: rubygem-hiera-vault - Module for using vault as a hiera backend https://bugzilla.redhat.com/show_bug.cgi?id=1506453 -------------------------------------------------------------------------------- ================================================================================ rubygem-vault-0.10.1-1.fc26 (FEDORA-2017-5f1d7ab985) A Ruby API client for interacting with a Vault server -------------------------------------------------------------------------------- Update Information: First packages for Fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1506451 - Review Request: rubygem-vault - A Ruby API client for interacting with a Vault server https://bugzilla.redhat.com/show_bug.cgi?id=1506451 [ 2 ] Bug #1506453 - Review Request: rubygem-hiera-vault - Module for using vault as a hiera backend https://bugzilla.redhat.com/show_bug.cgi?id=1506453 -------------------------------------------------------------------------------- ================================================================================ slick-greeter-1.0.9-1.fc26 (FEDORA-2017-6456122ef9) A slick-looking LightDM greeter -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ wget-1.19.2-1.fc26 (FEDORA-2017-f0b3231763) A utility for retrieving files using the HTTP or FTP protocols -------------------------------------------------------------------------------- Update Information: new upstream release with CVE fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1505445 - CVE-2017-13090 wget: Heap-based buffer overflow in HTTP protocol handling https://bugzilla.redhat.com/show_bug.cgi?id=1505445 [ 2 ] Bug #1505444 - CVE-2017-13089 wget: Stack-based buffer overflow in HTTP protocol handling https://bugzilla.redhat.com/show_bug.cgi?id=1505444 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
