The following Fedora 27 Security updates need testing: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-969328b17c jhead-3.00-7.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5562b6e2c0 golang-1.9.4-1.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b22d46eabb libvirt-3.7.0-4.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9d6a122887 sblim-sfcb-1.4.9-9.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-da6f76b446 mupdf-1.12.0-5.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8d544ee879 zziplib-0.13.68-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b152c791cc mingw-OpenEXR-2.2.0-7.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ee417c4b28 suricata-4.0.4-1.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b127e58641 patch-2.7.6-3.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-433d2dc3c7 irssi-1.0.7-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5aec14e125 exim-4.90.1-2.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2331a462fb milkytracker-1.01.00-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c6cb18d057 seamonkey-2.49.2-2.fc27 The following Fedora 27 Critical Path updates have yet to be approved: Age URL 14 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3082496e05 pungi-4.1.22-2.fc27 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c46fa8e392 perl-5.26.1-403.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fdb6b936e4 nss-3.35.0-1.1.fc27 nss-softokn-3.35.0-1.0.fc27 nss-util-3.35.0-1.0.fc27 nspr-4.18.0-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d73421f7e6 pcre2-10.31-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c9b5e3f68c libguestfs-1.38.0-1.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b22d46eabb libvirt-3.7.0-4.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b9f662dec5 iproute-4.15.0-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a6b436d186 sssd-1.16.0-7.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-11fbc105f1 fwupd-1.0.5-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c6489812c9 qt5-qtbase-5.9.4-4.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-cd541fc70d glusterfs-3.12.6-2.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-20611f7cb1 breeze-icon-theme-5.43.0-1.fc27 extra-cmake-modules-5.43.0-1.fc27 kf5-5.43.0-1.fc27 kf5-attica-5.43.0-1.fc27 kf5-baloo-5.43.0-1.fc27 kf5-bluez-qt-5.43.0-1.fc27 kf5-frameworkintegration-5.43.0-2.fc27 kf5-kactivities-5.43.0-2.fc27 kf5-kactivities-stats-5.43.0-2.fc27 kf5-kapidox-5.43.0-1.fc27 kf5-karchive-5.43.0-1.fc27 kf5-kauth-5.43.0-1.fc27 kf5-kbookmarks-5.43.0-2.fc27 kf5-kcmutils-5.43.0-3.fc27 kf5-kcodecs-5.43.0-1.fc27 kf5-kcompletion-5.43.0-1.fc27 kf5-kconfig-5.43.0-1.fc27 kf5-kconfigwidgets-5.43.0-1.fc27 kf5-kcoreaddons-5.43.0-1.fc27 kf5-kcrash-5.43.0-1.fc27 kf5-kdbusaddons-5.43.0-1.fc27 kf5-kdeclarative-5.43.0-2.fc27 kf5-kded-5.43.0-3.fc27 kf5-kdelibs4support-5.43.0-3.fc27 kf5-kdesignerplugin-5.43.0-2.fc27 kf5-kdesu-5.43.0-1.fc27 kf5-kdewebkit-5.43.0-2.fc27 kf5-kdnssd-5.43.0-1.fc27 kf5-kdoctools-5.43.0-1.fc27 kf5-kemoticons-5.43.0-1.fc27 kf5-kfilemetadata-5.43.0-1.fc27 kf5-kglobalaccel-5.43.0-1.fc27 kf5-kguiad dons-5.43.0-1.fc27 kf5-khtml-5.43.0-3.fc27 kf5-ki18n-5.43.0-1.fc27 kf5-kiconthemes-5.43.0-1.fc27 kf5-kidletime-5.43.0-1.fc27 kf5-kimageformats-5.43.0-1.fc27 kf5-kinit-5.43.0-2.fc27 kf5-kio-5.43.0-3.fc27 kf5-kirigami2-5.43.0-1.fc27 kf5-kitemmodels-5.43.0-1.fc27 kf5-kitemviews-5.43.0-1.fc27 kf5-kjobwidgets-5.43.0-1.fc27 kf5-kjs-5.43.0-1.fc27 kf5-kjsembed-5.43.0-1.fc27 kf5-kmediaplayer-5.43.0-2.fc27 kf5-knewstuff-5.43.0-2.fc27 kf5-knotifications-5.43.0-1.fc27 kf5-knotifyconfig-5.43.0-2.fc27 kf5-kpackage-5.43.0-1.fc27 kf5-kparts-5.43.0-2.fc27 kf5-kpeople-5.43.0-1.fc27 kf5-kplotting-5.43.0-1.fc27 kf5-kpty-5.43.0-1.fc27 kf5-kross-5.43.0-2.fc27 kf5-krunner-5.43.0-3.fc27 kf5-kservice-5.43.0-1.fc27 kf5-ktexteditor-5.43.0-3.fc27 kf5-ktextwidgets-5.43.0-1.fc27 kf5-kunitconversion-5.43.0-1.fc27 kf5-kwallet-5.43.0-1.fc27 kf5-kwayland-5.43.0-1.fc27 kf5-kwidgetsaddons-5.43.0-1.fc27 kf5-kwindowsystem-5.43.0-1.fc27 kf5-kxmlgui-5.43.0-1.fc27 kf5-kxmlrpcclient-5.43.0-2.fc27 kf5-modemmanager-qt-5.43.0- 1.fc27 kf5-networkmanager-qt-5.43.0-1.fc27 kf5-plasma-5.43.0-3.fc27 kf5-prison-5.43.0-1.fc27 kf5-purpose-5.43.0-1.fc27 kf5-solid-5.43.0-1.fc27 kf5-sonnet-5.43.0-1.fc27 kf5-syntax-highlighting-5.43.0-1.fc27 kf5-threadweaver-5.43.0-1.fc27 oxygen-icon-theme-5.43.0-1.fc27 qqc2-desktop-style-5.43.0-1.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b127e58641 patch-2.7.6-3.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-22e691f5d2 libidn2-2.0.4-3.