The following Fedora 26 Security updates need testing: Age URL 141 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 70 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e6f4f95e6 ruby-2.4.2-84.fc26 33 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3915878e18 ldns-1.7.0-4.fc26 33 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f87ce166c5 chromium-62.0.3202.89-1.fc26 16 https://bodhi.fedoraproject.org/updates/FEDORA-2017-774e7863a4 mongodb-3.4.10-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7bac3ba7c3 qpid-cpp-1.37.0-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bce9e03721 tor-0.3.1.9-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5cdad4163 libvirt-3.2.1-7.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-018464cbf9 optipng-0.7.6-6.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d6402c8005 evince-3.24.2-2.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2d441a1d98 python26-2.6.9-7.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf8c62747a python35-3.5.4-2.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1dc71e1acd shellinabox-2.20-5.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e0abe14016 python34-3.4.7-2.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bf172b2035 lynx-2.8.9-0.20.dev16.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7fe2c4bc0e python33-3.3.7-2.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f3270406c libextractor-1.6-2.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-26c3ab48e4 wayland-1.13.0-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-38fbcdffc3 asterisk-13.18.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-80c6b4d3be sensible-utils-0.0.11-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-aa4cc10bde qt5-qtbase-5.9.2-6.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-16a414b3c5 xen-4.8.2-9.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2962e58478 heimdal-7.5.0-1.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5cdad4163 libvirt-3.2.1-7.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d2a756133 libsmbios-2.3.3-2.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b74d9063ca python2-2.7.14-4.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5ac57e518 selinux-policy-3.13.1-260.18.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-26c3ab48e4 wayland-1.13.0-3.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7ba1f5a232 kernel-4.14.5-200.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-16a414b3c5 xen-4.8.2-9.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b1ce6bb43a audit-2.8.2-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-aa4cc10bde qt5-qtbase-5.9.2-6.fc26 The following builds have been pushed to Fedora 26 updates-testing audit-2.8.2-1.fc26 avogadro2-1.90.0-7.fc26 avogadro2-libs-1.90.0-11.fc26 ckeditor-4.8.0-1.fc26 dpdk-17.02-3.fc26 drupal7-drafty-1.0-0.5.rc1.fc26 heimdal-7.5.0-1.fc26 julia-0.6.2-1.fc26 nordugrid-arc-5.4.2-1.fc26 nordugrid-arc-doc-2.0.19-1.fc26 perl-Algorithm-Loops-1.032-1.fc26 php-erusev-parsedown-1.6.4-1.fc26 php-jms-serializer-1.10.0-1.fc26 pymol-1.8.6-4.20170314svn4170.fc26 qt5-qtbase-5.9.2-6.fc26 qupzilla-2.2.2-1.fc26 rsyslog-8.31.0-2.fc26 spglib-1.10.2-1.fc26 waiverdb-0.4.0-2.fc26 xen-4.8.2-9.fc26 Details about builds: ================================================================================ audit-2.8.2-1.fc26 (FEDORA-2017-b1ce6bb43a) User space tools for 2.6 kernel auditing -------------------------------------------------------------------------------- Update Information: This is a bugfix release which updates tables to match the 4.14 kernel, fixes ipv6 socket binding, fixes auditctl --reset-lost command, corrects the expr_create_timestamp_comparison_ex function in libauparse, and fixes building on old systems without linux/fanotify.h. -------------------------------------------------------------------------------- ================================================================================ avogadro2-1.90.0-7.fc26 (FEDORA-2017-b87c69ab59) Advanced molecular editor -------------------------------------------------------------------------------- Update Information: - Update to spglib-1.10.2 - Fix dependencies -------------------------------------------------------------------------------- ================================================================================ avogadro2-libs-1.90.0-11.fc26 (FEDORA-2017-b87c69ab59) Avogadro2 libraries -------------------------------------------------------------------------------- Update Information: - Update to spglib-1.10.2 - Fix dependencies -------------------------------------------------------------------------------- ================================================================================ ckeditor-4.8.0-1.fc26 (FEDORA-2017-cf0ead6db8) WYSIWYG text editor to be used inside web pages -------------------------------------------------------------------------------- Update Information: ## CKEditor 4.8 ### Important Notes * [#1249](https://github.com/ckeditor /ckeditor-dev/issues/1249): Enabled the [Upload Image](https://ckeditor.com/cke4/addon/uploadimage) plugin by default in standard and full presets. Also, it will no longer log an error in case of missing [`config.imageUploadUrl`](https://docs.ckeditor.com/ckeditor4/docs/#!/ap i/CKEDITOR.config-cfg-imageUploadUrl) property. ### New Features * [#933](https://github.com/ckeditor/ckeditor-dev/issues/933): Introduced [Balloon Toolbar](https://ckeditor.com/cke4/addon/balloontoolbar) plugin. * [#662](https://github.com/ckeditor/ckeditor-dev/issues/662): Introduced image inlining for the [Paste from Word](https://ckeditor.com/cke4/addon/pastefromword) plugin. * [#468](https://github.com/ckeditor/ckeditor-dev/issues/468): [Edge] Introduced support for the Clipboard API. * [#607](https://github.com/ckeditor/ckeditor- dev/issues/607): Manually inserted Hex color is prefixed with a hash character (`#`) if needed. It ensures a valid Hex color value is used when setting the table cell border or background color with the [Color Dialog](https://ckeditor.com/cke4/addon/colordialog) window. * [#584](https://github.com/ckeditor/ckeditor-dev/issues/584): [Font size and Family](https://ckeditor.com/cke4/addon/font) and [Format](https://ckeditor.com/cke4/addon/format) drop-downs are not toggleable anymore. Default option to reset styles added. * [#856](https://github.com/ckeditor/ckeditor-dev/issues/856): Introduced the [`CK EDITOR.tools.keystrokeToArray`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/ CKEDITOR.tools-method-keystrokeToArray) method. It converts a keystroke into its string representation, returning every key name as a separate array element. * [#1053](https://github.com/ckeditor/ckeditor-dev/issues/1053): Introduced the [` CKEDITOR.tools.object.merge`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CK EDITOR.tools.object-method-merge) method. It allows to merge two objects, returning the new object with all properties from both objects deeply cloned. * [#1073](https://github.com/ckeditor/ckeditor-dev/issues/1073): Introduced the [` CKEDITOR.tools.array.every`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKE DITOR.tools.array-method-every) method. It invokes a given test function on every array element and returns `true` if all elements pass the test. ### Fixed Issues * [#796](https://github.com/ckeditor/ckeditor-dev/issues/796): Fixed: A list is pasted from OneNote in the reversed order. * [#834](https://github.com/ckeditor/ckeditor-dev/issues/834): [IE9-11] Fixed: The editor does not save the selected state of radio buttons inserted by the [Form Elements](https://ckeditor.com/cke4/addon/forms) plugin. * [#704](https://github.com/ckeditor/ckeditor-dev/issues/704): [Edge] Fixed: Using <kbd>Ctrl</kbd>/<kbd>Cmd</kbd> + <kbd>Z</kbd> breaks widget structure. * [#591](https://github.com/ckeditor/ckeditor-dev/issues/591): Fixed: A column is inserted in a wrong order inside the table if any cell has a vertical split. * [#787](https://github.com/ckeditor/ckeditor-dev/issues/787): Fixed: Using Cut inside a nested table does not cut the selected content. * [#842](https://github.com/ckeditor/ckeditor-dev/issues/842): Fixed: List style not restored when toggling list indent level in the [Indent List](https://ckeditor.com/cke4/addon/indentlist) plugin. * [#711](https://github.com/ckeditor/ckeditor-dev/issues/711): Fixed: Dragging widgets should only work with the left mouse button. * [#862](https://github.com/ckeditor/ckeditor-dev/issues/862): Fixed: The "Object Styles" group in the [Styles Combo](https://ckeditor.com/cke4/addon/stylescombo) plugin is visible only if the whole element is selected. * [#994](https://github.com/ckeditor/ckeditor-dev/pull/994): Fixed: Typo in the [` CKEDITOR.focusManager.focus`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CK EDITOR.focusManager-method-focus) API documentation. Thanks to [benjy](https://github.com/benjy)! * [#1014](https://github.com/ckeditor /ckeditor-dev/issues/1014): Fixed: The [Table Tools](https://ckeditor.com/cke4/addon/tabletools) Cell Properties dialog is now [Advanced Content Filter](https://docs.ckeditor.com/ckeditor4/docs/#!