The following Fedora 26 Security updates need testing: Age URL 180 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 73 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3915878e18 ldns-1.7.0-4.fc26 56 https://bodhi.fedoraproject.org/updates/FEDORA-2017-774e7863a4 mongodb-3.4.10-1.fc26 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d75a88f263 monit-5.25.1-1.fc26 18 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ccef1ced42 gimp-2.8.22-3.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7349a7723e poco-1.7.8p3-3.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0db545e976 ruby-2.4.3-86.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-19c693fd9a wordpress-4.9.2-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-306856c244 rubygem-rack-protection-1.5.3-5.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a86bad9689 clamav-0.99.2-18.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ef303deec6 libtasn1-4.13-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6550550774 dnsperf-2.1.0.0-8.fc26 bind-dyndb-ldap-11.1-6.fc26 bind-9.11.2-1.P1.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 18 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c2eed6bd99 iproute-4.14.1-4.fc26 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-240b9e54f9 glusterfs-3.10.9-1.fc26 14 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b3f20ecd11 kmod-25-1.fc26 14 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4818a0a3fb lxpanel-0.9.3-2.D20180109git2ddf8dfc.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2ae4888a92 perl-Socket-2.025-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-71094e4775 libseccomp-2.3.3-1.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ba521808e0 gnome-settings-daemon-3.24.3-4.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4bfc82aeb7 pcre-8.41-4.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-194be49026 pcre2-10.23-13.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f1d83a8255 libtevent-0.9.35-1.fc26 libtalloc-2.1.11-1.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1b9b3d815f ostree-2018.1-1.fc26 rpm-ostree-2018.1-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ef303deec6 libtasn1-4.13-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f6166caf0b grub2-2.02-0.43.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bfc82942f4 pungi-4.1.21-4.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4000c1ba37 python-productmd-1.10-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-684a158de2 vim-8.0.1428-3.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-61e0dcaf5e qt5-qtdeclarative-5.9.2-3.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8633570be3 nfs-utils-2.2.1-4.rc2.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fcda2573ac python-rpm-macros-3-21.fc26 The following builds have been pushed to Fedora 26 updates-testing GraphicsMagick-1.3.28-1.fc26 LuxRender-1.6-26.fc26 YafaRay-3.3.0-5.fc26 anyremote-6.7.1-1.fc26 boomaga-1.1.0-1.git24f317b.fc26 ccache-3.3.5-1.fc26 dippi-2.5.1-1.fc26 distribution-gpg-keys-1.18-1.fc26 dnsmasq-2.76-6.fc26 dtc-1.4.6-1.fc26 embree-2.17.2-1.fc26 fedfind-4.0.0-1.fc26 fedora-upgrade-28.1-1.fc26 freeciv-2.5.10-1.fc26 harvey-0.1.8-1.fc26 js-html5shiv-3.7.3-1.fc26 knot-2.6.4-1.fc26 mock-core-configs-28.2-1.fc26 module-build-service-1.6.3-1.fc26 moodle-3.2.7-1.fc26 moserial-3.0.12-3.fc26 mozilla-noscript-10.1.6.3-1.fc26 mozjs52-52.6.0-1.fc26 mycli-1.16.0-1.fc26 ocaml-cmdliner-1.0.2-6.fc26 ocaml-mccs-1.1-4.4.fc26 oci-umount-2.3.3-1.gite3c9055.fc26 perl-CPAN-Perl-Releases-3.46-1.fc26 perl-DateTime-TimeZone-2.16-1.fc26 perl-File-Copy-Recursive-0.40-1.fc26 perl-Module-CoreList-5.20180120-1.fc26 php-icewind-smb2-2.0.4-1.fc26 python-fastavro-0.17.3-2.fc26 python-nixio-1.4.3-1.fc26 python-psutil-5.4.3-2.fc26 python3-mypy-0.560-2.fc26 qgis-2.18.16-1.fc26 squid-4.0.23-1.fc26 standard-test-roles-2.6-2.fc26 transmission-2.92-12.fc26 ucx-1.2.2-1.fc26 unbound-1.6.8-1.fc26 usbguard-0.7.2-2.fc26 vala-0.36.9-1.fc26 waiverdb-0.5.0-1.fc26 wget-1.19.4-1.fc26 xca-1.4.0-1.fc26 xosview-1.20-1.fc26 zeal-0.5.0-3.fc26 Details about builds: ================================================================================ GraphicsMagick-1.3.28-1.fc26 (FEDORA-2018-bfb9835edd) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information: Latest stable release, includes many bug and security fixes. See also http://www.graphicsmagick.org/NEWS.html#january-20-2017 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1536950 - GraphicsMagick: 2018-5685 GraphicsMagick: Infinite loop and application hang in coders/bmp.c:ReadBMPImage [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1536950 [ 2 ] Bug #1529579 - CVE-2017-17912 GraphicsMagick: GraphicsMagick: heap-based buffer over-read in ReadNewsProfile in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529579 [ 3 ] Bug #1529558 - CVE-2017-17913 GraphicsMagick: stack-based buffer over-read in WriteWEBPImage in coders/webp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529558 [ 4 ] Bug #1529536 - CVE-2017-17915 GraphicsMagick: Memory leak in the function ReadMNGImage in coders/png.