The following Fedora 26 Security updates need testing: Age URL 186 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 79 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3915878e18 ldns-1.7.0-4.fc26 32 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d75a88f263 monit-5.25.1-1.fc26 24 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ccef1ced42 gimp-2.8.22-3.fc26 18 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26 17 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0db545e976 ruby-2.4.3-86.fc26 10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ef303deec6 libtasn1-4.13-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9780220f7d dnsmasq-2.76-6.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bfb9835edd GraphicsMagick-1.3.28-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a10a19e06a unbound-1.6.8-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7e086e3309 moodle-3.2.7-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b166805347 transmission-2.92-12.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef squid-4.0.23-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f73abc5680 knot-resolver-1.5.3-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a6b59d8f78 libxml2-2.9.7-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7151603128 mupdf-1.12.0-2.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bbf8c38b51 jackson-databind-2.7.6-8.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-43712163de webkitgtk4-2.18.6-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-958b22c73f clamav-0.99.3-1.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 24 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c2eed6bd99 iproute-4.14.1-4.fc26 21 https://bodhi.fedoraproject.org/updates/FEDORA-2018-240b9e54f9 glusterfs-3.10.9-1.fc26 20 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4818a0a3fb lxpanel-0.9.3-2.D20180109git2ddf8dfc.fc26 15 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ba521808e0 gnome-settings-daemon-3.24.3-4.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1b9b3d815f ostree-2018.1-1.fc26 rpm-ostree-2018.1-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bfc82942f4 pungi-4.1.21-4.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4000c1ba37 python-productmd-1.10-1.fc26 10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ef303deec6 libtasn1-4.13-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8633570be3 nfs-utils-2.2.1-4.rc2.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fcda2573ac python-rpm-macros-3-21.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9780220f7d dnsmasq-2.76-6.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f200f504b3 dtc-1.4.6-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6fe92b98df perl-threads-shared-1.58-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0f208aa267 perl-threads-2.21-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a9a5708bef python3-3.6.4-2.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a6b59d8f78 libxml2-2.9.7-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-49cd53ff36 libguestfs-1.36.13-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-be2cb3e65a xen-4.8.3-2.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b88532d5ee satyr-0.23-2.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-43712163de webkitgtk4-2.18.6-1.fc26 The following builds have been pushed to Fedora 26 updates-testing fuse-encfs-1.9.4-1.fc26 gnupg2-2.2.4-1.fc26 java-9-openjdk-9.0.4.11-4.fc26 libntirpc-1.5.4-1.fc26 lilypond-doc-2.19.81-1.fc26 movit-1.6.0-1.fc26 mujs-0-11.20180129git25821e6.fc26 nfs-ganesha-2.5.5-1.fc26 php-league-flysystem-1.0.42-1.fc26 rsync-3.1.3-1.fc26 timeshift-18.1.1-4.fc26 vim-8.0.1438-1.fc26 Details about builds: ================================================================================ fuse-encfs-1.9.4-1.fc26 (FEDORA-2018-be4b9fae91) Encrypted pass-thru filesystem in userspace -------------------------------------------------------------------------------- Update Information: Update to 1.9.4. -------------------------------------------------------------------------------- ================================================================================ gnupg2-2.2.4-1.fc26 (FEDORA-2018-b830db2f1e) Utility for secure communication and data storage -------------------------------------------------------------------------------- Update Information: Minor upstream update release with bug fixes and other improvements -------------------------------------------------------------------------------- References: [ 1 ] Bug #1528084 - gnupg2-2.2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1528084 -------------------------------------------------------------------------------- ================================================================================ java-9-openjdk-9.0.4.11-4.fc26 (FEDORA-2018-9718389704) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: Fixes for the aach64 architecture. Fix included in 9.0.4.11-3 contained a bug which crashes the JVM in some cases. ---- January CPU security update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1492175 - [systemtap] Hotspot tapsets have wrong path reference to libjvm.so https://bugzilla.redhat.com/show_bug.cgi?id=1492175 -------------------------------------------------------------------------------- ================================================================================ libntirpc-1.5.4-1.fc26 (FEDORA-2018-39a8df133e) New Transport Independent RPC Library -------------------------------------------------------------------------------- Update Information: libntirpc 1.5.4 GA -------------------------------------------------------------------------------- ================================================================================ lilypond-doc-2.19.81-1.fc26 (FEDORA-2018-93e6e40652) HTML documentation for LilyPond -------------------------------------------------------------------------------- Update Information: 2.19.81 -------------------------------------------------------------------------------- ================================================================================ movit-1.6.0-1.fc26 (FEDORA-2018-54a77969f3) GPU video filter library -------------------------------------------------------------------------------- Update Information: Update to 1.6.0-1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1539413 - Movit 1.6.0 (latest release: January 24th, 2018) https://bugzilla.redhat.com/show_bug.cgi?id=1539413 -------------------------------------------------------------------------------- ================================================================================ mujs-0-11.20180129git25821e6.fc26 (FEDORA-2018-d4746c772f) An embeddable Javascript interpreter -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2018-5759. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1539514 - CVE-2018-5759 mujs: Improper management of AST depth in jsparse.c can allow a remote attacker to cause a denial of service via a crafted file https://bugzilla.redhat.com/show_bug.cgi?id=1539514 -------------------------------------------------------------------------------- ================================================================================ nfs-ganesha-2.5.5-1.fc26 (FEDORA-2018-dfeb98eb73) NFS-Ganesha is a NFS Server running in user space -------------------------------------------------------------------------------- Update Information: nfs-ganesha 2.5.5 GA -------------------------------------------------------------------------------- ================================================================================ php-league-flysystem-1.0.42-1.fc26 (FEDORA-2018-666ccddf5a) Filesystem abstraction: Many filesystems, one API -------------------------------------------------------------------------------- Update Information: **Version 1.0.42** - 2018-01-27 * Fixed FTP manual recursion. * Various code style fixes. -------------------------------------------------------------------------------- ================================================================================ rsync-3.1.3-1.fc26 (FEDORA-2018-de8436d9da) A program for synchronizing files over a network -------------------------------------------------------------------------------- Update Information: New version 3.1.3, includes security fix for CVE-2018-5764 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1536662 - CVE-2018-5764 rsync: sanitization bypass in parse_argument in oprions.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1536662 [ 2 ] Bug #1539466 - rsync-3.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1539466 -------------------------------------------------------------------------------- ================================================================================ timeshift-18.1.1-4.fc26 (FEDORA-2018-f67cb13026) System restore tool for Linux -------------------------------------------------------------------------------- Update Information: - Properly apply system LDFLAGS and thus enable full hardening - Generate useful -debugsource package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1534446 - Review Request: timeshift - System restore tool for Linux https://bugzilla.redhat.com/show_bug.cgi?id=1534446 -------------------------------------------------------------------------------- ================================================================================ vim-8.0.1438-1.fc26 (FEDORA-2018-d267a6b7f6) The VIM editor -------------------------------------------------------------------------------- Update Information: The newest upstream commit -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