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4ade145f01 ethtool-4.15-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-34ad5a1ba4 git-2.14.3-3.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7a6ed94025 libwebp-0.6.1-5.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-75db58edc5 ceph-12.2.2-2.fc27 The following builds have been pushed to Fedora 27 updates-testing beecrypt-4.2.1-20.fc27 boinc-client-7.9.2-1.fc27 bugzilla-5.0.4-1.fc27 ccnet-6.1.4-2.fc27 dislocker-0.7.1-6.fc27 dist-git-1.6-1.fc27 drbdlinks-1.28-3.fc27 electrum-3.0.6-1.fc27 f2c-20160102-1.fc27 fedrepo-req-1.11.1-1.fc27 gnome-boxes-3.26.2-3.fc27 golang-github-inconshreveable-go-vhost-0-0.1.20160627git06d8411.fc27 inadyn-mt-2.28.10-1.fc27 iwidgets-4.0.2-22.fc27 knot-resolver-2.1.0-1.fc27 ldapvi-1.7-29.fc27 libdrm-2.4.90-1.fc27 libva-intel-hybrid-driver-1.0.2-6.fc27 lmms-1.1.3-8.fc27 mbedtls-2.7.0-1.fc27 mellowplayer-3.3.4-1.fc27 mir-0.30.0.1-1.fc27 mozilla-lightbeam-2.1.0-1.fc27 mozilla-noscript-10.1.6.5-1.fc27 nodejs-grunt-wrap-0.3.1-1.fc27 nuvola-app-amazon-cloud-player-5.6-1.fc27 ostree-2018.2-1.fc27 pdns-4.1.1-1.fc27 perl-Importer-0.025-1.fc27 perl-PathTools-3.74-1.fc27 poedit-2.0.6-1.fc27 python-GridDataFormats-0.4.0-1.fc27 python-certbot-dns-digitalocean-0.21.1-1.fc27 python-cloudflare-2.0.4-1.fc27 python-sphinx-intl-0.9.11-1.fc27 qdirstat-1.4-6.fc27 rpm-ostree-2018.3-1.fc27 rubygem-gobject-introspection-3.2.1-5.fc27 sequeler-0.5.0-1.fc27 spectre-meltdown-checker-0.35-1.fc27 tideEditor-1.4.4-1.fc27 unixODBC-2.3.5-1.fc27 vdr-epg2vdr-1.1.86-1.fc27 vim-8.0.1523-1.fc27 whipper-0.6.0-6.fc27 wine-3.2-1.fc27 zegrapher-3.0.2-4.fc27 Details about builds: ================================================================================ beecrypt-4.2.1-20.fc27 (FEDORA-2018-01fe6304a1) An open source cryptography library -------------------------------------------------------------------------------- Update Information: Update python 2 dependency declarations to new packaging standards, see https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 -------------------------------------------------------------------------------- ================================================================================ boinc-client-7.9.2-1.fc27 (FEDORA-2018-c618fac4e7) The BOINC client -------------------------------------------------------------------------------- Update Information: New upstream release of the BOINC client -------------------------------------------------------------------------------- ================================================================================ bugzilla-5.0.4-1.fc27 (FEDORA-2018-1e0e37e148) Bug tracking system -------------------------------------------------------------------------------- Update Information: A CSRF vulnerability in Bugzilla's report.cgi would allow a third-party site to extract confidential information from a bug the victim had access to. This security bug has been published as CVE-2018-5123. This updates contains Bugzilla 5.0.4, which fixes the issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1438957 - icons are missing on bugzilla's front page https://bugzilla.redhat.com/show_bug.cgi?id=1438957 -------------------------------------------------------------------------------- ================================================================================ ccnet-6.1.4-2.fc27 (FEDORA-2018-ca94df292c) A framework for writing networked applications in C -------------------------------------------------------------------------------- Update Information: Add a require for sqlite: configuration is stored in a sqlite database. Without sqlite, it cannot work. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1546560 - seafile-client needs sqlite https://bugzilla.redhat.com/show_bug.cgi?id=1546560 -------------------------------------------------------------------------------- ================================================================================ dislocker-0.7.1-6.fc27 (FEDORA-2018-e452cb1e69) Utility to access BitLocker encrypted volumes -------------------------------------------------------------------------------- Update Information: - Rebuilt for mbed TLS 2.7.0 -------------------------------------------------------------------------------- ================================================================================ dist-git-1.6-1.fc27 (FEDORA-2018-b1083b71b7) Package source version control system -------------------------------------------------------------------------------- Update Information: - add 'fedmsgs', 'old_paths', and 'default_namespace' config options - remove domain_read_all_domains_state SELinux rule - require