The following Fedora 27 Security updates need testing: Age URL 46 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9fd430dba0 wireshark-2.4.2-1.fc27 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f76bf63612 qpid-cpp-1.36.0-8.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-78a4610238 mediawiki-1.29.2-2.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a20d92573b couchdb-1.7.1-3.fc27 erlang-jiffy-0.14.13-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-612d3e009f moodle-3.3.3-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c448cf31d6 transfig-3.2.6a-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-654136ee16 python-werkzeug-0.12.2-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-96d1995b70 openssh-7.6p1-2.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dabf9a64d9 wildmidi-0.4.2-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c15b709e32 python-sanic-0.6.0-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-15efa72a0c docker-1.13.1-44.git584d391.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b891f919c5 xrdp-0.9.4-2.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5dd46193e1 rb_libtorrent-1.1.5-1.fc27 qbittorrent-4.0.1-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1c0367d562 asterisk-14.7.2-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-355ac8a91a linux-firmware-20171126-80.git17e62881.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ff25180888 exim-4.89-6.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5dd9b12179 python-dulwich-0.18.6-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-913288e9a9 mongodb-3.4.10-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f47206eae4 collectd-5.8.0-2.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c8712c7fc3 fedora-arm-installer-2.1-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9e6df1e099 erlang-19.3.6.4-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fba4c155be ca-certificates-2017.2.20-1.0.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-92a0ae09aa kernel-4.13.16-300.fc27 The following Fedora 27 Critical Path updates have yet to be approved: Age URL 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-370293d5c3 libguestfs-1.37.34-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6aae17af58 man-db-2.7.6.1-9.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-96d1995b70 openssh-7.6p1-2.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-50372d7dcf pungi-4.1.20-3.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-504324a935 groff-1.22.3-12.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-97eab6fef7 sssd-1.16.0-4.fc27 The following builds have been pushed to Fedora 27 updates-testing acpica-tools-20171110-1.fc27 ca-certificates-2017.2.20-1.0.fc27 collectd-5.8.0-2.fc27 container-selinux-2.36-1.fc27 erlang-19.3.6.4-1.fc27 fedora-arm-installer-2.1-1.fc27 gap-pkg-digraphs-0.11.0-1.fc27 kernel-4.13.16-300.fc27 keychecker-1.0-3.fc27 libinput-1.9.3-1.fc27 mongodb-3.4.10-1.fc27 ocaml-gen-0.5-1.fc27 php-phpunit-File-Iterator-1.4.5-1.fc27 php-phpunit-php-code-coverage5-5.2.4-1.fc27 php-zendframework-zend-servicemanager-3.3.1-1.fc27 pki-console-10.5.2-1.fc27 pki-core-10.5.2-1.fc27 ptpython-0.41-3.fc27 python-j1m.sphinxautointerface-0.3.0-3.fc27 python-pathlib2-2.3.0-1.fc27 rkhunter-1.4.4-5.fc27 uboot-tools-2017.09-5.fc27 xorg-x11-drv-amdgpu-1.4.0-1.fc27 Details about builds: ================================================================================ acpica-tools-20171110-1.fc27 (FEDORA-2017-0fe5159c98) ACPICA tools for the development and debug of ACPI tables -------------------------------------------------------------------------------- Update Information: 1) ACPICA kernel-resident subsystem: This release implements full support for ACPI 6.2A: * NFIT - Added a new subtable, "Platform Capabilities Structure" * No other changes to ACPICA were required, since ACPI 6.2A is primarily an errata release of the specification. Other ACPI table changes: * IORT: Added the SMMUv3 Device ID mapping index. Hanjun Guo * PPTT: Added cache attribute flag definitions to actbl1.h. Jeremy Linton Utilities: Modified the string/integer conversion functions to use internal 64-bit divide support instead of a native divide. On 32-bit platforms, a 64-bit divide typically requires a library function which may not be present in the build (kernel or otherwise). Implemented a targeted error message for timeouts returned from the Embedded Controller device driver. This is seen frequently enough to special-case an AE_TIME returned from an EC operation region access: "Timeout from EC hardware or EC device driver" Changed the "ACPI Exception" message prefix to "ACPI Error" so that all runtime error messages have the identical prefix. 