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529536 [ 5 ] Bug #1528050 - CVE-2017-17783 GraphicsMagick: heap based buffer over-read in ReadPALMImage in coders/palm.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1528050 [ 6 ] Bug #1528038 - CVE-2017-17782 GraphicsMagick: heap-based buffer over-read in ReadOneJNGImage function in coders/png.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1528038 [ 7 ] Bug #1515317 - CVE-2017-16353 GraphicsMagick: ImageMagick, GraphicsMagick: memory information disclosure in DescribeImage function in magick/describe.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1515317 [ 8 ] Bug #1512039 - CVE-2017-16669 GraphicsMagick: Heap buffer over-write in AcquireCacheNexus function in magick/pixel_cache.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1512039 [ 9 ] Bug #1484484 - CVE-2017-13147 GraphicsMagick: Allocation failure in ReadMNGImage function in coders/png.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1484484 [ 10 ] Bug #1475499 - CVE-2017-11643 GraphicsMagick: Heap based over-write in WriteCMYKImagefunction in coders/cmyk.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475499 [ 11 ] Bug #1475491 - CVE-2017-11641 GraphicsMagick: Memory Leak in the PersistCache in magick/pixel_cache.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475491 [ 12 ] Bug #1475457 - CVE-2017-11636 GraphicsMagick: Heap based buffer over-write in WriteRGBImage in coders/rgb.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475457 [ 13 ] Bug #1475453 - CVE-2017-11637 GraphicsMagick: NULL pointer dereference in WritePCLImage() in coders/pcl.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475453 [ 14 ] Bug #1473751 - CVE-2017-11140 GraphicsMagick: Resource exhaustion denial of service in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473751 [ 15 ] Bug #1473745 - CVE-2017-11139 GraphicsMagick: double free vulnerabilities in the ReadOneJNGImage() function in coders/png.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473745 [ 16 ] Bug #1473730 - CVE-2017-11102 GraphicsMagick: Input validation failure in ReadOneJNGImage function may cause denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473730 [ 17 ] Bug #1536770 - GraphicsMagick-1.3.28 is available https://bugzilla.redhat.com/show_bug.cgi?id=1536770 -------------------------------------------------------------------------------- ================================================================================ LuxRender-1.6-26.fc26 (FEDORA-2018-2ef89f2fe2) Lux Renderer, an unbiased rendering system -------------------------------------------------------------------------------- Update Information: Updated embree to 2.17.2 -------------------------------------------------------------------------------- ================================================================================ YafaRay-3.3.0-5.fc26 (FEDORA-2018-2ef89f2fe2) A free open-source ray-tracing render engine -------------------------------------------------------------------------------- Update Information: Updated embree to 2.17.2 -------------------------------------------------------------------------------- ================================================================================ anyremote-6.7.1-1.fc26 (FEDORA-2018-001a404c3c) Remote control through Wi-Fi or bluetooth connection -------------------------------------------------------------------------------- Update Information: v6.7.1 -------------------------------------------------------------------------------- ================================================================================ boomaga-1.1.0-1.git24f317b.fc26 (FEDORA-2018-6e5983bd9d) A virtual printer for viewing a document before printing -------------------------------------------------------------------------------- Update Information: Update to 1.1.0-1.git24f317b -------------------------------------------------------------------------------- ================================================================================ ccache-3.3.5-1.fc26 (FEDORA-2018-8e3cc412cf) C/C++ compiler cache -------------------------------------------------------------------------------- Update Information: Bugfix update - see https://ccache.samba.org/releasenotes.html#_ccache_3_3_5 for details -------------------------------------------------------------------------------- References: [ 1 ] Bug #1534190 - ccache-3.3.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1534190 -------------------------------------------------------------------------------- ================================================================================ dippi-2.5.1-1.fc26 (FEDORA-2018-405f0f1563) Calculate display info like DPI and aspect ratio -------------------------------------------------------------------------------- Update Information: New package for fedora. -------------------------------------------------------------------------------- ================================================================================ distribution-gpg-keys-1.18-1.fc26 (FEDORA-2018-0f6caebd2b) GPG keys of various Linux distributions -------------------------------------------------------------------------------- Update Information: - updated Copr keys - add UnitedRPMs - add remi 2018 key ---- Update Copr keys. ---- Update Copr keys. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1536804 - distribution-gpg-keys-1.18-1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1536804 -------------------------------------------------------------------------------- ================================================================================ dnsmasq-2.76-6.fc26 (FEDORA-2018-9780220f7d) A lightweight DHCP/caching DNS server -------------------------------------------------------------------------------- Update Information: DNSSEC fix for wildcard NSEC records (CVE-2017-15107) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1510570 - CVE-2017-15107 dnsmasq: Improper validation of wildcard synthesized NSEC records https://bugzilla.redhat.com/show_bug.cgi?id=1510570 -------------------------------------------------------------------------------- ================================================================================ dtc-1.4.6-1.fc26 (FEDORA-2018-f200f504b3) Device Tree Compiler -------------------------------------------------------------------------------- Update Information: New dtc 1.4.6 release -------------------------------------------------------------------------------- ================================================================================ embree-2.17.2-1.fc26 (FEDORA-2018-2ef89f2fe2) Collection of high-performance ray tracing kernels developed at Intel -------------------------------------------------------------------------------- Update Information: Updated embree to 2.17.2 -------------------------------------------------------------------------------- ================================================================================ fedfind-4.0.0-1.fc26 (FEDORA-2018-a737e8a2b2) Fedora compose and image finder -------------------------------------------------------------------------------- Update Information: This update provides a new major release of fedfind. It is going out to stable releases as fedfind is used quite extensively in Fedora QA infrastructure, and we prefer to keep all those deployments on the latest code. The new release also provides some significant enhancements in correctness checking that will be useful in these cases. See [the upstream changelog](https://pagure.io/fedora- qa/fedfind/blob/5713f806517a358a5761aaaff9cfd276f8aeb862/f/CHANGELOG.md) for more details on the specific changes in this release. Most uses of fedfind (both CLI and as a Python library) should continue to work unchanged, or with only minimal changes (mainly because `get_release` can raise some different exceptions now). -------------------------------------------------------------------------------- ================================================================================ fedora-upgrade-28.1-1.fc26 (FEDORA-2018-f2006b997b) Upgrade Fedora to next version using dnf upgrade (unofficial tool) -------------------------------------------------------------------------------- Update Information: - clean caches before doing any other task - list orphans after upgrade - warn if not run as root - add upgrade to F28 and remove upgrade to F25 - Remove PackageKit cache - choose better wording for reset priorities - reset services priorities the systemd way -------------------------------------------------------------------------------- ================================================================================ freeciv-2.5.10-1.fc26 (FEDORA-2018-7f7ad6d014) A multi-player strategy game -------------------------------------------------------------------------------- Update Information: 2.5.10 -------------------------------------------------------------------------------- ================================================================================ harvey-0.1.8-1.fc26 (FEDORA-2018-1302a6daa3) Color contrast checker -------------------------------------------------------------------------------- Update Information: New package for fedora. -------------------------------------------------------------------------------- ================================================================================ js-html5shiv-3.7.3-1.fc26 (FEDORA-2018-ba20010674) Enable use of HTML5 sectioning elements in legacy browsers -------------------------------------------------------------------------------- Update Information: First F26 build. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1525900 - Review Request: js-html5shiv - Enable use of HTML5 sectioning elements in legacy browsers https://bugzilla.redhat.com/show_bug.cgi?id=1525900 -------------------------------------------------------------------------------- ================================================================================ knot-2.6.4-1.fc26 (FEDORA-2018-e5d3f483a1) High-performance authoritative DNS server -------------------------------------------------------------------------------- Update Information: Knot DNS 2.6.4 (2018-01-02) =========================== Features: ---------- - Module synthrecord allows multiple 'network' specification - New CSK handling support in keymgr Improvements: ------------- - Allowed configuration for infinite zsk lifetime - Increased performance and security of the module synthrecord - Signing changeset is stored into journal even if 'zonefile-load' is whole Bugfixes: --------- - Unintentional zone re-sign during reload if empty NSEC3 salt - Inconsistent zone names in journald structured logs - Malformed outgoing transfer for big zone with TSIG - Some minor DNSSEC-related issues Knot DNS 2.6.3 (2017-11-24) =========================== Bugfixes: --------- - Wrong detection of signing scheme rollover Knot DNS 2.6.2 (2017-11-23) =========================== Features: --------- - CSK algorithm rollover and (KSK, ZSK) <-> CSK rollover support Improvements: ------------- - Allowed explicit configuration for infinite ksk lifetime - Proper error messages instead of unclear error codes in server log - Better support for old compilers Bugfixes: --------- - Unexpected reply for DS query with an owner below a delegation point - Old dependencies in the pkg-config file -------------------------------------------------------------------------------- ================================================================================ mock-core-configs-28.2-1.fc26 (FEDORA-2018-157e6e7205) Mock core config files basic chroots -------------------------------------------------------------------------------- Update Information: - add fedora 28 configs - remove failovermethod=priority for repos which use dnf - remove fedora 24 configs - set skip_if_unavailable=False for all repos -------------------------------------------------------------------------------- ================================================================================ module-build-service-1.6.3-1.fc26 (FEDORA-2018-ea0f7c5312) The Module Build Service for Modularity -------------------------------------------------------------------------------- Update Information: Changes ------- * Fix a bug that caused a module build to fail when it was cancelled during the module-build-macros phase and then resumed * Reset the "state_reason" field on all components after a module build is resumed * Cancel new repo tasks on module build failures in Koji * Use available Koji repos during local builds instead of building them locally * Add an incrementing prefix to module components' releases * Add a "context" field on component and module releases in Koji for uniqueness for when Module Stream Expansion is implemented * Remove urlgrabber as a dependency * Set an explicit log level on our per-build file handler * Set the timeout on git operations to 60 seconds to help alleviate client tooling timeouts * Improve the efficiency of the stale module builds poller * Fix situations where module-build-macros builds in Koji but fails in MBS and the build is resumed -------------------------------------------------------------------------------- References: [ 1 ] Bug #1487065 - module-build-service-1.3.26-3.fc26: local build always disables tests https://bugzilla.redhat.com/show_bug.cgi?id=1487065 [ 2 ] Bug #1514631 - module-build-service-1.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1514631 -------------------------------------------------------------------------------- ================================================================================ moodle-3.2.7-1.fc26 (FEDORA-2018-7e086e3309) A Course Management System -------------------------------------------------------------------------------- Update Information: CVE-2018-1042/CVE-2018-1043/CVE-2018-1044/CVE-2018-1045 fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1537469 - CVE-2018-1042 CVE-2018-1043 CVE-2018-1044 CVE-2018-1045 moodle: Four security issues fixed in the latest release [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1537469 [ 2 ] Bug #1537470 - CVE-2018-1042 CVE-2018-1043 CVE-2018-1044 CVE-2018-1045 moodle: Four security issues fixed in the latest release [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1537470 -------------------------------------------------------------------------------- ================================================================================ moserial-3.0.12-3.fc26 (FEDORA-2018-5fb5afaaa8) Serial terminal for the gnome desktop -------------------------------------------------------------------------------- Update Information: Update to latest upstream release moserial 3.0.12. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1532429 - moserial-3.0.