dist-git-selinux - give optional map permission to git_system_t on git_user_content_t - update requires to work for all environments - make the package completely distribution-agnostic -------------------------------------------------------------------------------- ================================================================================ drbdlinks-1.28-3.fc27 (FEDORA-2018-504c769d15) Program for managing links into a DRBD shared partition -------------------------------------------------------------------------------- Update Information: - Update python 2 dependency declarations to new packaging standards, see https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 -------------------------------------------------------------------------------- ================================================================================ electrum-3.0.6-1.fc27 (FEDORA-2018-4edbabf88a) A lightweight Bitcoin Client -------------------------------------------------------------------------------- Update Information: Updated to version 3.0.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1539916 - CVE-2018-6353 electrum: Python console not sandboxed in Electrum https://bugzilla.redhat.com/show_bug.cgi?id=1539916 -------------------------------------------------------------------------------- ================================================================================ f2c-20160102-1.fc27 (FEDORA-2018-1e107800a9) A Fortran 77 to C/C++ conversion program -------------------------------------------------------------------------------- Update Information: Update to 20160102. -------------------------------------------------------------------------------- ================================================================================ fedrepo-req-1.11.1-1.fc27 (FEDORA-2018-9acbfe2de4) CLI for Fedora package repo requests -------------------------------------------------------------------------------- Update Information: The admin tool now casts the incoming bug IDs as strings (fixes a bug that occurs when the incoming bug ID is an integer). -------------------------------------------------------------------------------- ================================================================================ gnome-boxes-3.26.2-3.fc27 (FEDORA-2018-485b0a8597) A simple GNOME 3 application to access remote or virtual systems -------------------------------------------------------------------------------- Update Information: Fix the user agent string used when downloading logos and ISOs -------------------------------------------------------------------------------- ================================================================================ golang-github-inconshreveable-go-vhost-0-0.1.20160627git06d8411.fc27 (FEDORA-2018-35d796c441) HTTP/TLS hostname multiplexing library for Go -------------------------------------------------------------------------------- Update Information: **HTTP/TLS hostname multiplexing library for Go** - dependency of bettercap 2.0.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1544716 - Review Request: golang-github-inconshreveable-go-vhost - HTTP/TLS hostname multiplexing library for Go https://bugzilla.redhat.com/show_bug.cgi?id=1544716 -------------------------------------------------------------------------------- ================================================================================ inadyn-mt-2.28.10-1.fc27 (FEDORA-2018-cb0486a954) Dynamic DNS Client -------------------------------------------------------------------------------- Update Information: Ver. inadyn-mt 2.28.10 - October 2016 Changes: - broken ipv4, dual stack ip fetch fixed Ver. inadyn-mt 2.28.08 - October 2016 Changes: - fetch freedns.afraid.org alias update tokens - fix Windows 02.28.05 short options fail regress bug - fixes changeip.com url type-o - added option --if_enum - net if enum - Fabian Raab's regfish.de server response code fixes - ip lookup ip version precedence independence - some refactoring -------------------------------------------------------------------------------- References: [ 1 ] Bug #1381053 - inadyn-mt-.02.28.