2) iASL Compiler/Disassembler and Tools: AcpiXtract: Fixed a problem with table header detection within the acpidump file. Processing a table could be ended early if a 0x40 (@) appears in the original binary table, resulting in the @ symbol appearing in the decoded ASCII field at the end of the acpidump text line. The symbol caused acpixtract to incorrectly think it had reached the end of the current table and the beginning of a new table. AcpiXtract: Added an option (-f) to ignore some errors during table extraction. This initial implementation ignores non-ASCII and non- printable characters found in the acpidump text file. TestSuite(ASLTS)/AcpiExec: Fixed and restored the memory usage statistics for ASLTS. This feature is used to track memory allocations from different memory caches within the ACPICA code. At the end of an ASLTS run, these memory statistics are recorded and stored in a log file. Debugger (user-space version): Implemented a simple "Background" command. Creates a new thread to execute a control method in the background, while control returns to the debugger prompt to allow additional commands. Syntax: Background <Namepath> [Arguments] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1512138 - acpica-tools-20171110 is available https://bugzilla.redhat.com/show_bug.cgi?id=1512138 -------------------------------------------------------------------------------- ================================================================================ ca-certificates-2017.2.20-1.0.fc27 (FEDORA-2017-fba4c155be) The Mozilla CA root certificate bundle -------------------------------------------------------------------------------- Update Information: This is a cumulative update to the Mozilla CA certificates trust list version 2.20, which has been published as part of Mozilla NSS 3.34.1. It also includes the changes that were previously released as version 2.18 as part of NSS 3.34. For additional details, please refer to the release notes of NSS 3.34.1 https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.34.1_release_notes ) and NSS 3.34 (https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.34_release_notes ). -------------------------------------------------------------------------------- ================================================================================ collectd-5.8.0-2.fc27 (FEDORA-2017-f47206eae4) Statistics collection daemon for filling RRD files -------------------------------------------------------------------------------- Update Information: Upstream released new version. See https://collectd.org/news.shtml#news106 for the list of changes. Fixes CVE-2017-16820 (double free in snmp plugin) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1516450 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1516450 [ 2 ] Bug #1516449 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1516449 [ 3 ] Bug #1516451 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1516451 -------------------------------------------------------------------------------- ================================================================================ container-selinux-2.36-1.fc27 (FEDORA-2017-27cf1ada3a) SELinux policies for container runtimes -------------------------------------------------------------------------------- Update Information: Fixes map issue when using chr_file devices. Allow containers to relabel all container_file_t file classes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1517690 - `mv` in container tries to remove the MCS part of SELinux context https://bugzilla.redhat.com/show_bug.cgi?id=1517690 [ 2 ] Bug #1488406 - IPA container throws AVC when runnig docker exec https://bugzilla.redhat.com/show_bug.cgi?id=1488406 -------------------------------------------------------------------------------- ================================================================================ erlang-19.3.6.4-1.fc27 (FEDORA-2017-9e6df1e099) General-purpose programming language and runtime environment -------------------------------------------------------------------------------- Update Information: * Ver. 19.3.6.4 -------------------------------------------------------------------------------- ================================================================================ fedora-arm-installer-2.1-1.fc27 (FEDORA-2017-c8712c7fc3) Writes binary image files to any specified block device -------------------------------------------------------------------------------- Update Information: Update to 2.1 ---- Update to 2.0, Initial support for aarch64 images and associated SBCs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1464968 - CVE-2017-7496 fedora-arm-installer: Unsafe mount in /tmp allows privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=1464968 -------------------------------------------------------------------------------- ================================================================================ gap-pkg-digraphs-0.11.0-1.fc27 (FEDORA-2017-35afb6553b) GAP package for digraphs and multidigraphs -------------------------------------------------------------------------------- Update Information: This new package is a GAP package containing methods for graphs, digraphs, and multidigraphs. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1478656 - Review Request: gap-pkg-digraphs - GAP package for digraphs and multidigraphs https://bugzilla.redhat.com/show_bug.cgi?id=1478656 -------------------------------------------------------------------------------- ================================================================================ kernel-4.13.16-300.fc27 (FEDORA-2017-92a0ae09aa) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.13.16 update contains various fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1516267 - CVE-2017-16649 kernel: Divide-by-zero in drivers/net/usb/cdc_ether.c https://bugzilla.redhat.com/show_bug.cgi?id=1516267 [ 2 ] Bug #1516265 - CVE-2017-16650 kernel: Divide-by-zero in drivers/net/usb/qmi_wwan.c https://bugzilla.redhat.com/show_bug.cgi?id=1516265 [ 3 ] Bug #1516273 - CVE-2017-16644 kernel: Improper error handling in drivers/media/usb/hdpvr/hdpvr-core.c https://bugzilla.redhat.com/show_bug.cgi?id=1516273 [ 4 ] Bug #1516270 - CVE-2017-16647 kernel: NULL pointer dereference in drivers/net/usb/asix_devices.c https://bugzilla.redhat.com/show_bug.cgi?id=1516270 [ 5 ] Bug #1518155 - CVE-2017-16994 kernel: mm/pagewalk.c:walk_hugetlb_range function mishandles holes in hugetlb ranges causing information leak https://bugzilla.redhat.com/show_bug.cgi?id=1518155 -------------------------------------------------------------------------------- ================================================================================ keychecker-1.0-3.fc27 (FEDORA-2017-30a3a64f86) Generate list of installed packages sorted by GPG key -------------------------------------------------------------------------------- Update Information: ``` - Use python3 on Fedora - Add requirement for python rpm module - Properly handle license file ``` -------------------------------------------------------------------------------- ================================================================================ libinput-1.9.3-1.fc27 (FEDORA-2017-647f60b202) Input device library -------------------------------------------------------------------------------- Update Information: libinput 1.9.3, fixes the stuck buttons caused by the debouncing code -------------------------------------------------------------------------------- ================================================================================ mongodb-3.4.10-1.fc27 (FEDORA-2017-913288e9a9) High-performance, schema-free document-oriented database -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-15535 Update to latest minor release 3.4.10 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1516183 - CVE-2017-15535 mongodb: Invalid wire protocol compression https://bugzilla.redhat.com/show_bug.cgi?id=1516183 -------------------------------------------------------------------------------- ================================================================================ ocaml-gen-0.5-1.fc27 (FEDORA-2017-0be154757d) Simple, efficient iterators for OCaml -------------------------------------------------------------------------------- Update Information: Simple, efficient iterators for OCaml -------------------------------------------------------------------------------- References: [ 1 ] Bug #1468939 - Review Request: ocaml-gen - Simple, efficient iterators for OCaml https://bugzilla.redhat.com/show_bug.cgi?id=1468939 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-File-Iterator-1.4.5-1.fc27 (FEDORA-2017-0cc0cd2a51) FilterIterator implementation that filters files based on a list of suffixes -------------------------------------------------------------------------------- Update Information: **Version 1.4.5** - 2017-11-27 * Fixed [#37](https://github.com/sebastianbergmann/php-file-iterator/issues/37): Regression caused by fix for [#30](https://github.com/sebastianbergmann/php- file-iterator/issues/30) ---- **Version 1.4.4** - 2017-11-27 * Fixed [#30](https://github.com/sebastianbergmann/php-file-iterator/issues/30): Exclude is not considered if it is a parent of the base path -------------------------------------------------------------------------------- ================================================================================ php-phpunit-php-code-coverage5-5.2.4-1.fc27 (FEDORA-2017-50ac695e7f) PHP code coverage information -------------------------------------------------------------------------------- Update Information: **Version 5.2.4** - 2017-11-27 * Fixed [#424](https://github.com/sebastianbergmann/php-code-coverage/issues/424): Rest of a function or method is ignored after an anonymous function * Fixed [#455](https://github.com/sebastianbergmann/php-code-coverage/issues/455): Dashboard does not handle namespaced classes properly * Fixed [#468](https://github.com/sebastianbergmann/php-code-coverage/issues/468): Global functions are not properly counted * Fixed [#560](https://github.com/sebastianbergmann/php-code-coverage/issues/560): Uncovered whitelisted files are missing from the report -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-servicemanager-3.3.1-1.fc27 (FEDORA-2017-63bb30b967) Zend Framework ServiceManager component -------------------------------------------------------------------------------- Update Information: **Version 3.3.1** - 2017-11-27 * **Added** - [#201](https://github.com/zendframework/zend-servicemanager/pull/201) and [#202](https://github.com/zendframework/zend-servicemanager/pull/202) add support for PHP versions 7.1 and 7.2. * **Fixed** - [#206](https://github.com/zendframework/zend-servicemanager/pull/206) fixes an issue where by callables in `Class::method` notation were not being honored under PHP 5.6. -------------------------------------------------------------------------------- ================================================================================ pki-console-10.5.2-1.fc27 (FEDORA-2017-b785cf3120) Certificate System - PKI Console -------------------------------------------------------------------------------- Update Information: Re-base Dogtag to 10.5.2 -------------------------------------------------------------------------------- ================================================================================ pki-core-10.5.2-1.fc27 (FEDORA-2017-2c17e041f9) Certificate System - PKI Core Components -------------------------------------------------------------------------------- Update Information: Re-base Dogtag to 10.5.2 -------------------------------------------------------------------------------- ================================================================================ ptpython-0.41-3.fc27 (FEDORA-2017-90bd97bfeb) Python REPL build on top of prompt_toolkit -------------------------------------------------------------------------------- Update Information: ``` - Re-rebuild for F27 ``` -------------------------------------------------------------------------------- ================================================================================ python-j1m.sphinxautointerface-0.3.0-3.fc27 (FEDORA-2017-ba0a4dffda) Sphinx extension for documenting zope.interface interfaces -------------------------------------------------------------------------------- Update Information: This sphinx extension provides an :rst:dir:autointerface directive for Zope interfaces. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1435920 - Review Request: python-j1m.sphinxautointerface - Sphinx extension for documenting zope.interface interfaces https://bugzilla.redhat.com/show_bug.cgi?id=1435920 -------------------------------------------------------------------------------- ================================================================================ python-pathlib2-2.3.0-1.fc27 (FEDORA-2017-27f20c857b) Object-oriented filesystem paths -------------------------------------------------------------------------------- Update Information: New upstream version 2.3.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1410657 - pathlib2 missing dependency on six https://bugzilla.redhat.com/show_bug.cgi?id=1410657 -------------------------------------------------------------------------------- ================================================================================ rkhunter-1.4.4-5.fc27 (FEDORA-2017-3963fa646c) A host-based tool to scan for rootkits, backdoors and local exploits -------------------------------------------------------------------------------- Update Information: Add fix for new rpm queryformat and ARCH. Fixes bug #1517387 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1517387 - rkhunter --propupd delivering 100% missing hashes https://bugzilla.redhat.com/show_bug.cgi?id=1517387 -------------------------------------------------------------------------------- ================================================================================ uboot-tools-2017.09-5.fc27 (FEDORA-2017-ce2b4209d3) U-Boot utilities -------------------------------------------------------------------------------- Update Information: * Devicetree script should just exit on non DT platforms * Fix MAC address on OMAP Platforms to be static * Minor uEFI fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1507116 - uboot-tools installed on x86_64 prevents proper kernel uninstall https://bugzilla.redhat.com/show_bug.cgi?id=1507116 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-amdgpu-1.4.0-1.fc27 (FEDORA-2017-8a2afa1356) AMD GPU video driver -------------------------------------------------------------------------------- Update Information: Update to 1.4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1518046 - [xorg-x11-drv-amdgpu] upgrade path downgrade https://bugzilla.redhat.com/show_bug.cgi?id=1518046 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