/guide/dev_acf) aware — it is not possible to change the cell width or height if corresponding styles are disabled. * [#877](https://github.com/ckeditor/ckeditor-dev/issues/877): Fixed: A list with custom bullets with exotic characters crashes the editor when [pasted from Word](https://ckeditor.com/cke4/addon/pastefromword). * [#605](https://github.com/ckeditor/ckeditor-dev/issues/605): Fixed: Inline widgets do not preserve trailing spaces. * [#1008](https://github.com/ckeditor /ckeditor-dev/issues/1008): Fixed: Shorthand Hex colors from the [`config.colorB utton_colors`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.config- cfg-colorButton_colors) option are not correctly highlighted in the [Color Button](https://ckeditor.com/cke4/addon/colorbutton) Text Color or Background Color panel. * [#1094](https://github.com/ckeditor/ckeditor-dev/issues/1094): Fixed: Widget definition [`upcast`](https://docs.ckeditor.com/ckeditor4/docs/#!/ api/CKEDITOR.plugins.widget.definition-property-upcasts) methods are called for every element. * [#1057](https://github.com/ckeditor/ckeditor-dev/issues/1057): Fixed: The [Notification](https://ckeditor.com/addon/notification) plugin overwrites Web Notifications API due to leakage to the global scope. * [#1068](https://github.com/ckeditor/ckeditor-dev/issues/1068): Fixed: Upload widget paste listener ignores changes to the [`uploadWidgetDefinition`](https:// docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.fileTools.uploadWidgetDefinitio n). * [#921](https://github.com/ckeditor/ckeditor-dev/issues/921): Fixed: [Edge] CKEditor erroneously perceives internal copy and paste as type "external". * [#1213](https://github.com/ckeditor/ckeditor-dev/issues/1213): Fixed: Multiple images uploaded using [Upload Image](https://ckeditor.com/cke4/addon/uploadimage) plugin are randomly duplicated or mangled. * [#532](https://github.com/ckeditor/ckeditor- dev/issues/532): Fixed: Removed an outdated user guide link from the [About](https://ckeditor.com/cke4/addon/about) dialog. * [#1221](https://github.com/ckeditor/ckeditor-dev/issues/1221): Fixed: Invalid CSS loaded by [Balloon Panel](https://ckeditor.com/cke4/addon/balloonpanel) plugin when [`config.skin`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.config- cfg-skin) is loaded using a custom path. * [#522](https://github.com/ckeditor /ckeditor-dev/issues/522): Fixed: Widget selection is not removed when widget is inside table cell with [Table Selection](https://ckeditor.com/cke4/addon/tableselection) plugin enabled. * [#1027](https://github.com/ckeditor/ckeditor-dev/issues/1027): Fixed: Cannot add multiple images to the table with [Table Selection](https://ckeditor.com/cke4/addon/tableselection) plugin in certain situations. * [#1069](https://github.com/ckeditor/ckeditor-dev/issues/1069): Fixed: Wrong shape processing by [Paste from Word](https://ckeditor.com/cke4/addon/pastefromword) plugin. * [#995](https://github.com/ckeditor/ckeditor-dev/issues/995): Fixed: Hyperlinked image gets inserted twice by [Paste from Word](https://ckeditor.com/cke4/addon/pastefromword) plugin. * [#1287](https://github.com/ckeditor/ckeditor-dev/issues/1287): Fixed: [Widget](https://ckeditor.com/cke4/addon/widget) plugin throws exception if included in editor build but not loaded into editor's instance. ### API Changes * [#1097](https://github.com/ckeditor/ckeditor-dev/issues/1097): Widget [`upcast `](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.plugins.widget .definition-property-upcast) methods are now called in the [widget definition's](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.plugins .widget-property-definition) context. * [#1118](https://github.com/ckeditor /ckeditor-dev/issues/1118): Added the `show` option in the [`balloonPanel.attach `](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.ui.balloonPanel- method-attach) method, allowing to attach a hidden [Balloon Panel](https://ckeditor.com/cke4/addon/balloonpanel) instance. * [#1145](https://github.com/ckeditor/ckeditor-dev/issues/1145): Added the [`skipN otifications`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.fileTool s.uploadWidgetDefinition-property-skipNotifications) option to the [`CKEDITOR.fi leTools.uploadWidgetDefinition`](https://docs.ckeditor.com/ckeditor4/docs/#!/api /CKEDITOR.fileTools.uploadWidgetDefinition), allowing to switch off default notifications displayed by upload widgets. ### Other Changes * [#815](https://github.com/ckeditor/ckeditor-dev/issues/815): Removed Node.js dependency from the CKEditor build script. * [#1041](https://github.com/ckeditor /ckeditor-dev/pull/1041), [#1131](https://github.com/ckeditor/ckeditor- dev/issues/1131): Updated URLs pointing to [CKSource](https://cksource.com/) and [CKEditor](https://ckeditor.com/) resources after the launch of new websites. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1525735 - ckeditor-4.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1525735 -------------------------------------------------------------------------------- ================================================================================ dpdk-17.02-3.fc26 (FEDORA-2017-ffea668db3) Set of libraries and drivers for fast packet processing -------------------------------------------------------------------------------- Update Information: Fix dangling symlinks -------------------------------------------------------------------------------- References: [ 1 ] Bug #1526051 - Broken links installing dpdk-tools https://bugzilla.redhat.com/show_bug.cgi?id=1526051 -------------------------------------------------------------------------------- ================================================================================ drupal7-drafty-1.0-0.5.rc1.fc26 (FEDORA-2017-85246d2c5a) Facilitates handling of draft revisions -------------------------------------------------------------------------------- Update Information: * [7.x-1.0-rc1](https://www.drupal.org/project/drafty/releases/7.x-1.0-rc1) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1511721 - drupal7-drafty-1.0-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1511721 -------------------------------------------------------------------------------- ================================================================================ heimdal-7.5.0-1.fc26 (FEDORA-2017-2962e58478) A Kerberos 5 implementation without export restrictions -------------------------------------------------------------------------------- Update Information: Update to 7.5.0 GA release (CVE-2017-17439) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1524546 - CVE-2017-17439 heimdal: NULL pointer dereference via crafted UDP packets https://bugzilla.redhat.com/show_bug.cgi?id=1524546 -------------------------------------------------------------------------------- ================================================================================ julia-0.6.2-1.fc26 (FEDORA-2017-6b2af86d61) High-level, high-performance dynamic language for technical computing -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-5.4.2-1.fc26 (FEDORA-2017-69913c6911) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: ARC Release 15.03u18 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-doc-2.0.19-1.fc26 (FEDORA-2017-69913c6911) Advanced Resource Connector Documentation -------------------------------------------------------------------------------- Update Information: ARC Release 15.03u18 -------------------------------------------------------------------------------- ================================================================================ perl-Algorithm-Loops-1.032-1.fc26 (FEDORA-2017-f5d200ddd4) Perl module for looping constructs -------------------------------------------------------------------------------- Update Information: Specfile autogenerated by cpanspec 1.78. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1522917 - Review Request: perl-Algorithm-Loops - Perl module for looping constructs https://bugzilla.redhat.com/show_bug.cgi?id=1522917 -------------------------------------------------------------------------------- ================================================================================ php-erusev-parsedown-1.6.4-1.fc26 (FEDORA-2017-8fa5664073) Markdown parser in PHP -------------------------------------------------------------------------------- Update Information: ## 1.6.4 Use `PHPUnit\Framework\TestCase` instead of `PHPUnit_Framework_TestCase` -------------------------------------------------------------------------------- References: [ 1 ] Bug #1513209 - php-erusev-parsedown-1.6.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1513209 -------------------------------------------------------------------------------- ================================================================================ php-jms-serializer-1.10.0-1.fc26 (FEDORA-2017-ebf7c3bf59) Library for (de-)serializing data of any complexity -------------------------------------------------------------------------------- Update Information: ## [1.10.0](https://github.com/schmittjoh/serializer/tree/1.10.0) **Implemented enhancements:** - support PSR-11 compatible DI containers [\#844](https://github.com/schmittjoh/serializer/pull/844) ([xabbuh](https://github.com/xabbuh)) **Closed issues:** - Serialize using jsonSerialize\(\) if object implements JsonSerializable [\#846](https://github.com/schmittjoh/serializer/issues/846) - ExclusionStrategy backward compatibility break [\#843](https://github.com/schmittjoh/serializer/issues/843) - @MaxDepth jms /serializer-bundle 2.2 [\#842](https://github.com/schmittjoh/serializer/issues/842) ## [1.9.2](https://github.com/schmittjoh/serializer/tree/1.9.2) (2017-11-22) **Fixed bugs:** - Missing ClassMetadata deserialization data [\#841](https://github.com/schmittjoh/serializer/pull/841) ([TristanMogwai](https://github.com/TristanMogwai)) **Closed issues:** - DateTime format documentation [\#836](https://github.com/schmittjoh/serializer/issues/836) - Deserialization not working with camelCase [\#831](https://github.com/schmittjoh/serializer/issues/831) **Merged pull requests:** - Fix documentation syntax errors on available types [\#839](https://github.com/schmittjoh/serializer/pull/839) ([andy- morgan](https://github.com/andy-morgan)) - Improve documentation about default DateTime format [\#838](https://github.com/schmittjoh/serializer/pull/838) ([enumag](https://github.com/enumag)) ## [1.9.1](https://github.com/schmittjoh/serializer/tree/1.9.1) (2017-10-27) **Fixed bugs:** - Dynamic exclusion strategy, Variable "object" is not valid [\#826](https://github.com/schmittjoh/serializer/issues/826) **Closed issues:** - Allow DateTime or Null [\#779](https://github.com/schmittjoh/serializer/issues/779) **Merged pull requests:** - Alow to use "object" var in expressions when deserializing [\#827](https://github.com/schmittjoh/serializer/pull/827) ([goetas](https://github.com/goetas)) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508429 - php-jms-serializer-1.10.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508429 -------------------------------------------------------------------------------- ================================================================================ pymol-1.8.6-4.20170314svn4170.fc26 (FEDORA-2017-61e54e396e) PyMOL Molecular Graphics System -------------------------------------------------------------------------------- Update Information: closes BZ 1359812, pull request https://src.fedoraproject.org/rpms/pymol/pull- request/1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359812 - pymol: pymol requires both Python 2 and Python 3 https://bugzilla.redhat.com/show_bug.cgi?id=1359812 -------------------------------------------------------------------------------- ================================================================================ qt5-qtbase-5.9.2-6.fc26 (FEDORA-2017-aa4cc10bde) Qt5 - QtBase components -------------------------------------------------------------------------------- Update Information: Security fix for QDnsLookup crash on unix when DNS response is over 512 bytes, see also https://bugreports.qt.io/browse/QTBUG-64742 