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1381053 -------------------------------------------------------------------------------- ================================================================================ iwidgets-4.0.2-22.fc27 (FEDORA-2018-416fe8bc27) A set of useful widgets based on itcl and itk -------------------------------------------------------------------------------- Update Information: Fix /bin/env issue -------------------------------------------------------------------------------- References: [ 1 ] Bug #1512891 - iwidgets requires deprecated /bin/env https://bugzilla.redhat.com/show_bug.cgi?id=1512891 -------------------------------------------------------------------------------- ================================================================================ knot-resolver-2.1.0-1.fc27 (FEDORA-2018-fe5a6ed3b7) Caching full DNS Resolver -------------------------------------------------------------------------------- Update Information: Knot Resolver 2.1.0 (2018-02-16) ================================ Incompatible changes -------------------- - stats: remove tracking of expiring records (predict uses another way) - systemd: re-use a single kresd.socket and kresd- tls.socket - ta_sentinel: implement protocol draft-ietf-dnsop-kskroll- sentinel-01 (our draft-ietf-dnsop-kskroll-sentinel-00 implementation had inverted logic) - libknot: require version 2.6.4 or newer to get bugfixes for DNS-over-TLS Bugfixes -------- - detect_time_jump module: don't clear cache on suspend-resume (#284) - stats module: fix stats.list() returning nothing, regressed in 2.0.0 - policy.TLS_FORWARD: refusal when configuring with multiple IPs (#306) - cache: fix broken refresh of insecure records that were about to expire - fix the hints module on some systems, e.g. Fedora (came back on 2.0.0) - build with older gnutls (conditionally disable features) - fix the predict module to work with insecure records & cleanup code Knot Resolver 2.0.0 (2018-01-31) ================================ Incompatible changes -------------------- - systemd: change unit files to allow running multiple instances, deployments with single instance now must use `kresd@1.service` instead of `kresd.service`; see kresd.systemd(7) for details - systemd: the directory for cache is now /var/cache/knot-resolver - unify default directory and user to `knot-resolver` - directory with trust anchor file specified by -k option must be writeable - policy module is now loaded by default to enforce RFC 6761; see documentation for policy.PASS if you use locally-served DNS zones - drop support for alternative cache backends memcached, redis, and for Lua bindings for some specific cache operations - REORDER_RR option is not implemented (temporarily) New features ------------ - aggressive caching of validated records (RFC 8198) for NSEC zones; thanks to ICANN for sponsoring this work. - forwarding over TLS, authenticated by SPKI pin or certificate. policy.TLS_FORWARD pipelines queries out-of-order over shared TLS connection Beware: Some resolvers do not support out-of-order query processing. TLS forwarding to such resolvers will lead to slower resolution or failures. - trust anchors: you may specify a read-only file via -K or --keyfile-ro - trust anchors: at build-time you may set KEYFILE_DEFAULT (read-only) - ta_sentinel module implements draft ietf-dnsop-kskroll-sentinel-00, enabled by default - serve_stale module is prototype, subject to change - extended API for Lua modules Bugfixes -------- - fix build on osx - regressed in 1.5.3 (different linker option name) ---- Knot Resolver 1.5.3 (2018-01-23) ================================ Bugfixes -------- - fix the hints module on some systems, e.g. Fedora. Symptom: `undefined symbol: engine_hint_root_file` Knot Resolver 1.5.2 (2018-01-22) ================================ Security -------- - fix CVE-2018-1000002: insufficient DNSSEC validation, allowing attackers to deny existence of some data by forging packets. Some combinations pointed out in RFC 6840 sections 4.1 and 4.3 were not taken into account. Bugfixes -------- - memcached: fix fallout from module rename in 1.5.1 Knot Resolver 1.5.1 (2017-12-12) ================================ Incompatible changes -------------------- - script supervisor.py was removed, please migrate to a real process manager - module ketcd was renamed to etcd for consistency - module kmemcached was renamed to memcached for consistency Bugfixes -------- - fix SIGPIPE crashes (#271) - tests: work around out-of-space for platforms with larger memory pages - lua: fix mistakes in bindings affecting 1.4.0 and 1.5.0 (and 1.99.1-alpha), potentially causing problems in dns64 and workarounds modules - predict module: various fixes (!399) Improvements ------------ - add priming module to implement RFC 8109, enabled by default (#220) - add modules helping with system time problems, enabled by default; for details see documentation of detect_time_skew and detect_time_jump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1537462 - CVE-2018-1000002 knot-resolver: Insufficient DNSSEC validation https://bugzilla.redhat.com/show_bug.cgi?id=1537462 -------------------------------------------------------------------------------- ================================================================================ ldapvi-1.7-29.fc27 (FEDORA-2018-093baa33ca) An interactive LDAP client -------------------------------------------------------------------------------- Update Information: Fix packaging issues and avoid sending password in plain in logs. -------------------------------------------------------------------------------- ================================================================================ libdrm-2.4.90-1.fc27 (FEDORA-2018-deda0d84a5) Direct Rendering Manager runtime library -------------------------------------------------------------------------------- Update Information: Update to 2.4.90 -------------------------------------------------------------------------------- ================================================================================ libva-intel-hybrid-driver-1.0.2-6.fc27 (FEDORA-2018-9f8979e6e6) VA driver for Intel G45 & HD Graphics family -------------------------------------------------------------------------------- Update Information: Fix missing BR ---- Add missing BR for gcc-c++ -------------------------------------------------------------------------------- ================================================================================ lmms-1.1.3-8.fc27 (FEDORA-2018-060a0e9df6) Linux MultiMedia Studio -------------------------------------------------------------------------------- Update Information: Add patch that should fix linkage of the Vestige module (#1388466). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1388466 - Vestige plugin is not showing up in the instrument plugins list. https://bugzilla.redhat.com/show_bug.cgi?id=1388466 -------------------------------------------------------------------------------- ================================================================================ mbedtls-2.7.0-1.fc27 (FEDORA-2018-eb58dc8a6f) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information: - Update to 2.7.0 Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.7.0-2.1.10-and-1.3.22-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2018-01 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1533435 - Please enable pthread support for mbedtls https://bugzilla.redhat.com/show_bug.cgi?id=1533435 [ 2 ] Bug #1544729 - CVE-2017-18187 CVE-2018-0487 CVE-2018-0488 mbedtls: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1544729 -------------------------------------------------------------------------------- ================================================================================ mellowplayer-3.3.4-1.fc27 (FEDORA-2018-fa1a894397) Cloud music integration for your desktop -------------------------------------------------------------------------------- Update Information: Update to 3.3.4 ---- Update to 3.3.3-2 - Add %%{name}-fix-sphinx-build.patch ---- Update to 3.3.3 ---- Update to 3.3.2 -------------------------------------------------------------------------------- ================================================================================ mir-0.30.0.1-1.fc27 (FEDORA-2018-144142ee5c) Next generation display server -------------------------------------------------------------------------------- Update Information: Notable upstream changes: * Many fixes to Wayland protocol support: * `SessionAuthorizer::connection_is_allowed` is now called on Wayland client connection, required for Wayland clients to work in Unity 8. * Keyboard state is now sent of focus, resolving strange modifier behavior when switching between clients * A number of crash fixes * Initial, experimental, support for `xdg-shell` (v6). * Set the `MIR_EXPERIMENTAL_XDG_SHELL` environment variable to enable. * Pointer events are now sent to windows that move underneath the pointer -------------------------------------------------------------------------------- References: [ 1 ] Bug #1545646 - mir-0.30.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1545646 [ 2 ] Bug #1546741 - mir-0.30.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1546741 -------------------------------------------------------------------------------- ================================================================================ mozilla-lightbeam-2.1.0-1.fc27 (FEDORA-2018-b9100f34e8) An add-on for visualizing HTTP requests between websites in real time -------------------------------------------------------------------------------- Update Information: **NOTE:** All packaged Firefox add-ons are affected by Firefox bug fedora#1508827 . A workaround is provided in the bug report. Please do not give negative karma just because of that bug. This update brings visualization performance improvements. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1546516 - mozilla-lightbeam-2.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1546516 -------------------------------------------------------------------------------- ================================================================================ mozilla-noscript-10.1.6.5-1.fc27 (FEDORA-2018-efefaeecab) JavaScript white list extension for Mozilla Firefox -------------------------------------------------------------------------------- Update Information: **NOTE:** All packaged Firefox add-ons are affected by Firefox bug fedora#1508827 . A workaround is provided in the bug report. Please do not give negative karma just because of that bug. **WebExtension changes:** * Context menu on web pages to access main UI * Fixed UI regression showing only the two rightmost components of IPv4 addresses * [XSS] More specific and unobtrusive handling of window.name sanitization * Fixed "XSS User Choices" not being included in Export files **Classic version changes:** * Fixed XSS false positive on some Facebook embeddings (thanks barbaz for reporting) * Fixed edge case origin checks for WebExtensions embedded in privileged documents * Fixed DNT support initialization regression (thanks barbaz for reporting) * [XSS] Fixed false positives on badly encoded URLs (thanks sage11 for reporting) * Script Surrogates don't affect privileged URLs anymore, unless the noscript.surrogate.matchPrivileged about:config preference is set to true (thanks barbaz for RFE) * [e10s] Fixed temporary permissions inter-process sync issue (thanks to the TorBrowser team for solution) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1543851 - mozilla-noscript-10.1.6.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1543851 -------------------------------------------------------------------------------- ================================================================================ nodejs-grunt-wrap-0.3.1-1.fc27 (FEDORA-2018-587008240f) A Grunt plugin for wrapping project text files -------------------------------------------------------------------------------- Update Information: Update to [0.3.1](https://github.com/chrissrogers/grunt-wrap/compare/a28588468e4 4db6f990d0f10d95833565eaa7057...fb342f1781fd0fcfcd2ef6bc0b84662de4d3beb4). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1460839 - nodejs-grunt-wrap-0.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1460839 -------------------------------------------------------------------------------- ================================================================================ nuvola-app-amazon-cloud-player-5.6-1.fc27 (FEDORA-2018-e2cc6c01a6) Amazon Cloud Player for Nuvola Player 3 -------------------------------------------------------------------------------- Update Information: Update to 5.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1546414 - nuvola-app-amazon-cloud-player-5.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1546414 -------------------------------------------------------------------------------- ================================================================================ ostree-2018.2-1.fc27 (FEDORA-2018-f787034011) Tool for managing bootable, immutable filesystem trees -------------------------------------------------------------------------------- Update Information: New upstream releases. See release notes for details: - https://github.com/projectatomic/rpm-ostree/releases/tag/v2018.2 - https://github.com/projectatomic/rpm-ostree/releases/tag/v2018.2 - https://github.com/projectatomic/rpm-ostree/releases/tag/v2018.3 -------------------------------------------------------------------------------- ================================================================================ pdns-4.1.1-1.fc27 (FEDORA-2018-73695c5e25) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - Update to 4.1.1 Release notes: https://doc.powerdns.com/authoritative/changelog/4.1.html#change-4.1.1 -------------------------------------------------------------------------------- ================================================================================ perl-Importer-0.025-1.fc27 (FEDORA-2018-7787adcfb9) Alternative interface to modules that export symbols -------------------------------------------------------------------------------- Update Information: This release corrects a test. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1546584 - perl-Importer-0.025 is available https://bugzilla.redhat.com/show_bug.cgi?id=1546584 -------------------------------------------------------------------------------- ================================================================================ perl-PathTools-3.74-1.fc27 (FEDORA-2018-dab548649a) PathTools Perl module (Cwd, File::Spec) -------------------------------------------------------------------------------- Update Information: This release fixes infinite recursion in _perl_abs_path() and it handles croak invocations better. -------------------------------------------------------------------------------- ================================================================================ poedit-2.0.6-1.fc27 (FEDORA-2018-2f1e5c6d40) GUI editor for GNU gettext .po files -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ================================================================================ python-GridDataFormats-0.4.0-1.fc27 (FEDORA-2018-f6ffffd5fd) Read and write data on regular grids in Python -------------------------------------------------------------------------------- Update Information: New feature that should increase interoperability with visualization tools such as PyMOL (see [#35](https://github.com/MDAnalysis/GridDataFormats/issues/35) for details). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1535726 - python-GridDataFormats-0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1535726 -------------------------------------------------------------------------------- ================================================================================ python-certbot-dns-digitalocean-0.21.1-1.fc27 (FEDORA-2018-be1e6ba7c5) DigitalOcean DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information: Initial package of python-certbot-dns-digitalocean -------------------------------------------------------------------------------- References: [ 1 ] Bug #1545969 - Review Request: python-certbot-dns-digitalocean - DigitalOcean DNS Authenticator plugin for Certbot https://bugzilla.redhat.com/show_bug.cgi?id=1545969 -------------------------------------------------------------------------------- ================================================================================ python-cloudflare-2.0.4-1.fc27 (FEDORA-2018-f4325e3efb) Python wrapper for the Cloudflare Client API v4 -------------------------------------------------------------------------------- Update Information: Initial package of python-cloudflare -------------------------------------------------------------------------------- References: [ 1 ] Bug #1546297 - Review Request: python-cloudflare - Python wrapper for the Cloudflare Client API v4 https://bugzilla.redhat.com/show_bug.cgi?id=1546297 -------------------------------------------------------------------------------- ================================================================================ python-sphinx-intl-0.9.11-1.fc27 (FEDORA-2018-fccc0e1760) Sphinx utility that make it easy to translate and to apply translation -------------------------------------------------------------------------------- Update Information: Update to 0.9.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1544587 - python-sphinx-intl-0.9.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1544587 -------------------------------------------------------------------------------- ================================================================================ qdirstat-1.4-6.fc27 (FEDORA-2018-b7bb50bff9) Qt-based directory statistics -------------------------------------------------------------------------------- Update Information: Add missing BR for gcc-c++ -------------------------------------------------------------------------------- ================================================================================ rpm-ostree-2018.3-1.fc27 (FEDORA-2018-f787034011) Hybrid image/package system -------------------------------------------------------------------------------- Update Information: New upstream releases. See release notes for details: - https://github.com/projectatomic/rpm-ostree/releases/tag/v2018.2 - https://github.com/projectatomic/rpm-ostree/releases/tag/v2018.2 - https://github.com/projectatomic/rpm-ostree/releases/tag/v2018.3 -------------------------------------------------------------------------------- ================================================================================ rubygem-gobject-introspection-3.2.1-5.fc27 (FEDORA-2018-d0fcafe4ff) Ruby binding of GObjectIntrospection -------------------------------------------------------------------------------- Update Information: This rpm fixes some integer overflow on 32bit, which was firstly reported