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1532429 -------------------------------------------------------------------------------- ================================================================================ mozilla-noscript-10.1.6.3-1.fc26 (FEDORA-2018-9b94a177ad) JavaScript white list extension for Mozilla Firefox -------------------------------------------------------------------------------- Update Information: **NOTE** All packaged Firefox add-ons are affected by Firefox bug fedora#1508827 . A workaround is provided in the bug report. Please do not give negative karma just because of that bug. v 10.1.6.3 ============================================================= * Improved tooltip clarity * Added version number to the browser action tooltip (thanks therube for RFE) * More restrictive domain matching in the main UI for "fake" TLDs, showing pseudo 2nd level domains containing one dot * Domain matching now treats unknown no-dot domains (not in the public suffixes list) as TLDs everywhere (fix finally not overwritten by auto-generated tld.js) * Fixed rc4 regression causing synchronized changes not to be persisted * Smarter XSS popup behavior when reporting concurrent events from/to the same origins * Fixed full breakage when sync storage is disabled * Improved layout on small screens (less than 10cm wide) * Moved preset customization into its own (more discoverable) global Options section, rather than embedded in assignment * Improved validation of manual entries * Needed capabilities highlighted also on short-hand domain matched entries inside the CUSTOM preset * Domain matching now works also for manually entered TLDs and pseudo-TLDs, such as "gov.us" or "cloudflare.net" -------------------------------------------------------------------------------- References: [ 1 ] Bug #1532905 - mozilla-noscript-10.1.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1532905 -------------------------------------------------------------------------------- ================================================================================ mozjs52-52.6.0-1.fc26 (FEDORA-2018-b131e841c6) SpiderMonkey JavaScript library -------------------------------------------------------------------------------- Update Information: mozjs52 52.6.0, including various security, stability and regression fixes from Firefox 52.6.0 ESR. For details, see https://www.mozilla.org/en- US/firefox/52.6.0/releasenotes/ -------------------------------------------------------------------------------- ================================================================================ mycli-1.16.0-1.fc26 (FEDORA-2018-aae2e59564) Interactive CLI for MySQL Database with auto-completion and syntax highlighting -------------------------------------------------------------------------------- Update Information: Update to latest upstream release mycli 1.16.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528833 - mycli-1.16.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1528833 -------------------------------------------------------------------------------- ================================================================================ ocaml-cmdliner-1.0.2-6.fc26 (FEDORA-2018-01f6a1571a) Declarative definition of command line interfaces for OCaml -------------------------------------------------------------------------------- Update Information: Declarative definition of command line interfaces for OCaml -------------------------------------------------------------------------------- ================================================================================ ocaml-mccs-1.1-4.4.fc26 (FEDORA-2018-f200fcf51f) Multi Criteria CUDF Solver with OCaml bindings -------------------------------------------------------------------------------- Update Information: Multi Criteria CUDF Solver with OCaml bindings -------------------------------------------------------------------------------- ================================================================================ oci-umount-2.3.3-1.gite3c9055.fc26 (FEDORA-2018-2ee11bf700) OCI umount hook for docker -------------------------------------------------------------------------------- Update Information: Allow the passing of stage via the stage environment variable. -------------------------------------------------------------------------------- ================================================================================ perl-CPAN-Perl-Releases-3.46-1.fc26 (FEDORA-2018-7f2cae7c26) Mapping Perl releases on CPAN to the location of the tarballs -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1536767 - perl-CPAN-Perl-Releases-3.46 is available https://bugzilla.redhat.com/show_bug.cgi?id=1536767 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-TimeZone-2.16-1.fc26 (FEDORA-2018-72d8bc3682) Time zone object base class and factory -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1536730 - perl-DateTime-TimeZone-2.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1536730 -------------------------------------------------------------------------------- ================================================================================ perl-File-Copy-Recursive-0.40-1.fc26 (FEDORA-2018-5c4fad2711) Extension for recursively copying files and directories -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1531386 - Upgrade perl-File-Copy-Recursive to 0.39 https://bugzilla.redhat.com/show_bug.cgi?id=1531386 -------------------------------------------------------------------------------- ================================================================================ perl-Module-CoreList-5.20180120-1.fc26 (FEDORA-2018-5c539827e2) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1536773 - perl-Module-CoreList-5.20180120 is available https://bugzilla.redhat.com/show_bug.cgi?id=1536773 -------------------------------------------------------------------------------- ================================================================================ php-icewind-smb2-2.0.4-1.fc26 (FEDORA-2018-411c856c8b) php wrapper for smbclient and libsmbclient-php -------------------------------------------------------------------------------- Update Information: **Version 2.0.4** * Allow overwriting the list of forbidden characters * Improve handling of smbclient prompt in some setups * Disable automatic fallback to anonymous login * Better error message when moving a folder into itself -------------------------------------------------------------------------------- ================================================================================ python-fastavro-0.17.3-2.fc26 (FEDORA-2018-38b8e0f3ab) Fast Avro for Python -------------------------------------------------------------------------------- Update Information: New package! -------------------------------------------------------------------------------- References: [ 1 ] Bug #1534787 - Review Request: python-fastavro - Fast Avro for Python https://bugzilla.redhat.com/show_bug.cgi?id=1534787 -------------------------------------------------------------------------------- ================================================================================ python-nixio-1.4.3-1.fc26 (FEDORA-2018-3381d175d6) Python bindings for NIX -------------------------------------------------------------------------------- Update Information: New package! -------------------------------------------------------------------------------- References: [ 1 ] Bug #1534050 - Review Request: python-nixio - Python bindings for NIX https://bugzilla.redhat.com/show_bug.cgi?id=1534050 -------------------------------------------------------------------------------- ================================================================================ python-psutil-5.4.3-2.fc26 (FEDORA-2018-05b6ac0e4e) A process and system utilities module for Python -------------------------------------------------------------------------------- Update Information: Update python-psutil for mypy. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1487622 - python-psutil-5.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1487622 [ 2 ] Bug #1534333 - Missing dependency for mypy on psutil https://bugzilla.redhat.com/show_bug.cgi?id=1534333 -------------------------------------------------------------------------------- ================================================================================ python3-mypy-0.560-2.fc26 (FEDORA-2018-05b6ac0e4e) A static type checker for Python -------------------------------------------------------------------------------- Update Information: Update python-psutil for mypy. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1487622 - python-psutil-5.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1487622 [ 2 ] Bug #1534333 - Missing dependency for mypy on psutil https://bugzilla.redhat.com/show_bug.cgi?id=1534333 -------------------------------------------------------------------------------- ================================================================================ qgis-2.18.16-1.fc26 (FEDORA-2018-f33aa4eaab) A user friendly Open Source Geographic Information System -------------------------------------------------------------------------------- Update Information: https://github.com/qgis/QGIS/commit/d473c3071ac5cadd01392d2a26c99a28b0e49d28 -------------------------------------------------------------------------------- ================================================================================ squid-4.0.23-1.fc26 (FEDORA-2018-4f8a78a5ef) The Squid proxy caching server -------------------------------------------------------------------------------- Update Information: Bugfix + security update ---- Fix for #1481195 ---- Squid update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1481195 - squid loses some REs when optimising ACLs. https://bugzilla.redhat.com/show_bug.cgi?id=1481195 [ 2 ] Bug #1536940 - squid: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1536940 [ 3 ] Bug #1467072 - squid-4.0.21 is available https://bugzilla.redhat.com/show_bug.cgi?id=1467072 -------------------------------------------------------------------------------- ================================================================================ standard-test-roles-2.6-2.fc26 (FEDORA-2018-4c8269a5dc) Standard Test Interface Ansible roles -------------------------------------------------------------------------------- Update Information: Update to 2.6 -------------------------------------------------------------------------------- ================================================================================ transmission-2.92-12.fc26 (FEDORA-2018-b166805347) A lightweight GTK+ BitTorrent client -------------------------------------------------------------------------------- Update Information: Fix CVE patch, build with openssl-1.1.x ---- Security fix for CVE-2018-5702 (Mitigate dns rebinding attacks against daemon) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1534061 - CVE-2018-5702 transmission: Remote code execution (RCE) in rpc session-id via dns rebinding attack https://bugzilla.redhat.com/show_bug.cgi?id=1534061 -------------------------------------------------------------------------------- ================================================================================ ucx-1.2.2-1.fc26 (FEDORA-2018-40bde830b9) A communication library implementing high-performance messaging -------------------------------------------------------------------------------- Update Information: Initial submit -------------------------------------------------------------------------------- ================================================================================ unbound-1.6.8-1.fc26 (FEDORA-2018-a10a19e06a) Validating, recursive, and caching DNS(SEC) resolver -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-15105 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1507049 - CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records https://bugzilla.redhat.com/show_bug.cgi?id=1507049 -------------------------------------------------------------------------------- ================================================================================ usbguard-0.7.2-2.fc26 (FEDORA-2018-6c17a7c43b) A tool for implementing USB device usage policy -------------------------------------------------------------------------------- Update Information: - Update to usbguard-0.7.2 - Default usbguard-daemon.conf was extended. Review your usbguard-daemon configuration after updating the package. See upstream changelog for details: https://github.com/USBGuard/usbguard/releases/tag/usbguard-0.7.2 ---- Update to 0.7.1 See upstream change log for details: https://github.com/USBGuard/usbguard/releases/tag/usbguard-0.7.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1527956 - %check RPM macro used in %changelog needs to be escaped https://bugzilla.redhat.com/show_bug.cgi?id=1527956 [ 2 ] Bug #1537339 - usbguard-0.7.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1537339 -------------------------------------------------------------------------------- ================================================================================ vala-0.36.9-1.fc26 (FEDORA-2018-238d2d10ab) A modern programming language for GNOME -------------------------------------------------------------------------------- Update Information: vala 0.36.9 release with bug fixes and binding updates. For details, see https://mail.gnome.org/archives/ftp-release-list/2018-January/msg00062.html -------------------------------------------------------------------------------- ================================================================================ waiverdb-0.5.0-1.fc26 (FEDORA-2018-ee71f289d0) Service for waiving results in ResultsDB -------------------------------------------------------------------------------- Update Information: New upstream release: https://docs.pagure.org/waiverdb/release- notes.html#waiverdb-0-5 ---- Synchronize specfile with upstream. -------------------------------------------------------------------------------- ================================================================================ wget-1.19.4-1.fc26 (FEDORA-2018-a2eebd7c4c) A utility for retrieving files using the HTTP or FTP protocols -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1532233 - wget incorrectly decompresses downloads https://bugzilla.redhat.com/show_bug.cgi?id=1532233 [ 2 ] Bug #1536811 - wget-1.19.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1536811 -------------------------------------------------------------------------------- ================================================================================ xca-1.4.0-1.fc26 (FEDORA-2018-40fe62d0c2) Graphical X.509 certificate management tool -------------------------------------------------------------------------------- Update Information: New upstream release. Use qt5. Remove obsolete rpm scriptlets. -------------------------------------------------------------------------------- ================================================================================ xosview-1.20-1.fc26 (FEDORA-2018-1d34250aa1) An X Window System utility for monitoring system resources -------------------------------------------------------------------------------- Update Information: Update to latest upstream release xosview 1.20. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1536899 - xosview-1.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1536899 -------------------------------------------------------------------------------- ================================================================================ zeal-0.5.0-3.fc26 (FEDORA-2018-cd013b97d5) Offline documentation browser inspired by Dash -------------------------------------------------------------------------------- Update Information: Update to latest upstream release; switch away from deprecated qmake build system to CMake -------------------------------------------------------------------------------- References: [ 1 ] Bug #1524398 - zeal-0.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1524398 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
