The following Fedora 27 Security updates need testing: Age URL 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-15efa72a0c docker-1.13.1-44.git584d391.fc27 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-913288e9a9 mongodb-3.4.10-1.fc27 19 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d7c0748c1b pdns-4.1.0-1.fc27 19 https://bodhi.fedoraproject.org/updates/FEDORA-2017-14f5c6cdac qpid-cpp-1.37.0-1.fc27 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2e5a17c4cc python33-3.3.7-2.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8a9862f4b7 php-symfony4-4.0.1-1.fc27 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-66e9367f7e asterisk-14.7.4-1.fc27 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0e5ad250c heimdal-7.5.0-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-20b18a4ffe json-c-0.12.1-5.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2645aa935 chromium-63.0.3239.108-1.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2eefd424bd python-mistune-0.8.3-1.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01ad8b3946 heketi-5.0.1-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-06b373d942 webkitgtk4-2.18.4-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3997279e65 wireshark-2.4.3-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1ebb87e7c0 kernel-4.14.8-300.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-54288fb74e thunderbird-enigmail-1.9.9-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fd9462d9ef global-6.5.7-4.fc27 The following builds have been pushed to Fedora 27 updates-testing R-reshape2-1.4.3-1.fc27 autofs-5.1.4-4.fc27 cmake-3.10.1-4.fc27 createrepo_c-0.10.0-15.fc27 gdeploy-2.0.7-1.fc27 global-6.5.7-4.fc27 gnome-pkg-tools-0.20.0-1.fc27 google-noto-cjk-fonts-20170602-4.fc27 kjots-5.0.2-7.fc27 libcouchbase-2.8.4-2.fc27 libiio-0.12-1.fc27 libmediainfo-17.12-1.fc27 libqb-1.0.3-1.fc27 mediaconch-17.12-1.fc27 mediainfo-17.12-1.fc27 naver-nanum-fonts-3.020-19.20140930.fc27 naver-nanum-gothic-coding-fonts-2.000-9.fc27 ocaml-oasis-0.4.10-3.fc27 openqa-4.5-3.20171220gitbe13358.fc27 os-autoinst-4.5-1.20171220git25191d5.fc27 perl-CPAN-Perl-Releases-3.44-1.fc27 perl-Module-CoreList-5.20171220-1.fc27 perl-Module-Manifest-1.09-1.fc27 perl-Mojolicious-Plugin-AssetPack-2.01-1.fc27 perl-Time-HiRes-1.9749-1.fc27 python-keyring-10.5.1-1.fc27 python-pytest-vcr-0.3.0-2.fc27 qemu-2.10.1-2.fc27 redhat-rpm-config-67-2.fc27 thunderbird-enigmail-1.9.9-1.fc27 Details about builds: ================================================================================ R-reshape2-1.4.3-1.fc27 (FEDORA-2017-1fd4b4cb90) Flexibly Reshape Data: A Reboot of the Reshape Package -------------------------------------------------------------------------------- Update Information: Update to latest version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528498 - R-reshape2-1.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1528498 -------------------------------------------------------------------------------- ================================================================================ autofs-5.1.4-4.fc27 (FEDORA-2017-eda74692fc) A tool for automatically mounting and unmounting filesystems -------------------------------------------------------------------------------- Update Information: - fix use after free in do_master_list_reset(). ---- - this release (5.1.4) fixes a couple of regressions in 5.1.3. - it also improves the network not available at startup problem that users have seen. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1523866 - autofs with NIS logs add_host_addrs: hostname lookup failed: Name or service not known/No address associated with hostname https://bugzilla.redhat.com/show_bug.cgi?id=1523866 [ 2 ] Bug #1514506 - -D variable expansion broken on 1:5.1.3-4.fc27 https://bugzilla.redhat.com/show_bug.cgi?id=1514506 [ 3 ] Bug #1409103 - autofs cannot mount samba/cifs shares that end with a dollar sign https://bugzilla.redhat.com/show_bug.cgi?id=1409103 [ 4 ] Bug #1500027 - Drop preventing bind mounts when port is specified https://bugzilla.redhat.com/show_bug.cgi?id=1500027 [ 5 ] Bug #698449 - [RFE] Add optional nss map read retries https://bugzilla.redhat.com/show_bug.cgi?id=698449 -------------------------------------------------------------------------------- ================================================================================ cmake-3.10.1-4.fc27 (FEDORA-2017-3935cb7492) Cross-platform make system -------------------------------------------------------------------------------- Update Information: ## CMake: - Move rpm macros to own subpackage ## Redhat-rpm-config: - Add `Requires: cmake-rpm-macros` for CMake auto-{provides,requires} -------------------------------------------------------------------------------- References: [ 1 ] Bug #1498894 - Non-bootstraped build can miss cmake() Provides https://bugzilla.redhat.com/show_bug.cgi?id=1498894 -------------------------------------------------------------------------------- ================================================================================ createrepo_c-0.10.0-15.fc27 (FEDORA-2017-abd7416fe7) Creates a common metadata repository -------------------------------------------------------------------------------- Update Information: Backport fix for RHBZ#1380012 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380012 - BZ2 files are not closed when done https://bugzilla.redhat.com/show_bug.cgi?id=1380012 -------------------------------------------------------------------------------- ================================================================================ gdeploy-2.0.7-1.fc27 (FEDORA-2017-3f058f7e8e) Tool to deploy and manage GlusterFS cluster -------------------------------------------------------------------------------- Update Information: ctdb and regex related bugfixes ---- Add vdo support to gdeploy ---- Add geo-replication support to gdeploy ---- Remove the multiple display support, broken in Ansible-2.4 -------------------------------------------------------------------------------- ================================================================================ global-6.5.7-4.fc27 (FEDORA-2017-fd9462d9ef) Source code tag system -------------------------------------------------------------------------------- Update Information: Security fix for [PUT CVEs HERE] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528415 - CVE-2017-17531 global: Command injection in gozilla.c https://bugzilla.redhat.com/show_bug.cgi?id=1528415 -------------------------------------------------------------------------------- ================================================================================ gnome-pkg-tools-0.20.0-1.fc27 (FEDORA-2017-e9160937cb) Tools for the Debian GNOME Packaging Team -------------------------------------------------------------------------------- Update Information: Update to version 0.20.0, see http://metadata.ftp- master.debian.org/changelogs/main/g/gnome-pkg-tools/gnome-pkg- tools_0.20.0_changelog for details. -------------------------------------------------------------------------------- ================================================================================ google-noto-cjk-fonts-20170602-4.fc27 (FEDORA-2017-00edb729a2) Google Noto Sans CJK Fonts -------------------------------------------------------------------------------- Update Information: Include more fonts and sub package fonts -------------------------------------------------------------------------------- ================================================================================ kjots-5.0.2-7.fc27 (FEDORA-2017-744b79a9e1) KDE Notes application -------------------------------------------------------------------------------- Update Information: Rebuild for kde pim-17.12.x -------------------------------------------------------------------------------- ================================================================================ libcouchbase-2.8.4-2.fc27 (FEDORA-2017-cd0476631d) Client and protocol library for the Couchbase project -------------------------------------------------------------------------------- Update Information: Update to 2.8.4 -------------------------------------------------------------------------------- ================================================================================ libiio-0.12-1.fc27 (FEDORA-2017-d34857a882) Library for Industrial IO -------------------------------------------------------------------------------- Update Information: Update to 0.12 -------------------------------------------------------------------------------- ================================================================================ libmediainfo-17.12-1.fc27 (FEDORA-2017-c282a0a31d) Library for supplies technical and tag information about a video or audio file -------------------------------------------------------------------------------- Update Information: Update to 17.12. -------------------------------------------------------------------------------- ================================================================================ libqb-1.0.3-1.fc27 (FEDORA-2017-6aac5ee27d) An IPC library for high performance servers -------------------------------------------------------------------------------- Update Information: - Update to libqb-1.0.3, for list of changes see: https://github.com/ClusterLabs/libqb/releases/tag/v1.0.3 - Make -devel package dependency on the main package arch-qualified -------------------------------------------------------------------------------- ================================================================================ mediaconch-17.12-1.fc27 (FEDORA-2017-c282a0a31d) Most relevant technical and tag data for video and audio files (CLI) -------------------------------------------------------------------------------- Update Information: Update to 17.12. -------------------------------------------------------------------------------- ================================================================================ mediainfo-17.12-1.fc27 (FEDORA-2017-c282a0a31d) Supplies technical and tag information about a video or audio file (CLI) -------------------------------------------------------------------------------- Update Information: Update to 17.12. -------------------------------------------------------------------------------- ================================================================================ naver-nanum-fonts-3.020-19.20140930.fc27 (FEDORA-2017-e15543dadc) Nanum family of Korean TrueType fonts -------------------------------------------------------------------------------- Update Information: Obsoletes nhn-nanum-gothic-light-fonts -------------------------------------------------------------------------------- ================================================================================ naver-nanum-gothic-coding-fonts-2.000-9.fc27 (FEDORA-2017-dbfe23fb09) Nanum Gothic Coding family of Korean TrueType fonts -------------------------------------------------------------------------------- Update Information: Renamed from nhn-nanum-gothic-coding-fonts -------------------------------------------------------------------------------- References: [ 1 ] Bug #1525860 - Review Request: naver-nanum-gothic-coding-fonts - Nanum Gothic Coding family of Korean TrueType fonts https://bugzilla.redhat.com/show_bug.cgi?id=1525860 -------------------------------------------------------------------------------- ================================================================================ ocaml-oasis-0.4.10-3.fc27 (FEDORA-2017-1b7266f53e) Tooling for building OCaml libraries and applications -------------------------------------------------------------------------------- Update Information: Tooling for building OCaml libraries and applications -------------------------------------------------------------------------------- References: [ 1 ] Bug #1513290 - Review Request: ocaml-oasis - Tooling for building OCaml libraries and applications https://bugzilla.redhat.com/show_bug.cgi?id=1513290 -------------------------------------------------------------------------------- ================================================================================ openqa-4.5-3.20171220gitbe13358.fc27 (FEDORA-2017-3baf6dc7e4) OS-level automated testing framework -------------------------------------------------------------------------------- Update Information: This update provides the latest git snapshots of both os-autoinst and openQA, with many changes and enhancements. See the upstream commit logs for more details. -------------------------------------------------------------------------------- ================================================================================ os-autoinst-4.5-1.20171220git25191d5.fc27 (FEDORA-2017-3baf6dc7e4) OS-level test automation -------------------------------------------------------------------------------- Update Information: This update provides the latest git snapshots of both os-autoinst and openQA, with many changes and enhancements. See the upstream commit logs for more details. -------------------------------------------------------------------------------- ================================================================================ perl-CPAN-Perl-Releases-3.44-1.fc27 (FEDORA-2017-7a80eaddbd) Mapping Perl releases on CPAN to the location of the tarballs -------------------------------------------------------------------------------- Update Information: This release provides data about Perl 5.27.7 release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528276 - perl-CPAN-Perl-Releases-3.44 is available https://bugzilla.redhat.com/show_bug.cgi?id=1528276 -------------------------------------------------------------------------------- ================================================================================ perl-Module-CoreList-5.20171220-1.fc27 (FEDORA-2017-586f0eac44) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information: This release provides data about Perl 5.27.7 release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528483 - perl-Module-CoreList-5.20171220 is available https://bugzilla.redhat.com/show_bug.cgi?id=1528483 -------------------------------------------------------------------------------- ================================================================================ perl-Module-Manifest-1.09-1.fc27 (FEDORA-2017-de55bf602f) Parse and examine a Perl distribution MANIFEST file -------------------------------------------------------------------------------- Update Information: This release improves documentation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528090 - perl-Module-Manifest-1.09 is available https://bugzilla.redhat.com/show_bug.cgi?id=1528090 -------------------------------------------------------------------------------- ================================================================================ perl-Mojolicious-Plugin-AssetPack-2.01-1.fc27 (FEDORA-2017-3baf6dc7e4) Compress and convert CSS, Less, Sass, JavaScript and CoffeeScript files -------------------------------------------------------------------------------- Update Information: This update provides the latest git snapshots of both os-autoinst and openQA, with many changes and enhancements. See the upstream commit logs for more details. -------------------------------------------------------------------------------- ================================================================================ perl-Time-HiRes-1.9749-1.fc27 (FEDORA-2017-a3ec3e670c) High resolution alarm, sleep, gettimeofday, interval timers -------------------------------------------------------------------------------- Update Information: This release fixes some compiler warnings, improves tests, compatbility with developmental Perl and with some compilers. It also corrects tests. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528493 - perl-Time-HiRes-1.9749 is available https://bugzilla.redhat.com/show_bug.cgi?id=1528493 -------------------------------------------------------------------------------- ================================================================================ python-keyring-10.5.1-1.fc27 (FEDORA-2017-e4fb48be55) Store and access your passwords safely -------------------------------------------------------------------------------- Update Information: Update to 10.5.1; fix AttributeError with kwallet backend (bz#1526653) This fixes upstream bug https://github.com/jaraco/keyring/issues/296 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1526653 - python-keyring-10.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1526653 -------------------------------------------------------------------------------- ================================================================================ python-pytest-vcr-0.3.0-2.fc27 (FEDORA-2017-f0a4ab9a51) Py.test plugin for managing VCR.py cassettes -------------------------------------------------------------------------------- Update Information: Initial build. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528303 - Review Request: python-pytest-vcr - Py.test plugin for managing VCR.py cassettes https://bugzilla.redhat.com/show_bug.cgi?id=1528303 -------------------------------------------------------------------------------- ================================================================================ qemu-2.10.1-2.fc27 (FEDORA-2017-fc9dc910e4) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: Re-enable RBD on arm/ppc (rhbz #1528378) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528378 - qemu rbd subpackages should be enabled for F27+ on arm and ppc64 (unbreak upgrade path!) https://bugzilla.redhat.com/show_bug.cgi?id=1528378 -------------------------------------------------------------------------------- ================================================================================ redhat-rpm-config-67-2.fc27 (FEDORA-2017-3935cb7492) Red Hat specific rpm configuration files -------------------------------------------------------------------------------- Update Information: ## CMake: - Move rpm macros to own subpackage ## Redhat-rpm-config: - Add `Requires: cmake-rpm-macros` for CMake auto-{provides,requires} -------------------------------------------------------------------------------- References: [ 1 ] Bug #1498894 - Non-bootstraped build can miss cmake() Provides https://bugzilla.redhat.com/show_bug.cgi?id=1498894 -------------------------------------------------------------------------------- ================================================================================ thunderbird-enigmail-1.9.9-1.fc27 (FEDORA-2017-54288fb74e) Authentication and encryption extension for Mozilla Thunderbird -------------------------------------------------------------------------------- Update Information: Update to 1.9.9. This release addresses security vulnerabilities discovered by Cure53. Details can be found in the Security Audit Report: https://enigmail.net/ download/other/Enigmail%20Pentest%20Report%20by%20Cure53%20-%20Excerpt.pdf -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528403 - thunderbird-enigmail: Multiple flaws fixed in 1.9.9 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1528403 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
