Fedora 27 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 27 Security updates need testing:
 Age  URL
  46  https://bodhi.fedoraproject.org/updates/FEDORA-2017-9fd430dba0   wireshark-2.4.2-1.fc27
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f76bf63612   qpid-cpp-1.36.0-8.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-78a4610238   mediawiki-1.29.2-2.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a20d92573b   couchdb-1.7.1-3.fc27 erlang-jiffy-0.14.13-1.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-612d3e009f   moodle-3.3.3-1.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c448cf31d6   transfig-3.2.6a-1.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-654136ee16   python-werkzeug-0.12.2-1.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-96d1995b70   openssh-7.6p1-2.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-dabf9a64d9   wildmidi-0.4.2-1.fc27
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c15b709e32   python-sanic-0.6.0-1.fc27
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2017-15efa72a0c   docker-1.13.1-44.git584d391.fc27
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2017-b891f919c5   xrdp-0.9.4-2.fc27
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2017-5dd46193e1   rb_libtorrent-1.1.5-1.fc27 qbittorrent-4.0.1-1.fc27
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1c0367d562   asterisk-14.7.2-1.fc27
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-355ac8a91a   linux-firmware-20171126-80.git17e62881.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ff25180888   exim-4.89-6.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-5dd9b12179   python-dulwich-0.18.6-1.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-913288e9a9   mongodb-3.4.10-1.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f47206eae4   collectd-5.8.0-2.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c8712c7fc3   fedora-arm-installer-2.1-1.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-9e6df1e099   erlang-19.3.6.4-1.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-fba4c155be   ca-certificates-2017.2.20-1.0.fc27
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-92a0ae09aa   kernel-4.13.16-300.fc27


The following Fedora 27 Critical Path updates have yet to be approved:
 Age URL
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2017-370293d5c3   libguestfs-1.37.34-1.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-6aae17af58   man-db-2.7.6.1-9.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-96d1995b70   openssh-7.6p1-2.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-50372d7dcf   pungi-4.1.20-3.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-504324a935   groff-1.22.3-12.fc27
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-97eab6fef7   sssd-1.16.0-4.fc27


The following builds have been pushed to Fedora 27 updates-testing

    acpica-tools-20171110-1.fc27
    ca-certificates-2017.2.20-1.0.fc27
    collectd-5.8.0-2.fc27
    container-selinux-2.36-1.fc27
    erlang-19.3.6.4-1.fc27
    fedora-arm-installer-2.1-1.fc27
    gap-pkg-digraphs-0.11.0-1.fc27
    kernel-4.13.16-300.fc27
    keychecker-1.0-3.fc27
    libinput-1.9.3-1.fc27
    mongodb-3.4.10-1.fc27
    ocaml-gen-0.5-1.fc27
    php-phpunit-File-Iterator-1.4.5-1.fc27
    php-phpunit-php-code-coverage5-5.2.4-1.fc27
    php-zendframework-zend-servicemanager-3.3.1-1.fc27
    pki-console-10.5.2-1.fc27
    pki-core-10.5.2-1.fc27
    ptpython-0.41-3.fc27
    python-j1m.sphinxautointerface-0.3.0-3.fc27
    python-pathlib2-2.3.0-1.fc27
    rkhunter-1.4.4-5.fc27
    uboot-tools-2017.09-5.fc27
    xorg-x11-drv-amdgpu-1.4.0-1.fc27

Details about builds:


================================================================================
 acpica-tools-20171110-1.fc27 (FEDORA-2017-0fe5159c98)
 ACPICA tools for the development and debug of ACPI tables
--------------------------------------------------------------------------------
Update Information:

