The following Fedora 26 Security updates need testing: Age URL 209 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01 python-XStatic-jquery-ui-1.12.0.1-2.fc26 148 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2522df3526 nodejs-brace-expansion-1.1.7-1.fc26 103 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1c053de325 memcached-1.4.39-1.fc26 99 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 28 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e6f4f95e6 ruby-2.4.2-84.fc26 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6bff3cf26c suricata-3.2.4-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9149114fba qemu-2.9.1-2.fc26 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-94a173c491 modulemd-1.3.2-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b52f851dea calamares-3.1.7-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-51ff8fe326 poppler-0.52.0-9.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ef7c118dbc tomcat-8.0.47-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-41957e0f90 krb5-1.15.2-4.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5c17b4934f nodejs-6.11.5-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-009bc68243 xen-4.8.2-5.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d2cfc3752 apr-1.6.3-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-329e5fb4c9 apr-util-1.5.4-6.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-50c790aaed community-mysql-5.7.20-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8bf1b0c692 ansible-2.4.1.0-2.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6fd6877975 wordpress-4.8.3-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ea72793352 fedpkg-1.30-3.fc26 rpkg-1.51-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2c9852dd05 liblouis-2.6.2-12.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 32 https://bodhi.fedoraproject.org/updates/FEDORA-2017-621a9b4828 iproute-4.13.0-1.fc26 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8e91b32f31 python3-3.6.3-2.fc26 21 https://bodhi.fedoraproject.org/updates/FEDORA-2017-19f599ecd6 chrony-3.2-1.fc26 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2b44217ccc kobo-0.7.0-3.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9149114fba qemu-2.9.1-2.fc26 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-04dc465e5b ModemManager-1.6.10-1.fc26 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f3aa1f4515 ibus-1.5.17-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d312739a4e selinux-policy-3.13.1-260.14.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-41957e0f90 krb5-1.15.2-4.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5158af062e sssd-1.16.0-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-67025b87e7 python-cryptography-2.0.2-2.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-51ff8fe326 poppler-0.52.0-9.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-34b7ce4fee libappstream-glib-0.7.3-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-009bc68243 xen-4.8.2-5.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8e7d5f5eb0 flatpak-0.10.0-1.fc26 flatpak-builder-0.10.1-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-18db22d7c4 lua-5.3.4-6.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-307574c83f libunwind-1.2-2.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b04408f1a2 pkgconf-1.3.10-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e62363eb47 wpa_supplicant-2.6-12.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-00b24f9251 bind99-9.9.10-3.P3.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-acf7207aae glusterfs-3.10.7-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-861946053e python-productmd-1.9-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f9b723360f libinput-1.9.1-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c133443edc calibre-3.1.1-2.fc26 fcitx-qt5-1.1.1-2.fc26 gammaray-2.8.1-2.fc26 kf5-akonadi-server-17.04.1-4.fc26 kf5-frameworkintegration-5.38.0-2.fc26 kf5-kdeclarative-5.38.0-2.fc26 kf5-kwayland-5.38.0-2.fc26 kwin-5.10.5-2.fc26 libfm-qt-0.11.2-7.fc26 libqtxdg-2.0.0-6.fc26 lxqt-qtplugin-0.11.1-7.fc26 plasma-integration-5.10.5-2.fc26 python-qt5-5.9-8.fc26 qgnomeplatform-0.3-5.fc26 qstardict-1.2-5.fc26 qt-creator-4.2.2-7.fc26 qt5-doc-5.9.2-1.fc26 qt5-qt3d-5.9.2-1.fc26 qt5-qtbase-5.9.2-3.fc26 qt5-qtcanvas3d-5.9.2-1.fc26 qt5-qtconnectivity-5.9.2-1.fc26 qt5-qtdeclarative-5.9.2-2.fc26 qt5-qtdoc-5.9.2-1.fc26 qt5-qtgraphicaleffects-5.9.2-1.fc26 qt5-qtimageformats-5.9.2-1.fc26 qt5-qtlocation-5.9.2-1.fc26 qt5-qtmultimedia-5.9.2-1.fc26 qt5-qtquickcontrols-5.9.2-1.fc26 qt5-qtquickcontrols2-5.9.2-1.fc26 qt5-qtscript-5.9.2-1.fc26 qt5-qtsensors-5.9.2-1.fc26 qt5-qtserialbus-5.9.2-1.fc26 qt5-qtserialport-5.9.2-1.fc26 qt5-qtstyleplugins-5.0.0-2 1.fc26 qt5-qtsvg-5.9.2-1.fc26 qt5-qttools-5.9.2-1.fc26 qt5-qttranslations-5.9.2-1.fc26 qt5-qtvirtualkeyboard-5.9.2-1.fc26 qt5-qtwayland-5.9.2-1.fc26 qt5-qtwebchannel-5.9.2-1.fc26 qt5-qtwebengine-5.9.1-5.fc26 qt5-qtwebkit-5.212.0-0.12.alpha2.fc26 qt5-qtwebsockets-5.9.2-1.fc26 qt5-qtx11extras-5.9.2-1.fc26 qt5-qtxmlpatterns-5.9.2-1.fc26 qt5ct-0.33-2.fc26 sip-4.19.3-4.fc26 ugene-1.27.0-8.fc26 yarock-1.1.6-7.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8477dfde52 v4l-utils-1.12.5-5.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2727dc1ce8 iio-sensor-proxy-2.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9e682ac8e2 nfs-utils-2.1.1-6.rc6.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d952a211db ostree-2017.13-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d664074226 hwdata-0.306-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d1f8de129b binutils-2.27-28.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f10b769a7e pcre2-10.23-10.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-349fb51b4d pungi-4.1.20-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-da5d015449 pcre-8.41-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9d797ffb4b glib2-2.52.3-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01e4375a1e pulseaudio-11.1-5.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d4bde2339f python2-2.7.14-2.fc26 python2-docs-2.7.14-1.fc26 The following builds have been pushed to Fedora 26 updates-testing R-evaluate-0.10.1-4.fc26 accumulo-1.8.1-4.fc26 atomic-1.19.1-5.fc26 bindfs-1.13.8-1.fc26 binutils-2.27-28.fc26 bodhi-2.12.2-2.fc26 borgbackup-1.1.1-1.fc26 cassandra-3.11.0-5.fc26 distgen-0.19-1.fc26 docker-1.13.1-38.git166a52e.fc26 fedpkg-1.30-3.fc26 fwts-17.09.00-1.fc26 glib2-2.52.3-2.fc26 globus-gsi-credential-7.13-1.fc26 globus-gsi-sysconfig-8.0-1.fc26 globus-gssapi-gsi-13.4-1.fc26 gnome-video-arcade-0.8.8-1.fc26 hwdata-0.306-1.fc26 icoutils-0.32.2-1.fc26 iio-sensor-proxy-2.4-1.fc26 inxi-2.3.43-1.fc26 julietaula-montserrat-fonts-7.200-1.fc26 kf5-ktexteditor-5.38.0-3.fc26 libimagequant-2.11.0-1.fc26 liblouis-2.6.2-12.fc26 libva-utils-1.8.3-2.fc26 lynis-2.5.7-1.fc26 macromilter-3.4.3-1.fc26 magic-8.1.191-1.fc26 mingw-glibmm24-2.54.1-1.fc26 mingw-polyclipping-6.4.2-1.fc26 module-build-service-1.4.1-1.fc26 mozilla-noscript-5.1.4-1.fc26 mpdris2-0.7-5.20171028git3c3fe12.fc26 mscore-2.1.0-2.fc26 nfs-utils-2.1.1-6.rc6.fc26 nm-tray-0.3.0-2.fc26 ostree-2017.13-2.fc26 otter-browser-0.9.92-0.1.rc2git97d18d8.fc26 pcre-8.41-3.fc26 pcre2-10.23-10.fc26 perl-Unicode-Collate-1.20-1.fc26 php-cs-fixer-2.2.9-1.fc26 php-zendframework-zend-diactoros-1.6.1-1.fc26 php-zendframework-zend-expressive-platesrenderer-1.3.2-1.fc26 php-zendframework-zend-modulemanager-2.8.1-1.fc26 pngquant-2.11.0-1.fc26 psblas3-3.5.0-9.fc26 pulseaudio-11.1-5.fc26 pungi-4.1.20-1.fc26 python-ansible-tower-cli-3.2.0-1.fc26 python-geoip2-2.6.0-1.fc26 python-mpd2-0.5.5-4.fc26 python-podcastparser-0.6.2-1.fc26 python-pytest-runner-3.0-1.fc26 python2-2.7.14-2.fc26 python2-docs-2.7.14-1.fc26 python34-3.4.7-1.fc26 rho-0.0.29-1.fc26 rpkg-1.51-1.fc26 rpmgrill-0.32-1.fc26 skopeo-0.1.24-7.gitdd2c3e3.fc26 system-storage-manager-0.5-0.fc26 v4l-utils-1.12.5-5.fc26 xrootd-4.7.1-1.fc26 Details about builds: ================================================================================ R-evaluate-0.10.1-4.fc26 (FEDORA-2017-8efacd5959) Parsing and Evaluation Tools that Provide More Details than the Default -------------------------------------------------------------------------------- Update Information: Initial package of evaluate for R. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1507286 - Review Request: R-evaluate - Parsing and Evaluation Tools that Provide More Details than the Default https://bugzilla.redhat.com/show_bug.cgi?id=1507286 -------------------------------------------------------------------------------- ================================================================================ accumulo-1.8.1-4.fc26 (FEDORA-2017-006bec0a8f) A software platform for processing vast amounts of data -------------------------------------------------------------------------------- Update Information: Update Jackson jar classpath locations -------------------------------------------------------------------------------- ================================================================================ atomic-1.19.1-5.fc26 (FEDORA-2017-cbf83e5281) Tool for managing ProjectAtomic systems and containers -------------------------------------------------------------------------------- Update Information: Update to final 0.1.24 release. ---- Add override kernel check. ---- built commit 28d4e08 ---- built docker @projectatomic/docker-1.13.1 commit 790e958 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1479003 - skopeo-containers file conflict with inn https://bugzilla.redhat.com/show_bug.cgi?id=1479003 [ 2 ] Bug #1478843 - Package version 0.1.23-2.git1bbd87f has a file conflict with inn https://bugzilla.redhat.com/show_bug.cgi?id=1478843 [ 3 ] Bug #1504709 - oc cluster up fails with secrets added to skopeo-containers https://bugzilla.redhat.com/show_bug.cgi?id=1504709 [ 4 ] Bug #1481135 - skopeo man page should provide Fedora/RHEL compatible example https://bugzilla.redhat.com/show_bug.cgi?id=1481135 [ 5 ] Bug #1507679 - Docker default registry change breaks many default behaviors including docker.com tutorial https://bugzilla.redhat.com/show_bug.cgi?id=1507679 -------------------------------------------------------------------------------- ================================================================================ bindfs-1.13.8-1.fc26 (FEDORA-2017-1c6e4f89ce) Fuse filesystem to mirror a directory -------------------------------------------------------------------------------- Update Information: Update to new release to fix nested FUSE mounts: https://github.com/mpartel/bindfs/issues/54 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508177 - bindfs-1.13.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508177 -------------------------------------------------------------------------------- ================================================================================ binutils-2.27-28.fc26 (FEDORA-2017-d1f8de129b) A GNU collection of binary utilities -------------------------------------------------------------------------------- Update Information: A bug in a previous update to the binutils package meant that it would fail to decode DWARF debug information correctly. As a result tools that attempted to relate locations in binary files to locations in the source code that created them would be told that there was no such relationship. These tools would then provide less information to their users. This version of the binutils package fixes that bug. A reproducer to test the fix can be found here: https://bugzilla.redhat.com/show_bug.cgi?id=1501014#c2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1501014 - objdump can not list source code when disassembling code with debug info https://bugzilla.redhat.com/show_bug.cgi?id=1501014 -------------------------------------------------------------------------------- ================================================================================ bodhi-2.12.2-2.fc26 (FEDORA-2017-6f382ce708) A modular framework that facilitates publishing software updates -------------------------------------------------------------------------------- Update Information: Upstream Bodhi 3.0.0 removed support for the USERNAME environment variable due to it clashing with GDM: https://github.com/fedora-infra/bodhi/issues/1789 This was a backwards incompatible change (in an otherwise backwards incompatble release) since it removed the feature to set usernames with environment variables. Due to this, Bodhi 3.0.0 will not be released on Fedora 26 or 27. However, those Fedora releases are still faced with the issue for GDM users who use a different username on their computer than they do in FAS. I wrote a devel list post to see what people thought about this, and only got one response: htt ps://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/ 6CWWTX7YGASV3ZO5LDZLOB44J5IJAJ7R/#CZD3SOKN2YCH4EZUQBUC74NKKFJJMASR I'm happy to go with Cole's suggestion, so this update replaces the USERNAME environment variable in F26 and F27 with FAS_USERNAME. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1509094 - The CLI uses the USERNAME environment variable, which clashes with GDM https://bugzilla.redhat.com/show_bug.cgi?id=1509094 -------------------------------------------------------------------------------- ================================================================================ borgbackup-1.1.1-1.fc26 (FEDORA-2017-b2085363fe) A deduplicating backup program with compression and authenticated encryption -------------------------------------------------------------------------------- Update Information: upstream version 1.1.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508593 - BorgBackup v1.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508593 -------------------------------------------------------------------------------- ================================================================================ cassandra-3.11.0-5.fc26 (FEDORA-2017-ae3a122166) Client utilities for Cassandra -------------------------------------------------------------------------------- Update Information: fix wait_for_service_available() function in cassandra launch script -------------------------------------------------------------------------------- ================================================================================ distgen-0.19-1.fc26 (FEDORA-2017-e16d9d6382) Templating system/generator for distributions -------------------------------------------------------------------------------- Update Information: New distgen release that is fully compatible and solves following issues: * Template can now be specified by relative path including ".." * Permissions of rendered files now respect umask value ---- New release of distgen that fixes couple minor issues and is fully backwards compatible. -------------------------------------------------------------------------------- ================================================================================ docker-1.13.1-38.git166a52e.fc26 (FEDORA-2017-cbf83e5281) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: Update to final 0.1.24 release. ---- Add override kernel check. ---- built commit 28d4e08 ---- built docker @projectatomic/docker-1.13.1 commit 790e958 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1479003 - skopeo-containers file conflict with inn https://bugzilla.redhat.com/show_bug.cgi?id=1479003 [ 2 ] Bug #1478843 - Package version 0.1.23-2.git1bbd87f has a file conflict with inn https://bugzilla.redhat.com/show_bug.cgi?id=1478843 [ 3 ] Bug #1504709 - oc cluster up fails with secrets added to skopeo-containers https://bugzilla.redhat.com/show_bug.cgi?id=1504709 [ 4 ] Bug #1481135 - skopeo man page should provide Fedora/RHEL compatible example https://bugzilla.redhat.com/show_bug.cgi?id=1481135 [ 5 ] Bug #1507679 - Docker default registry change breaks many default behaviors including docker.com tutorial https://bugzilla.redhat.com/show_bug.cgi?id=1507679 -------------------------------------------------------------------------------- ================================================================================ fedpkg-1.30-3.fc26 (FEDORA-2017-ea72793352) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information: **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command (cqi) - More Tests for mockbuild command (cqi) - More tests for getting spec file (cqi) - Tests for container-build-setup command (cqi) - Test for container- build to use custom config (cqi) - Suppress output from git command within setUp (cqi) - Skip test if rpmfluff is not available (lsedlar) - Allow to override build URL (cqi) - Test for mock-config command (cqi) - Tests for copr-build command (cqi) - Fix arch-override for container-build (lucarval) - Remove unsupported osbs for container-build (lucarval) - cli: add --arches support for koji_cointainerbuild (mlangsdo) - Strip refs/heads/ from branch only once (lsedlar) - Don't install bin and config files (cqi) - Fix kojiprofile selection in cliClient.container_build_koji (cqi) - Avoid branch detection for 'rpkg sources' (praiskup) - Fix encoding in new command (cqi) - Minor wording improvement in help (pgier) - Fix indentation (pviktori) - Add --with and --without options to mockbuild (pviktori) **fedpkg** - Tests for update command (cqi) - Add support for module commands (mprahl) - Clean rest cert related code (cqi) - Remove fedora cert (cqi) - Override build URL for Koji (cqi) - changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink) - Add tests (cqi) - Enable lookaside_namespaced - #130 (cqi) - Detect dist tag correctly for RHEL and CentOS - #141 (cqi) - Remove deprecated call to platform.dist (cqi) - Do not prompt hint for SSL cert if fail to log into Koji (cqi) - Add more container-build options to bash completion (cqi) - Remove osbs from bash completion - #138 (cqi) - Install executables via entry_points - #134 (cqi) - Fix container build target (lsedlar) - Get correct build target for rawhide containers (lsedlar) - Update error message to reflect deprecation of --dist option (pgier) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1188634 - fedpkg clone -a should use https:// transport https://bugzilla.redhat.com/show_bug.cgi?id=1188634 -------------------------------------------------------------------------------- ================================================================================ fwts-17.09.00-1.fc26 (FEDORA-2017-d3eab68487) Firmware Test Suite -------------------------------------------------------------------------------- Update Information: Add the package to fedora 26 and 27 as there are requests for this. -------------------------------------------------------------------------------- ================================================================================ glib2-2.52.3-2.fc26 (FEDORA-2017-9d797ffb4b) A library of handy utility functions -------------------------------------------------------------------------------- Update Information: Fix race in D-Bus name watching -------------------------------------------------------------------------------- References: [ 1 ] Bug #1483205 - race condition between gdbus signal callback and g_bus_unwatch_name - can access freed memory https://bugzilla.redhat.com/show_bug.cgi?id=1483205 -------------------------------------------------------------------------------- ================================================================================ globus-gsi-credential-7.13-1.fc26 (FEDORA-2017-869e60e30d) Globus Toolkit - Globus GSI Credential Library -------------------------------------------------------------------------------- Update Information: globus-gsi-credential * Remove prototype for non-existing function (7.12) * Remove compatibility shims for old versions of OpenSSL (7.13) globus-gsi- sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ globus-gsi-sysconfig-8.0-1.fc26 (FEDORA-2017-869e60e30d) Globus Toolkit - Globus GSI System Config Library -------------------------------------------------------------------------------- Update Information: globus-gsi-credential * Remove prototype for non-existing function (7.12) * Remove compatibility shims for old versions of OpenSSL (7.13) globus-gsi- sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ globus-gssapi-gsi-13.4-1.fc26 (FEDORA-2017-869e60e30d) Globus Toolkit - GSSAPI library -------------------------------------------------------------------------------- Update Information: globus-gsi-credential * Remove prototype for non-existing function (7.12) * Remove compatibility shims for old versions of OpenSSL (7.13) globus-gsi- sysconfig * Add cert and key checks based on different uid globus-gssapi-gsi * Allow configuration of non-root user to own credentials for root services (13.3) * Improve vhost support (13.4) -------------------------------------------------------------------------------- ================================================================================ gnome-video-arcade-0.8.8-1.fc26 (FEDORA-2017-89e42e75cb) GNOME Video Arcade is a MAME front-end for GNOME -------------------------------------------------------------------------------- Update Information: New package, simple front-end for MAME. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1507997 - Review Request: gnome-video-arcade - simple MAME front-end https://bugzilla.redhat.com/show_bug.cgi?id=1507997 -------------------------------------------------------------------------------- ================================================================================ hwdata-0.306-1.fc26 (FEDORA-2017-d664074226) Hardware identification and configuration data -------------------------------------------------------------------------------- Update Information: Updated pci, usb and vendor ids. -------------------------------------------------------------------------------- ================================================================================ icoutils-0.32.2-1.fc26 (FEDORA-2017-ac47afc30e) Utility for extracting and converting Microsoft icon and cursor files -------------------------------------------------------------------------------- Update Information: This release fixes several memory issues and potential segmentation faults. For further information see http://git.savannah.nongnu.org/cgit/icoutils.git/tree/NEWS -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508190 - icoutils-0.32.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508190 -------------------------------------------------------------------------------- ================================================================================ iio-sensor-proxy-2.4-1.fc26 (FEDORA-2017-2727dc1ce8) IIO accelerometer sensor to input device proxy -------------------------------------------------------------------------------- Update Information: This release fixes data being incorrectly read from sensors due to a naively broken compilation fix. It also supports Geoclue running as a different user than "geoclue". -------------------------------------------------------------------------------- ================================================================================ inxi-2.3.43-1.fc26 (FEDORA-2017-76b9ff9743) A full featured system information script -------------------------------------------------------------------------------- Update Information: Update to 2.3.43. -------------------------------------------------------------------------------- ================================================================================ julietaula-montserrat-fonts-7.200-1.fc26 (FEDORA-2017-2feba2c780) Sans-serif typeface created by Julieta Ulanovsky -------------------------------------------------------------------------------- Update Information: New update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508682 - julietaula-montserrat-fonts-v7.200 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508682 -------------------------------------------------------------------------------- ================================================================================ kf5-ktexteditor-5.38.0-3.fc26 (FEDORA-2017-4996c59674) KDE Frameworks 5 Tier 3 with advanced embeddable text editor -------------------------------------------------------------------------------- Update Information: Include workaround to avoid crashing in qml interpreter -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508924 - KTextEditor is crash-happy https://bugzilla.redhat.com/show_bug.cgi?id=1508924 -------------------------------------------------------------------------------- ================================================================================ libimagequant-2.11.0-1.fc26 (FEDORA-2017-1a44e44752) Palette quantization library -------------------------------------------------------------------------------- Update Information: Update to version 2.11.0, see https://github.com/ImageOptim/libimagequant/blob/master/CHANGELOG for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508211 - libimagequant-2.11.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508211 -------------------------------------------------------------------------------- ================================================================================ liblouis-2.6.2-12.fc26 (FEDORA-2017-2c9852dd05) Braille translation and back-translation library -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-13738 CVE-2017-13739 CVE-2017-13740 CVE-2017-13741 CVE-2017-13742 CVE-2017-13743 CVE-2017-13744 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1488942 - CVE-2017-13743 liblouis: Buffer overflow in the function _lou_showString() https://bugzilla.redhat.com/show_bug.cgi?id=1488942 [ 2 ] Bug #1488939 - CVE-2017-13742 liblouis: Stack-buffer overflow in the function includeFile() https://bugzilla.redhat.com/show_bug.cgi?id=1488939 [ 3 ] Bug #1488938 - CVE-2017-13741 liblouis: Use-after-free in the function compileBrailleIndicator() https://bugzilla.redhat.com/show_bug.cgi?id=1488938 [ 4 ] Bug #1488937 - CVE-2017-13740 liblouis: Stack-buffer overflow in the parseChars() function https://bugzilla.redhat.com/show_bug.cgi?id=1488937 [ 5 ] Bug #1488936 - CVE-2017-13739 liblouis: Heap-buffer overflow resulting in an out-of-bounds write in resolveSubtable() function https://bugzilla.redhat.com/show_bug.cgi?id=1488936 [ 6 ] Bug #1488935 - CVE-2017-13744 liblouis: Illegal address access in the _lou_getALine() function https://bugzilla.redhat.com/show_bug.cgi?id=1488935 [ 7 ] Bug #1488933 - CVE-2017-13738 liblouis: Illegal address access in the _lou_getALine function https://bugzilla.redhat.com/show_bug.cgi?id=1488933 -------------------------------------------------------------------------------- ================================================================================ libva-utils-1.8.3-2.fc26 (FEDORA-2017-bf6848e48f) Tools for VAAPI (including vainfo) -------------------------------------------------------------------------------- Update Information: Backport `--device` option from 2.0.0, so that GPUs other than primary can be queried. -------------------------------------------------------------------------------- ================================================================================ lynis-2.5.7-1.fc26 (FEDORA-2017-7a5e482592) Security and system auditing tool -------------------------------------------------------------------------------- Update Information: Update to 2.5.7 (rhbz #1508417) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508417 - lynis-2.5.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508417 -------------------------------------------------------------------------------- ================================================================================ macromilter-3.4.3-1.fc26 (FEDORA-2017-345e7a6724) Milter to check mails for suspicious Microsoft VBA macro code -------------------------------------------------------------------------------- Update Information: MacroMilter 3.4.3 ================= * Local information leak via log files (issue #18) * MacroMilter bypass with nested ZIP files (issue #19) * Error in macromilter.logrotate at Ubuntu (issue #21) * Some code review and better exception handling -------------------------------------------------------------------------------- ================================================================================ magic-8.1.191-1.fc26 (FEDORA-2017-8dd827da5e) A very capable VLSI layout tool -------------------------------------------------------------------------------- Update Information: New version 8.1.191 is released. -------------------------------------------------------------------------------- ================================================================================ mingw-glibmm24-2.54.1-1.fc26 (FEDORA-2017-9c0bfacd49) MinGW Windows C++ interface for GTK2 (a GUI library for X) -------------------------------------------------------------------------------- Update Information: - update to 2.54.1 to match native version -------------------------------------------------------------------------------- ================================================================================ mingw-polyclipping-6.4.2-1.fc26 (FEDORA-2017-38b5c98027) MinGW Windows Polygon clipping library -------------------------------------------------------------------------------- Update Information: - update to 6.4.2 to match native -------------------------------------------------------------------------------- ================================================================================ module-build-service-1.4.1-1.fc26 (FEDORA-2017-255c542986) The Module Build Service for Modularity -------------------------------------------------------------------------------- Update Information: Enhancements: * Add the ability to specify different rebuild methods * Don't allow a user to resubmit a module build that is already in the init * Changed the filters so they execute when everything is built * Handle module builds without components * Default to reverse ordering by ID in APIs * Use dogpile.cache to cache the default_buildroot_groups result * Log the original exception in consumer before trying to do anything else. Also commit the db.session before doing build.transition * Default verbose to false but present a lot more information when verbose is false * Schedule components based on build time * Try to reuse all components in the batch before starting it * Don't reassign the value of the modulemd when resuming a build * Remove unneeded build transition * Set 'time_modified' at module creation * Record components through the backend after module submission * Fix incorrect call to koji API. * Update the documentation * Default PATCH return value to be the extended_json like POST * Default verbose to on ordering by id in the module-builds API * allow any SCM URLs for local builds * Raise UnprocessableEntity instead of ValueError in pdc.py to forward the error message to Flask client. * added git option which will return correct return code * Remove old SSL config options. * Remove some code duplication in views.py -------------------------------------------------------------------------------- ================================================================================ mozilla-noscript-5.1.4-1.fc26 (FEDORA-2017-1483003cae) JavaScript white list extension for Mozilla Firefox -------------------------------------------------------------------------------- Update Information: v 5.1.4 ============================================================= * [Nightly] Fixed Import/Export Options button * Fixed bookmarlets broken when scripts globally allowed (thanks filip for reporting) * [Tor Browser] Fixed jumping icon on updates (ticket #23968) * [Surrogate] Better sandbox memory management * Removed special Add-ons manager uninstall warning hooks v 5.1.3 ============================================================= * [e10s] Fixed some bookmarklet / URL bar JavaScript emulation multi-process regressions * [Palemoon] Fixed NoScript button position not customizable on the first window (thanks yes_noscript for reporting) * Fixed bookmarklet execution subject to AllowURLBarJS too * Fixed Palemoon urlbar breakage on browser restart * [Whitelist] about:tabcrashed made mandatory (internal) v 5.1.2 ============================================================= * Fixed allowing scripts on one tab blocking them in other (torproject.org issue #23747, thanks cypherpunks for report) * Fixed startup sequence * [Whitelist] about:tabcrashed added to default whitelist * Added unlimitedStorage WebExtensions permissions for safer preferences migration * Fixed some restartless lifecycle quirks * Fixed toolbar button position changes across upgrades * Fixed NoScript release notes page shown upon restartless updates, rather than on next restart * Fixed Tor Browser's extension preference overrides ignored by NoScript * Fixed status bar not recognized on some browsers still supporting it * Work-around for the Tor Browser preventing NoScript from resolving its own UI's XML entities -------------------------------------------------------------------------------- References: [ 1 ] Bug #1504408 - mozilla-noscript-5.1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1504408 -------------------------------------------------------------------------------- ================================================================================ mpdris2-0.7-5.20171028git3c3fe12.fc26 (FEDORA-2017-865887c093) Provide MPRIS 2 support to mpd -------------------------------------------------------------------------------- Update Information: - New package - python-mpd2 - mpdris2 updated to use this -------------------------------------------------------------------------------- References: [ 1 ] Bug #1507235 - Review Request: python-mpd2 - Python library providing a client interface for MPD https://bugzilla.redhat.com/show_bug.cgi?id=1507235 [ 2 ] Bug #1404618 - mpdris2: Switch to Python 3 https://bugzilla.redhat.com/show_bug.cgi?id=1404618 [ 3 ] Bug #1389586 - mpdris2 should depend on python-mutagen https://bugzilla.redhat.com/show_bug.cgi?id=1389586 -------------------------------------------------------------------------------- ================================================================================ mscore-2.1.0-2.fc26 (FEDORA-2017-bed013bcba) Music Composition & Notation Software -------------------------------------------------------------------------------- Update Information: See https://musescore.org/en/developers-handbook/release-notes/release-notes- musescore-2.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1494954 - musescore included non-free score https://bugzilla.redhat.com/show_bug.cgi?id=1494954 [ 2 ] Bug #1461971 - Upgrade Musescore from version 2.0.3 to 2.1. https://bugzilla.redhat.com/show_bug.cgi?id=1461971 -------------------------------------------------------------------------------- ================================================================================ nfs-utils-2.1.1-6.rc6.fc26 (FEDORA-2017-9e682ac8e2) NFS utilities and supporting clients and daemons for the kernel NFS server -------------------------------------------------------------------------------- Update Information: updated to latest upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1478129 - rpc.idmapd fails to initialize libnfsidmap settings due to clashing conf file parsing routines https://bugzilla.redhat.com/show_bug.cgi?id=1478129 [ 2 ] Bug #1508206 - nfs-utils-2.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508206 -------------------------------------------------------------------------------- ================================================================================ nm-tray-0.3.0-2.fc26 (FEDORA-2017-08570ddc92) NetworkManager tray icon -------------------------------------------------------------------------------- Update Information: initial package, rhbz#1506011 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1506011 - Review Request: nm-tray - NetworkManager tray icon https://bugzilla.redhat.com/show_bug.cgi?id=1506011 -------------------------------------------------------------------------------- ================================================================================ ostree-2017.13-2.fc26 (FEDORA-2017-d952a211db) Tool for managing bootable, immutable filesystem trees -------------------------------------------------------------------------------- Update Information: https://github.com/ostreedev/ostree/releases/tag/v2017.13 -------------------------------------------------------------------------------- ================================================================================ otter-browser-0.9.92-0.1.rc2git97d18d8.fc26 (FEDORA-2017-2e9658c306) Web browser controlled by the user, not vice-versa -------------------------------------------------------------------------------- Update Information: - Update to 0.9.92-0.1.rc2git97d18d8 -------------------------------------------------------------------------------- ================================================================================ pcre-8.41-3.fc26 (FEDORA-2017-da5d015449) Perl-compatible regular expression library -------------------------------------------------------------------------------- Update Information: This release fixes recursion stack estimator and pcregrep tool to accept file names longer than 128 bytes in a recursive mode. -------------------------------------------------------------------------------- ================================================================================ pcre2-10.23-10.fc26 (FEDORA-2017-f10b769a7e) Perl-compatible regular expression library -------------------------------------------------------------------------------- Update Information: This release allows pcre2grep tool to accept file names longer than 128 bytes when running in a recursive mode. -------------------------------------------------------------------------------- ================================================================================ perl-Unicode-Collate-1.20-1.fc26 (FEDORA-2017-a2a52cf0f5) Unicode Collation Algorithm -------------------------------------------------------------------------------- Update Information: This release brings support for dsb and lkt locales. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1509149 - perl-Unicode-Collate-1.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1509149 -------------------------------------------------------------------------------- ================================================================================ php-cs-fixer-2.2.9-1.fc26 (FEDORA-2017-27fa052824) A tool to automatically fix PHP code style -------------------------------------------------------------------------------- Update Information: **Changelog for v2.2.9** * bug #3062 BraceClassInstantiationTransformer - Fix instantiation inside method call braces case (julienfalque, keradus) * bug #3083 SingleBlankLineBeforeNamespaceFixer - Fix handling namespace right after opening tag (mlocati) * bug #3109 SwitchCaseSemicolonToColonFixer - Fix bug with nested constructs (SpacePossum) * bug #3123 Cache - File permissions (SpacePossum) * bug #3172 IndentationTypeFixer - do not touch whitespace that is not indentation (SpacePossum) * bug #3176 NoMultilineWhitespaceBeforeSemicolonsFixer - SpaceAfterSemicolonFixer - priority fix (SpacePossum) * bug #3193 TokensAnalyzer::getClassyElements - sort result before returning (SpacePossum) * bug #3196 SelfUpdateCommand - fix exit status when can't determine newest version (julienfalque) * minor #3107 ConfigurationResolver - improve error message when rule is not found (SpacePossum) * minor #3113 Add WordMatcher (keradus) * minor #3133 Unify Reporter tests (keradus) * minor #3134 Allow Symfony 4 (keradus, garak) * minor #3136 PHPUnit - call hooks from parent class as well (keradus) * minor #3145 misc - Typo (localheinz) * minor #3150 Fix CircleCI (julienfalque) * minor #3151 Update gitattributes to ignore next file (keradus) * minor #3156 Update php-coveralls (keradus) * minor #3166 README - add link to new gitter channel. (SpacePossum) * minor #3174 Update UPGRADE.md (vitek-rostislav) * minor #3180 Fix usage of static variables (kubawerlos) * minor #3184 Code grooming - sort content of arrays (keradus) * minor #3191 Travis - add nightly build to allow_failures due to Travis issues (keradus) * minor #3197 DX groom CS (keradus) -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-diactoros-1.6.1-1.fc26 (FEDORA-2017-a500087c44) PSR HTTP Message implementations -------------------------------------------------------------------------------- Update Information: **Version 1.6.1** - 2017-10-12 * **Changed** - [#273](https://github.com/zendframework/zend-diactoros/pull/273) updates each of the SAPI emitter implementations to emit the status line after emitting other headers; this is done to ensure that the status line is not overridden by PHP. * **Fixed** - [#273](https://github.com/zendframework/zend- diactoros/pull/273) modifies how the `SapiEmitterTrait` calls `header()` to ensure that a response code is _always_ passed as the third argument; this is done to prevent PHP from silently overriding it. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-expressive-platesrenderer-1.3.2-1.fc26 (FEDORA-2017-c453ef6792) Plates integration for Expressive -------------------------------------------------------------------------------- Update Information: **Version 1.3.2** - 2017-11-01 * **Fixed** - [#25](https://github.com/zendframework/zend-expressive-platesrenderer/pull/25) modifies the `PlatesEngineFactory` such that it now skips injection of the `UrlExtension` if zend-expressive-helpers is not installed. This change allows usage of the package outside the Expressive ecosystem. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-modulemanager-2.8.1-1.fc26 (FEDORA-2017-db730ad9a3) Zend Framework ModuleManager component -------------------------------------------------------------------------------- Update Information: **Version 2.8.1** - 2017-11-01 * **Changed** - [#73](https://github.com/zendframework/zend-modulemanager/pull/73) modifies the `ModuleResolverListener` slightly. In [#5](https://github.com/zendframework /zend-modulemanager/pull/5), released in 2.8.0, we added the ability to use classes named after the module itself as a module class. However, in some specific cases, primarily when the module is a top-level namespace, this can lead to conflicts with globally-scoped classes. The patch in this release modifies the logic to first check if a `Module` class exists under the module namespace, and will use that; otherwise, it will then check if a class named after the namespace exists. Additionally, the class now implements a blacklist of specific classes known to be non-instantiable, including the `Generator` class shipped with the PHP language itself. -------------------------------------------------------------------------------- ================================================================================ pngquant-2.11.0-1.fc26 (FEDORA-2017-1a44e44752) PNG quantization tool for reducing image file size -------------------------------------------------------------------------------- Update Information: Update to version 2.11.0, see https://github.com/ImageOptim/libimagequant/blob/master/CHANGELOG for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508211 - libimagequant-2.11.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508211 -------------------------------------------------------------------------------- ================================================================================ psblas3-3.5.0-9.fc26 (FEDORA-2017-4605e211ee) Parallel Sparse Basic Linear Algebra Subroutines -------------------------------------------------------------------------------- Update Information: - New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1506949 - Review Request: psblas3 - Parallel Sparse Basic Linear Algebra Subroutines https://bugzilla.redhat.com/show_bug.cgi?id=1506949 -------------------------------------------------------------------------------- ================================================================================ pulseaudio-11.1-5.fc26 (FEDORA-2017-01e4375a1e) Improved Linux Sound Server -------------------------------------------------------------------------------- Update Information: Install dell-dock-tb16-usb-audio.conf, missing from previous packaging. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1492344 - Please add Dell TB16 audio configuration https://bugzilla.redhat.com/show_bug.cgi?id=1492344 -------------------------------------------------------------------------------- ================================================================================ pungi-4.1.20-1.fc26 (FEDORA-2017-349fb51b4d) Distribution compose tool -------------------------------------------------------------------------------- Update Information: This is mostly a bugfix and UX improvement release. Biggest changes are: * Configuration for image_build phase no longer requires specification of file extension for the generated image. * Error reporting for modular compose is improved. Pungi will also log all data retrieved from PDC. We now have support for new module naming policy using colon character as a delimiter. * Notifications on fedmsg contain more information about the compose (such as release name or compose label). * We now have Python 3 support. The package is still using Python 2, but all tests pass on both versions on Python and new contributions must be Python 3 compatible. Next release is expected to switch to Python 3 completely. * Number of cuncurrent createrepo processes and their worker threads can now be customized. * Lorax template arguments can be customized in the buildinstall phase. * When dependencies in the compose are not resolved and packages are taken from Koji, only a subset of the tag contents will be consumed to speed things up. * Target configuration for live images was modified to work similarly to other phases. * Ostree installer is now made before cloud images, so that the images can use ostree boot.iso. And a couple of minor fixes as well. -------------------------------------------------------------------------------- ================================================================================ python-ansible-tower-cli-3.2.0-1.fc26 (FEDORA-2017-92bd933d91) A CLI tool for Ansible Tower -------------------------------------------------------------------------------- Update Information: Upgrade to 3.2.0 -------------------------------------------------------------------------------- ================================================================================ python-geoip2-2.6.0-1.fc26 (FEDORA-2017-5f4f765331) MaxMind GeoIP2 API -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508191 - python-geoip2-v2.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508191 -------------------------------------------------------------------------------- ================================================================================ python-mpd2-0.5.5-4.fc26 (FEDORA-2017-865887c093) Python library providing a client interface for MPD -------------------------------------------------------------------------------- Update Information: - New package - python-mpd2 - mpdris2 updated to use this -------------------------------------------------------------------------------- References: [ 1 ] Bug #1507235 - Review Request: python-mpd2 - Python library providing a client interface for MPD https://bugzilla.redhat.com/show_bug.cgi?id=1507235 [ 2 ] Bug #1404618 - mpdris2: Switch to Python 3 https://bugzilla.redhat.com/show_bug.cgi?id=1404618 [ 3 ] Bug #1389586 - mpdris2 should depend on python-mutagen https://bugzilla.redhat.com/show_bug.cgi?id=1389586 -------------------------------------------------------------------------------- ================================================================================ python-podcastparser-0.6.2-1.fc26 (FEDORA-2017-6f1c66df5a) Simplified, fast RSS parsing library -------------------------------------------------------------------------------- Update Information: 0.6.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508427 - python-podcastparser-0.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508427 -------------------------------------------------------------------------------- ================================================================================ python-pytest-runner-3.0-1.fc26 (FEDORA-2017-35ce5f3cf9) Invoke py.test as distutils command with dependency resolution -------------------------------------------------------------------------------- Update Information: Update to 3.0 (#1508216) ---- Update to 2.12.1 (#1487972) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508216 - python-pytest-runner-3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508216 [ 2 ] Bug #1487972 - python-pytest-runner-2.12.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1487972 -------------------------------------------------------------------------------- ================================================================================ python2-2.7.14-2.fc26 (FEDORA-2017-d4bde2339f) An interpreted, interactive, object-oriented programming language -------------------------------------------------------------------------------- Update Information: Update to version 2.7.14 -------------------------------------------------------------------------------- ================================================================================ python2-docs-2.7.14-1.fc26 (FEDORA-2017-d4bde2339f) Documentation for the Python 2 programming language -------------------------------------------------------------------------------- Update Information: Update to version 2.7.14 -------------------------------------------------------------------------------- ================================================================================ python34-3.4.7-1.fc26 (FEDORA-2017-9a8f3c44cc) Version 3.4 of the Python programming language -------------------------------------------------------------------------------- Update Information: Update to 3.4.7 -------------------------------------------------------------------------------- ================================================================================ rho-0.0.29-1.fc26 (FEDORA-2017-9b0a875514) An SSH system profiler -------------------------------------------------------------------------------- Update Information: # Testing Rho To set up Rho, you create profiles that control how to run each scan. - Authentication profiles contain user credentials for a user with sufficient authority to complete the scan (for example, a root user or one with root-level access obtained through -sudo privilege escalation). - Network profiles contain network identifiers (for example, a hostname, IP address, or range of IP addresses) and the authentication profiles to be used for a scan. Complete the following steps, repeating them as necessary to access all parts of your environment that you want to scan: 1. Create at least one authentication profile with root-level access to Rho: ``` rho auth add --name auth_name --username root_name(--sshkeyfile key_file | --password) ``` a. At the Rho vault password prompt, create a new Rho vault password. This password is required to access the encrypted Rho data, such as authentication and network profiles, scan data, and other information. b. If you did not use the sshkeyfile option to provide an SSH key for the username value, enter the password of the user with root-level access at the connection password prompt. For example, for an authentication profile where the authentication profile name is roothost1, the user with root-level access is root, and the SSH key for the user is in the path ~/.ssh/id_rsa, you would enter the following command: ``` rho auth add --name roothost1 --username root --sshkeyfile ~/.ssh/id_rsa ``` You can also use the sudo-password option to create an authentication profile for a user with root-level access who requires a password to obtain this privilege. You can use the sudo-password option with either the sshkeyfile or the password option. For example, for an authentication profile where the authentication profile name is sudouser1, the user with root-level access is sysadmin, and the access is obtained through the password option, you would enter the following command: ``` rho auth add --name sudouser1 --username sysadmin --password --sudo-password ``` After you enter this command, you are prompted to enter two passwords. First, you would enter the connection password for the username user, and then you would enter the password for the sudo command. 2. Create at least one network profile that specifies one or more network identifiers, such as a host name, an IP address, a list of IP addresses, or an IP range, and one or more authentication profiles to be used for the scan: ``` rho profile add --name profile_name --hosts host_name_or_file --auth auth_name ``` For example, for a network profile where the name of the network profile is mynetwork, the network to be scanned is the 192.0.2.0/24 subnet, and the authentication profiles that are used to run the scan are roothost1 and roothost2, you would enter the following command: ``` rho profile add --name mynetwork --hosts 192.0.2.[1:254] --auth roothost1 roothost2 ``` You can also use a file to pass in the network identifiers. If you use a file to enter multiple network identifiers, such as multiple individual IP addresses, enter each on a single line. For example, for a network profile where the path to this file is /home/user1/hosts_file, you would enter the following command: ``` rho profile add --name mynetwork --hosts /home/user1/hosts_file --auth roothost1 roothost2 ``` # Running a scan Run the scan by using the scan command, specifying a network profile for the profile option and a location to store the output as a file in the comma-separated variables (CSV) format for the reportfile option: ``` rho scan --profile profile_name --reportfile filename.csv ``` For example, if you want to use the network profile mynetwork and save the report as mynetwork_scan1.csv, you would enter the following command: ``` rho scan --profile mynetwork --reportfile mynetwork_scan1.csv ``` -------------------------------------------------------------------------------- ================================================================================ rpkg-1.51-1.fc26 (FEDORA-2017-ea72793352) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information: **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command (cqi) - More Tests for mockbuild command (cqi) - More tests for getting spec file (cqi) - Tests for container-build-setup command (cqi) - Test for container- build to use custom config (cqi) - Suppress output from git command within setUp (cqi) - Skip test if rpmfluff is not available (lsedlar) - Allow to override build URL (cqi) - Test for mock-config command (cqi) - Tests for copr-build command (cqi) - Fix arch-override for container-build (lucarval) - Remove unsupported osbs for container-build (lucarval) - cli: add --arches support for koji_cointainerbuild (mlangsdo) - Strip refs/heads/ from branch only once (lsedlar) - Don't install bin and config files (cqi) - Fix kojiprofile selection in cliClient.container_build_koji (cqi) - Avoid branch detection for 'rpkg sources' (praiskup) - Fix encoding in new command (cqi) - Minor wording improvement in help (pgier) - Fix indentation (pviktori) - Add --with and --without options to mockbuild (pviktori) **fedpkg** - Tests for update command (cqi) - Add support for module commands (mprahl) - Clean rest cert related code (cqi) - Remove fedora cert (cqi) - Override build URL for Koji (cqi) - changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink) - Add tests (cqi) - Enable lookaside_namespaced - #130 (cqi) - Detect dist tag correctly for RHEL and CentOS - #141 (cqi) - Remove deprecated call to platform.dist (cqi) - Do not prompt hint for SSL cert if fail to log into Koji (cqi) - Add more container-build options to bash completion (cqi) - Remove osbs from bash completion - #138 (cqi) - Install executables via entry_points - #134 (cqi) - Fix container build target (lsedlar) - Get correct build target for rawhide containers (lsedlar) - Update error message to reflect deprecation of --dist option (pgier) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1188634 - fedpkg clone -a should use https:// transport https://bugzilla.redhat.com/show_bug.cgi?id=1188634 -------------------------------------------------------------------------------- ================================================================================ rpmgrill-0.32-1.fc26 (FEDORA-2017-464a021846) A utility for catching problems in koji builds -------------------------------------------------------------------------------- Update Information: Includes upstream pull request #22 -------------------------------------------------------------------------------- ================================================================================ skopeo-0.1.24-7.gitdd2c3e3.fc26 (FEDORA-2017-cbf83e5281) Inspect Docker images and repositories on registries -------------------------------------------------------------------------------- Update Information: Update to final 0.1.24 release. ---- Add override kernel check. ---- built commit 28d4e08 ---- built docker @projectatomic/docker-1.13.1 commit 790e958 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1479003 - skopeo-containers file conflict with inn https://bugzilla.redhat.com/show_bug.cgi?id=1479003 [ 2 ] Bug #1478843 - Package version 0.1.23-2.git1bbd87f has a file conflict with inn https://bugzilla.redhat.com/show_bug.cgi?id=1478843 [ 3 ] Bug #1504709 - oc cluster up fails with secrets added to skopeo-containers https://bugzilla.redhat.com/show_bug.cgi?id=1504709 [ 4 ] Bug #1481135 - skopeo man page should provide Fedora/RHEL compatible example https://bugzilla.redhat.com/show_bug.cgi?id=1481135 [ 5 ] Bug #1507679 - Docker default registry change breaks many default behaviors including docker.com tutorial https://bugzilla.redhat.com/show_bug.cgi?id=1507679 -------------------------------------------------------------------------------- ================================================================================ system-storage-manager-0.5-0.fc26 (FEDORA-2017-1bf9554907) A single tool to manage your storage -------------------------------------------------------------------------------- Update Information: New upstream stable version 0.5 -------------------------------------------------------------------------------- ================================================================================ v4l-utils-1.12.5-5.fc26 (FEDORA-2017-8477dfde52) Utilities for video4linux and DVB devices -------------------------------------------------------------------------------- Update Information: - Fix libv4lconvert failing on some hardware -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508706 - No longer works with USB webcam 19ff:0103 , error "Tried to capture in BGR3, but device returned format YUYV" https://bugzilla.redhat.com/show_bug.cgi?id=1508706 -------------------------------------------------------------------------------- ================================================================================ xrootd-4.7.1-1.fc26 (FEDORA-2017-d257573ac6) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: https://github.com/xrootd/xrootd/blob/v4.7.1/docs/ReleaseNotes.txt -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