for ruby gstreamer. -------------------------------------------------------------------------------- ================================================================================ sequeler-0.5.0-1.fc27 (FEDORA-2018-7dbd7d4e22) SQL Client built in Vala -------------------------------------------------------------------------------- Update Information: Update to version 0.5.0. Release notes: https://github.com/Alecaddd/sequeler/releases/tag/v0.5.0 -------------------------------------------------------------------------------- ================================================================================ spectre-meltdown-checker-0.35-1.fc27 (FEDORA-2018-679005cca1) Spectre & Meltdown vulnerability/mitigation checker for Linux -------------------------------------------------------------------------------- Update Information: Update to 0.35 - Feature: correctly detect specific Red Hat/Ubuntu patch for Spectre Variant 1 - Update: new list of blacklisted microcodes (from Intel document) - Enhancement: detect disrepancy between found kernel image and running kernel - Enhancement: speed up execution by not decompressing kernel in --sysfs-only mode - Enhancement: find images installed by systemd kernel-install - Enhancement: better explanation when kernel supports IBRS but CPU doesn't - Misc: other minor changes and bugfixes -------------------------------------------------------------------------------- ================================================================================ tideEditor-1.4.4-1.fc27 (FEDORA-2018-3c564d86e8) Editor for Tide Constituent Database (TCD) files -------------------------------------------------------------------------------- Update Information: New version 1.4.4 is released. -------------------------------------------------------------------------------- ================================================================================ unixODBC-2.3.5-1.fc27 (FEDORA-2018-773526071a) A complete ODBC driver manager for Linux -------------------------------------------------------------------------------- Update Information: Update to the latest [upstream](http://www.unixodbc.com) version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1537840 - unixODBC-2.3.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1537840 -------------------------------------------------------------------------------- ================================================================================ vdr-epg2vdr-1.1.86-1.fc27 (FEDORA-2018-ea1bd7042c) A plugin to retrieve EPG data from a mysql database into VDR -------------------------------------------------------------------------------- Update Information: Update to 1.1.86 ---- Update to 1.1.84 ---- Update to 1.1.83 ---- Update to 1.1.81 ---- Update 1.1.80-1 ---- Update to 1.1.79 ---- Update to 1.1.78-1 -------------------------------------------------------------------------------- ================================================================================ vim-8.0.1523-1.fc27 (FEDORA-2018-3b09ce9043) The VIM editor -------------------------------------------------------------------------------- Update Information: The newest upstream commit -------------------------------------------------------------------------------- ================================================================================ whipper-0.6.0-6.fc27 (FEDORA-2018-55d9cc8fb4) Python CD-DA ripper preferring accuracy over speed -------------------------------------------------------------------------------- Update Information: Added gcc build requirement. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1541566 - Review Request: whipper - Python CD-DA ripper https://bugzilla.redhat.com/show_bug.cgi?id=1541566 -------------------------------------------------------------------------------- ================================================================================ wine-3.2-1.fc27 (FEDORA-2018-1d93f407cb) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: - Separate implementation of USER controls for ComCtl32 v6. - Multisample texture support in Direct3D. - Support for HID gamepads. - More event support in MSHTML. - Obsolete DOS code removed. - Various bug fixes. -------------------------------------------------------------------------------- ================================================================================ zegrapher-3.0.2-4.fc27 (FEDORA-2018-4f69d0fa2e) Free and opensource math graphing software -------------------------------------------------------------------------------- Update Information: Add missing BR for gcc-c++ -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