1) ACPICA kernel-resident subsystem:  This release implements full support for
ACPI 6.2A:  *  NFIT - Added a new subtable, "Platform Capabilities Structure" *
No other changes to ACPICA were required, since ACPI 6.2A is primarily an errata
release of the specification.  Other ACPI table changes:  * IORT: Added the
SMMUv3 Device ID mapping index. Hanjun Guo * PPTT: Added cache attribute flag
definitions to actbl1.h. Jeremy  Linton  Utilities: Modified the string/integer
conversion functions to use  internal 64-bit divide support instead of a native
divide. On 32-bit  platforms, a 64-bit divide typically requires a library
function which  may not be present in the build (kernel or otherwise).
Implemented a targeted error message for timeouts returned from the  Embedded
Controller device driver. This is seen frequently enough to  special-case an
AE_TIME returned from an EC operation region access:     "Timeout from EC
hardware or EC device driver"  Changed the "ACPI Exception" message prefix to
"ACPI Error" so that all  runtime error messages have the identical prefix.   2)
iASL Compiler/Disassembler and Tools:  AcpiXtract: Fixed a problem with table
header detection within the  acpidump file. Processing a table could be ended
early if a 0x40 (@)  appears in the original binary table, resulting in the @
symbol appearing  in the decoded ASCII field at the end of the acpidump text
line. The  symbol caused acpixtract to incorrectly think it had reached the end
of  the current table and the beginning of a new table.  AcpiXtract: Added an
option (-f) to ignore some errors during table  extraction. This initial
implementation ignores non-ASCII and non- printable characters found in the
acpidump text file.  TestSuite(ASLTS)/AcpiExec: Fixed and restored the memory
usage statistics  for ASLTS. This feature is used to track memory allocations
from  different memory caches within the ACPICA code. At the end of an ASLTS
run, these memory statistics are recorded and stored in a log file.  Debugger
(user-space version): Implemented a simple "Background" command.  Creates a new
thread to execute a control method in the background, while  control returns to
the debugger prompt to allow additional commands.     Syntax: Background
<Namepath> [Arguments]
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1512138 - acpica-tools-20171110 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1512138
--------------------------------------------------------------------------------


================================================================================
 ca-certificates-2017.2.20-1.0.fc27 (FEDORA-2017-fba4c155be)
 The Mozilla CA root certificate bundle
--------------------------------------------------------------------------------
Update Information:

This is a cumulative update to the Mozilla CA certificates trust list version
2.20, which has been published as part of Mozilla NSS 3.34.1. It also includes
the changes that were previously released as version 2.18 as part of NSS 3.34.
For additional details, please refer to the release notes of NSS 3.34.1
https://developer.mozilla.org/en-
US/docs/Mozilla/Projects/NSS/NSS_3.34.1_release_notes ) and NSS 3.34
(https://developer.mozilla.org/en-
US/docs/Mozilla/Projects/NSS/NSS_3.34_release_notes ).
--------------------------------------------------------------------------------


================================================================================
 collectd-5.8.0-2.fc27 (FEDORA-2017-f47206eae4)
 Statistics collection daemon for filling RRD files
--------------------------------------------------------------------------------
Update Information:

Upstream released new version. See https://collectd.org/news.shtml#news106 for
the list of changes.  Fixes CVE-2017-16820 (double free in snmp plugin)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1516450 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1516450
  [ 2 ] Bug #1516449 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c [epel-6]
        https://bugzilla.redhat.com/show_bug.cgi?id=1516449
  [ 3 ] Bug #1516451 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1516451
--------------------------------------------------------------------------------


================================================================================
 container-selinux-2.36-1.fc27 (FEDORA-2017-27cf1ada3a)
 SELinux policies for container runtimes
--------------------------------------------------------------------------------
Update Information:

Fixes map issue when using chr_file devices. Allow containers to relabel all
container_file_t file classes
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1517690 - `mv` in container tries to remove the MCS part of SELinux context
        https://bugzilla.redhat.com/show_bug.cgi?id=1517690
  [ 2 ] Bug #1488406 - IPA container throws AVC when runnig docker exec
        https://bugzilla.redhat.com/show_bug.cgi?id=1488406
--------------------------------------------------------------------------------


================================================================================
 erlang-19.3.6.4-1.fc27 (FEDORA-2017-9e6df1e099)
 General-purpose programming language and runtime environment
--------------------------------------------------------------------------------
Update Information:

* Ver. 19.3.6.4
--------------------------------------------------------------------------------


================================================================================
 fedora-arm-installer-2.1-1.fc27 (FEDORA-2017-c8712c7fc3)
 Writes binary image files to any specified block device
--------------------------------------------------------------------------------
Update Information:

Update to 2.1  ----  Update to 2.0, Initial support for aarch64 images and
associated SBCs
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1464968 - CVE-2017-7496 fedora-arm-installer: Unsafe mount in /tmp allows privilege escalation
        https://bugzilla.redhat.com/show_bug.cgi?id=1464968
--------------------------------------------------------------------------------