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1518958 - qt5-qtbase: qt: Out of bounds read in QDnsLookup in src/network/kernel/qdnslookup_unix.cpp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1518958 -------------------------------------------------------------------------------- ================================================================================ qupzilla-2.2.2-1.fc26 (FEDORA-2017-e98506abb7) Modern web browser -------------------------------------------------------------------------------- Update Information: An update of QupZilla to the latest upstream bugfix release, version 2.2.2: * updated available user agent strings * added support for "font" option in AdBlock * fix showing irrelevant domain completions in locationbar * fix showing site icons on some systems * fix clearing visited links when clearing history * fix using system network proxy configuration * fix saving window geometry when closing app with Ctrl+Q shortcut * fix various issues with web page not being focused after restoring session * fix AutoScroll plugin not being able to scroll to all directions in some cases * add StartupWMClass to desktop file -------------------------------------------------------------------------------- ================================================================================ rsyslog-8.31.0-2.fc26 (FEDORA-2017-f95aa5ab0c) Enhanced system logging and kernel message trapping daemon -------------------------------------------------------------------------------- Update Information: Dependency change in mongodb module. added: mongo-c-driver-devel snappy-devel cyrus-sasl-devel removed: libmongo-client libmongo-client is depricated -------------------------------------------------------------------------------- ================================================================================ spglib-1.10.2-1.fc26 (FEDORA-2017-b87c69ab59) C library for finding and handling crystal symmetries -------------------------------------------------------------------------------- Update Information: - Update to spglib-1.10.2 - Fix dependencies -------------------------------------------------------------------------------- ================================================================================ waiverdb-0.4.0-2.fc26 (FEDORA-2017-86eaa9019e) Service for waiving results in ResultsDB -------------------------------------------------------------------------------- Update Information: Synchronize specfile with upstream. -------------------------------------------------------------------------------- ================================================================================ xen-4.8.2-9.fc26 (FEDORA-2017-16a414b3c5) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: another patch related to the [XSA-240, CVE-2017-15595] issue xen: various flaws (#1525018) x86 PV guests may gain access to internally used page [XSA-248] broken x86 shadow mode refcount overflow check [XSA-249] improper x86 shadow mode refcount error handling [XSA-250] improper bug check in x86 log-dirty handling [XSA-251] ---- xen: various flaws (#1518214) x86: infinite loop due to missing PoD error checking [XSA-246] Missing p2m error checking in PoD code [XSA-247] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1518656 - CVE-2017-17566 xsa248 xen: x86 PV guests may gain access to internally used pages (XSA-248) https://bugzilla.redhat.com/show_bug.cgi?id=1518656 [ 2 ] Bug #1518657 - CVE-2017-17563 xsa249 xen: broken x86 shadow mode refcount overflow check (XSA-249) https://bugzilla.redhat.com/show_bug.cgi?id=1518657 [ 3 ] Bug #1518658 - CVE-2017-17564 xsa250 xen: improper x86 shadow mode refcount error handling (XSA-250) https://bugzilla.redhat.com/show_bug.cgi?id=1518658 [ 4 ] Bug #1518659 - CVE-2017-17565 xsa251 xen: improper bug check in x86 log-dirty handling (XSA-251) https://bugzilla.redhat.com/show_bug.cgi?id=1518659 [ 5 ] Bug #1513335 - CVE-2017-17044 xsa246 xen: x86: infinite loop due to missing PoD error checking (XSA-246) https://bugzilla.redhat.com/show_bug.cgi?id=1513335 [ 6 ] Bug #1513336 - CVE-2017-17045 xsa247 xen: Missing p2m error checking in PoD code (XSA-247) https://bugzilla.redhat.com/show_bug.cgi?id=1513336 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