================================================================================
 gap-pkg-digraphs-0.11.0-1.fc27 (FEDORA-2017-35afb6553b)
 GAP package for digraphs and multidigraphs
--------------------------------------------------------------------------------
Update Information:

This new package is a GAP package containing methods for graphs, digraphs, and
multidigraphs.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1478656 - Review Request: gap-pkg-digraphs - GAP package for digraphs and multidigraphs
        https://bugzilla.redhat.com/show_bug.cgi?id=1478656
--------------------------------------------------------------------------------


================================================================================
 kernel-4.13.16-300.fc27 (FEDORA-2017-92a0ae09aa)
 The Linux kernel
--------------------------------------------------------------------------------
Update Information:

The 4.13.16 update contains various fixes across the tree.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1516267 - CVE-2017-16649 kernel: Divide-by-zero in drivers/net/usb/cdc_ether.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1516267
  [ 2 ] Bug #1516265 - CVE-2017-16650 kernel: Divide-by-zero in drivers/net/usb/qmi_wwan.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1516265
  [ 3 ] Bug #1516273 - CVE-2017-16644 kernel: Improper error handling in drivers/media/usb/hdpvr/hdpvr-core.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1516273
  [ 4 ] Bug #1516270 - CVE-2017-16647 kernel: NULL pointer dereference in drivers/net/usb/asix_devices.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1516270
  [ 5 ] Bug #1518155 - CVE-2017-16994 kernel: mm/pagewalk.c:walk_hugetlb_range function mishandles holes in hugetlb ranges causing information leak
        https://bugzilla.redhat.com/show_bug.cgi?id=1518155
--------------------------------------------------------------------------------


================================================================================
 keychecker-1.0-3.fc27 (FEDORA-2017-30a3a64f86)
 Generate list of installed packages sorted by GPG key
--------------------------------------------------------------------------------
Update Information:

``` - Use python3 on Fedora - Add requirement for python rpm module - Properly
handle license file ```
--------------------------------------------------------------------------------


================================================================================
 libinput-1.9.3-1.fc27 (FEDORA-2017-647f60b202)
 Input device library
--------------------------------------------------------------------------------
Update Information:

libinput 1.9.3, fixes the stuck buttons caused by the debouncing code
--------------------------------------------------------------------------------


================================================================================
 mongodb-3.4.10-1.fc27 (FEDORA-2017-913288e9a9)
 High-performance, schema-free document-oriented database
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2017-15535  Update to latest minor release 3.4.10
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1516183 - CVE-2017-15535 mongodb: Invalid wire protocol compression
        https://bugzilla.redhat.com/show_bug.cgi?id=1516183
--------------------------------------------------------------------------------


================================================================================
 ocaml-gen-0.5-1.fc27 (FEDORA-2017-0be154757d)
 Simple, efficient iterators for OCaml
--------------------------------------------------------------------------------
Update Information:

Simple, efficient iterators for OCaml
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1468939 - Review Request: ocaml-gen - Simple, efficient iterators for OCaml
        https://bugzilla.redhat.com/show_bug.cgi?id=1468939
--------------------------------------------------------------------------------


================================================================================
 php-phpunit-File-Iterator-1.4.5-1.fc27 (FEDORA-2017-0cc0cd2a51)
 FilterIterator implementation that filters files based on a list of suffixes
--------------------------------------------------------------------------------
Update Information:

**Version 1.4.5** - 2017-11-27  * Fixed
[#37](https://github.com/sebastianbergmann/php-file-iterator/issues/37):
Regression caused by fix for [#30](https://github.com/sebastianbergmann/php-
file-iterator/issues/30)  ----  **Version 1.4.4** - 2017-11-27  * Fixed
[#30](https://github.com/sebastianbergmann/php-file-iterator/issues/30): Exclude
is not considered if it is a parent of the base path
--------------------------------------------------------------------------------


================================================================================
 php-phpunit-php-code-coverage5-5.2.4-1.fc27 (FEDORA-2017-50ac695e7f)
 PHP code coverage information
--------------------------------------------------------------------------------
Update Information:

**Version 5.2.4** - 2017-11-27  * Fixed
[#424](https://github.com/sebastianbergmann/php-code-coverage/issues/424): Rest
of a function or method is ignored after an anonymous function * Fixed
[#455](https://github.com/sebastianbergmann/php-code-coverage/issues/455):
Dashboard does not handle namespaced classes properly * Fixed
[#468](https://github.com/sebastianbergmann/php-code-coverage/issues/468):
Global functions are not properly counted * Fixed
[#560](https://github.com/sebastianbergmann/php-code-coverage/issues/560):
Uncovered whitelisted files are missing from the report
--------------------------------------------------------------------------------


================================================================================
 php-zendframework-zend-servicemanager-3.3.1-1.fc27 (FEDORA-2017-63bb30b967)
 Zend Framework ServiceManager component
--------------------------------------------------------------------------------
Update Information:

**Version 3.3.1** - 2017-11-27  * **Added**      -
[#201](https://github.com/zendframework/zend-servicemanager/pull/201) and
[#202](https://github.com/zendframework/zend-servicemanager/pull/202) add
support for PHP versions 7.1 and 7.2.  * **Fixed**      -
[#206](https://github.com/zendframework/zend-servicemanager/pull/206) fixes an
issue where by callables in `Class::method` notation were not being honored
under PHP 5.6.
--------------------------------------------------------------------------------


================================================================================
 pki-console-10.5.2-1.fc27 (FEDORA-2017-b785cf3120)
 Certificate System - PKI Console
--------------------------------------------------------------------------------
Update Information:

Re-base Dogtag to 10.5.2
--------------------------------------------------------------------------------


================================================================================
 pki-core-10.5.2-1.fc27 (FEDORA-2017-2c17e041f9)
 Certificate System - PKI Core Components
--------------------------------------------------------------------------------
Update Information:

Re-base Dogtag to 10.5.2
--------------------------------------------------------------------------------


================================================================================
 ptpython-0.41-3.fc27 (FEDORA-2017-90bd97bfeb)
 Python REPL build on top of prompt_toolkit
--------------------------------------------------------------------------------
Update Information:

``` - Re-rebuild for F27 ```
--------------------------------------------------------------------------------


================================================================================
 python-j1m.sphinxautointerface-0.3.0-3.fc27 (FEDORA-2017-ba0a4dffda)
 Sphinx extension for documenting zope.interface interfaces
--------------------------------------------------------------------------------
Update Information:

This sphinx extension provides an :rst:dir:autointerface directive for Zope
interfaces.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1435920 - Review Request: python-j1m.sphinxautointerface - Sphinx extension for documenting zope.interface interfaces
        https://bugzilla.redhat.com/show_bug.cgi?id=1435920
--------------------------------------------------------------------------------


================================================================================
 python-pathlib2-2.3.0-1.fc27 (FEDORA-2017-27f20c857b)
 Object-oriented filesystem paths
--------------------------------------------------------------------------------
Update Information:

New upstream version 2.3.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1410657 - pathlib2 missing dependency on six
        https://bugzilla.redhat.com/show_bug.cgi?id=1410657
--------------------------------------------------------------------------------


================================================================================
 rkhunter-1.4.4-5.fc27 (FEDORA-2017-3963fa646c)
 A host-based tool to scan for rootkits, backdoors and local exploits
--------------------------------------------------------------------------------
Update Information:

Add fix for new rpm queryformat and ARCH. Fixes bug #1517387
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1517387 - rkhunter --propupd delivering 100% missing hashes
        https://bugzilla.redhat.com/show_bug.cgi?id=1517387
--------------------------------------------------------------------------------


================================================================================
 uboot-tools-2017.09-5.fc27 (FEDORA-2017-ce2b4209d3)
 U-Boot utilities
--------------------------------------------------------------------------------
Update Information:

* Devicetree script should just exit on non DT platforms  * Fix MAC address on
OMAP Platforms to be static * Minor uEFI fix
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1507116 - uboot-tools installed on x86_64 prevents proper kernel uninstall
        https://bugzilla.redhat.com/show_bug.cgi?id=1507116
--------------------------------------------------------------------------------


================================================================================
 xorg-x11-drv-amdgpu-1.4.0-1.fc27 (FEDORA-2017-8a2afa1356)
 AMD GPU video driver
--------------------------------------------------------------------------------
Update Information:

Update to 1.4.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1518046 - [xorg-x11-drv-amdgpu] upgrade path downgrade
        https://bugzilla.redhat.com/show_bug.cgi?id=1518046
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux