The following Fedora 26 Security updates need testing: Age URL 215 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 47 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26 34 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b166805347 transmission-2.92-12.fc26 34 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef squid-4.0.23-1.fc26 27 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c7c6160e65 thunderbird-52.6.0-1.fc26 21 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fff755ee8e jhead-3.00-7.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f97cb1c9b0 krb5-1.15.2-7.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5cdc56766f firefox-58.0.2-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-71fac70309 patch-2.7.6-3.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c1b8e0176c freetype-2.7.1-10.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-db5041e661 bro-2.5.3-1.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9817f1dafa mbedtls-2.7.0-1.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b79f325c48 bugzilla-5.0.4-1.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d94e205df8 wavpack-5.1.0-7.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5a249b4214 cryptopp-5.6.5-2.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2012089e37 libsamplerate-0.1.9-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fc47f3c85d glibc-arm-linux-gnu-2.26-4.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-147d33439c php-phpmyadmin-motranslator-4.0-1.fc26 php-phpmyadmin-sql-parser-4.2.4-3.fc26 phpMyAdmin-4.7.8-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5950093e69 mingw-wavpack-5.1.0-4.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b3e985489b quagga-1.2.2-2.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4e657bf5e3 sharutils-4.15.2-6.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5573046c3b freexl-1.0.5-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d369659cb nx-libs-3.5.0.33-4.fc26 x2goserver-4.0.1.22-2.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c1f73debee drupal7-7.57-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0c75cc72bc python-crypto-2.6.1-22.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 27 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c7c6160e65 thunderbird-52.6.0-1.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6fe397a796 lxpanel-0.9.3-4.D20180109git2ddf8dfc.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a iproute-4.14.1-5.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f97cb1c9b0 krb5-1.15.2-7.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-85dd2a6ff9 curl-7.53.1-15.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5cdc56766f firefox-58.0.2-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c1b8e0176c freetype-2.7.1-10.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5a2e230b9d net-snmp-5.7.3-26.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9d8876b830 samba-4.6.13-0.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-18c1baca23 qt5-qtbase-5.9.4-4.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-71fac70309 patch-2.7.6-3.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5e5bb3f1fb koji-1.15.0-4.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-53c4737dfb git-2.13.6-3.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4c28b00507 gnutls-3.5.18-2.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-be760d6d28 libidn2-2.0.4-3.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-800cf2f81e ethtool-4.15-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0be6ceb3e0 python2-2.7.14-5.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d94e205df8 wavpack-5.1.0-7.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-70fbfc5434 pcre-8.41-6.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c753faab74 zerofree-1.1.1-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-562467e141 sssd-1.16.0-7.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b7b864a29e breeze-icon-theme-5.43.0-1.fc26 extra-cmake-modules-5.43.0-1.fc26 kf5-5.43.0-1.fc26 kf5-attica-5.43.0-1.fc26 kf5-baloo-5.43.0-1.fc26 kf5-bluez-qt-5.43.0-1.fc26 kf5-frameworkintegration-5.43.0-2.fc26 kf5-kactivities-5.43.0-2.fc26 kf5-kactivities-stats-5.43.0-2.fc26 kf5-kapidox-5.43.0-1.fc26 kf5-karchive-5.43.0-1.fc26 kf5-kauth-5.43.0-1.fc26 kf5-kbookmarks-5.43.0-2.fc26 kf5-kcmutils-5.43.0-3.fc26 kf5-kcodecs-5.43.0-1.fc26 kf5-kcompletion-5.43.0-1.fc26 kf5-kconfig-5.43.0-1.fc26 kf5-kconfigwidgets-5.43.0-1.fc26 kf5-kcoreaddons-5.43.0-1.fc26 kf5-kcrash-5.43.0-1.fc26 kf5-kdbusaddons-5.43.0-1.fc26 kf5-kdeclarative-5.43.0-2.fc26 kf5-kded-5.43.0-3.fc26 kf5-kdelibs4support-5.43.0-3.fc26 kf5-kdesignerplugin-5.43.0-2.fc26 kf5-kdesu-5.43.0-1.fc26 kf5-kdewebkit-5.43.0-2.fc26 kf5-kdnssd-5.43.0-1.fc26 kf5-kdoctools-5.43.0-1.fc26 kf5-kemoticons-5.43.0-1.fc26 kf5-kfilemetadata-5.43.0-1.fc26 kf5-kglobalaccel-5.43.0-1.fc26 kf5-kguiad dons-5.43.0-1.fc26 kf5-khtml-5.43.0-3.fc26 kf5-ki18n-5.43.0-1.fc26 kf5-kiconthemes-5.43.0-1.fc26 kf5-kidletime-5.43.0-1.fc26 kf5-kimageformats-5.43.0-1.fc26 kf5-kinit-5.43.0-2.fc26 kf5-kio-5.43.0-3.fc26 kf5-kirigami2-5.43.0-1.fc26 kf5-kitemmodels-5.43.0-1.fc26 kf5-kitemviews-5.43.0-1.fc26 kf5-kjobwidgets-5.43.0-1.fc26 kf5-kjs-5.43.0-1.fc26 kf5-kjsembed-5.43.0-1.fc26 kf5-kmediaplayer-5.43.0-2.fc26 kf5-knewstuff-5.43.0-2.fc26 kf5-knotifications-5.43.0-1.fc26 kf5-knotifyconfig-5.43.0-2.fc26 kf5-kpackage-5.43.0-1.fc26 kf5-kparts-5.43.0-2.fc26 kf5-kpeople-5.43.0-1.fc26 kf5-kplotting-5.43.0-1.fc26 kf5-kpty-5.43.0-1.fc26 kf5-kross-5.43.0-2.fc26 kf5-krunner-5.43.0-3.fc26 kf5-kservice-5.43.0-1.fc26 kf5-ktexteditor-5.43.0-3.fc26 kf5-ktextwidgets-5.43.0-1.fc26 kf5-kunitconversion-5.43.0-1.fc26 kf5-kwallet-5.43.0-1.fc26 kf5-kwayland-5.43.0-1.fc26 kf5-kwidgetsaddons-5.43.0-1.fc26 kf5-kwindowsystem-5.43.0-1.fc26 kf5-kxmlgui-5.43.0-1.fc26 kf5-kxmlrpcclient-5.43.0-2.fc26 kf5-modemmanager-qt-5.43.0- 1.fc26 kf5-networkmanager-qt-5.43.0-1.fc26 kf5-plasma-5.43.0-3.fc26 kf5-prison-5.43.0-1.fc26 kf5-purpose-5.43.0-1.fc26 kf5-solid-5.43.0-2.fc26 kf5-sonnet-5.43.0-1.fc26 kf5-syntax-highlighting-5.43.0-1.fc26 kf5-threadweaver-5.43.0-1.fc26 oxygen-icon-theme-5.43.0-1.fc26 qqc2-desktop-style-5.43.0-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-65b86cadc0 usermode-1.112-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5119859c4a bridge-utils-1.6-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7754b8e7e4 fwupd-0.9.9-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c7118c6994 libtevent-0.9.36-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d751a1e54e soxr-0.1.3-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b4b924c3ca mpfr-3.1.6-1.fc26 The following builds have been pushed to Fedora 26 updates-testing buildah-0.15-1.gitd1330a5.fc26 clover2-3.6.9-1.D20180227git8f79f5e.fc26 copr-backend-1.114-1.fc26 duplicity-0.7.17-2.fc26 fpc-3.0.4-1.fc26 kernel-4.15.5-200.fc26 kshutdown-4.2-1.fc26 lazarus-1.8.0-2.fc26 libXcursor-1.1.15-1.fc26 libXfont-1.5.4-1.fc26 libXfont2-2.0.3-1.fc26 libmodulemd-1.0.4-1.fc26 libwebp-0.6.1-8.fc26 nheko-0.1.0-27.20180226gitc75a136.fc26 perl-Clownfish-0.6.3-1.fc26 perl-Clownfish-CFC-0.6.3-1.fc26 perl-Mail-JMAPTalk-0.10-1.fc26 perl-XML-LibXML-2.0129-3.fc26 python-recaptcha-client-2.0.0-1.fc26 rpkg-1.52-1.fc26 ruby-2.4.3-87.fc26 uim-1.8.6-17.fc26 v8-6.2.91-7.fc26 vdr-epg2vdr-1.1.91-1.fc26 youtube-dl-2018.02.26-1.fc26 Details about builds: ================================================================================ buildah-0.15-1.gitd1330a5.fc26 (FEDORA-2018-fead760be6) A command line tool used for creating OCI Images -------------------------------------------------------------------------------- Update Information: - Fix handling of buildah run command options - If commonOpts do not exist, we should return rather then segfault - Display full error string instead of just status - Implement --volume and --shm-size for bud and from - Fix secrets patch for buildah bud - Fixes the naming issue of blobs and config for the dir transport by removing the .tar extension -------------------------------------------------------------------------------- References: [ 1 ] Bug #1533051 - 'buildah from image' create incorrect container name https://bugzilla.redhat.com/show_bug.cgi?id=1533051 [ 2 ] Bug #1535723 - buildah-v0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1535723 -------------------------------------------------------------------------------- ================================================================================ clover2-3.6.9-1.D20180227git8f79f5e.fc26 (FEDORA-2018-8742cd7de3) Yet another compiler language -------------------------------------------------------------------------------- Update Information: New version 3.6.9 is released. -------------------------------------------------------------------------------- ================================================================================ copr-backend-1.114-1.fc26 (FEDORA-2018-1809d84782) Backend for Copr -------------------------------------------------------------------------------- Update Information: - enable to pass more then one ignored subnetwork to copr_log_hitcounter ---- - original builder deprecation - remove Group tag - Shebangs cleanup - escapes in changelogs - use netaddr instead of IPy module - sleep after each load_jobs iteration - python3 conversion - UMB: adding content type - add source_status field for Builds - generate module artifacts rpms - the rsync log is actually renderred directly into result dir now - mockchain.log renamed to backend.log - pg#192 missing records in mockchain.log - enable running tests in spec file - enable and update vmmamanger tests, fix three minor bugs in the manager - frontend now presents the whole job queue state to backend - copy only module builds into the repo directory ---- - exception handling for hit counting when IP address cannot be parsed ---- - terminate also 'in_use' builders if health checks have failed - make --detached the last arg for copr-rpmbuild - update copr_log_hitcounter to check ip against ignored pattern - new msg bus options - disable DNF makecache timer/service - fix message duplication for multi-bus scenario - optimize createrepo_c - Revert "[backend] remove --ignore- lock from createrepo_c" -------------------------------------------------------------------------------- ================================================================================ duplicity-0.7.17-2.fc26 (FEDORA-2018-855a10dece) Encrypted bandwidth-efficient backup using rsync algorithm -------------------------------------------------------------------------------- Update Information: New in v0.7.17 (2018/02/26) --------------------------- * Removed changes made in bug #1044715 Provide a file history feature - Changes required too much memory to carry in the manifest - The option --file-changed in collection- status is now invalid - This will close bugs: #1730451, #896728, #1526557, #1550176 - Starting a full backup will be needed to fully utilize this fix * Fix update of Launchpad Translations. Translations were not being picked up on a daily basis and we got several months behind. -------------------------------------------------------------------------------- ================================================================================ fpc-3.0.4-1.fc26 (FEDORA-2018-a50da4b6a1) Free Pascal Compiler -------------------------------------------------------------------------------- Update Information: Upgrade FPC to upstream release 3.0.4, upgrade Lazarus to upstream release 1.8.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1544205 - Lazarus needs to be rebuilt after fpc upgrade https://bugzilla.redhat.com/show_bug.cgi?id=1544205 [ 2 ] Bug #1525820 - Need update lazarus to 1.8.0 https://bugzilla.redhat.com/show_bug.cgi?id=1525820 -------------------------------------------------------------------------------- ================================================================================ kernel-4.15.5-200.fc26 (FEDORA-2018-c710e7893c) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.15.5 update contains a number of important fixes across the tree -------------------------------------------------------------------------------- References: [ 1 ] Bug #1397041 - Brightness controls doesn't work on MacBook Pro Mid 2015 https://bugzilla.redhat.com/show_bug.cgi?id=1397041 -------------------------------------------------------------------------------- ================================================================================ kshutdown-4.2-1.fc26 (FEDORA-2018-ea86f8072c) Graphical shutdown utility for Plasma 5 -------------------------------------------------------------------------------- Update Information: Kshutdown 4.2 release. See https://kshutdown.sourceforge.io/releases/4.2.html for more information. -------------------------------------------------------------------------------- ================================================================================ lazarus-1.8.0-2.fc26 (FEDORA-2018-a50da4b6a1) Lazarus Component Library and IDE for Freepascal -------------------------------------------------------------------------------- Update Information: Upgrade FPC to upstream release 3.0.4, upgrade Lazarus to upstream release 1.8.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1544205 - Lazarus needs to be rebuilt after fpc upgrade https://bugzilla.redhat.com/show_bug.cgi?id=1544205 [ 2 ] Bug #1525820 - Need update lazarus to 1.8.0 https://bugzilla.redhat.com/show_bug.cgi?id=1525820 -------------------------------------------------------------------------------- ================================================================================ libXcursor-1.1.15-1.fc26 (FEDORA-2018-0eed1be1c0) Cursor management library -------------------------------------------------------------------------------- Update Information: libXcursor 1.1.15 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1518479 - CVE-2017-16612 libXcursor: file.c: heap-based buffer overflow when reading/creating images [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1518479 -------------------------------------------------------------------------------- ================================================================================ libXfont-1.5.4-1.fc26 (FEDORA-2018-5a7cd68500) X.Org X11 libXfont runtime library -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-16611 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1519084 - CVE-2017-16611 libXfont: User can trigger arbitrary file read by X server causing a DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1519084 [ 2 ] Bug #1504381 - libXfont-1.5.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1504381 -------------------------------------------------------------------------------- ================================================================================ libXfont2-2.0.3-1.fc26 (FEDORA-2018-05b078c373) X.Org X11 libXfont2 runtime library -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-16611 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1519083 - CVE-2017-16611 libXfont2: libXfont: User can trigger arbitrary file read by X server causing a DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1519083 -------------------------------------------------------------------------------- ================================================================================ libmodulemd-1.0.4-1.fc26 (FEDORA-2018-2bd2f56fe8) Module metadata manipulation library -------------------------------------------------------------------------------- Update Information: Update to 1.0.4 - RPM components are properly emitted when no module components exist - Parser works around late determination of modulemd version - Avoid infinite loop on unparseable YAML ---- - Support modulemd v2 - Add tool to do quick validation of modulemd - Fix memory management - Warn and ignore unparseable sub-documents in the YAML -------------------------------------------------------------------------------- ================================================================================ libwebp-0.6.1-8.fc26 (FEDORA-2018-ac46761c83) Library and tools for the WebP graphics format -------------------------------------------------------------------------------- Update Information: This update ensures that the standard Fedora linker flags are honoured, and contains a bunch of big-endian fixes. ---- This update backports an upstream big-endian fix (https://github.com/webmproject/libwebp/commit/3005237a5d68d1e1f4 65d925040a9507f55e8895). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1548718 - libwebp: Partial build flags injection https://bugzilla.redhat.com/show_bug.cgi?id=1548718 -------------------------------------------------------------------------------- ================================================================================ nheko-0.1.0-27.20180226gitc75a136.fc26 (FEDORA-2018-25376e09a5) Desktop client for the Matrix protocol -------------------------------------------------------------------------------- Update Information: Updated to latest Git snapshot. -------------------------------------------------------------------------------- ================================================================================ perl-Clownfish-0.6.3-1.fc26 (FEDORA-2018-4835c867a4) Apache Clownfish symbiotic object system -------------------------------------------------------------------------------- Update Information: This release xorrects building on Perl without "." in Perl module search path. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1549551 - perl-Clownfish-CFC-0.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1549551 [ 2 ] Bug #1549550 - perl-Clownfish-0.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1549550 -------------------------------------------------------------------------------- ================================================================================ perl-Clownfish-CFC-0.6.3-1.fc26 (FEDORA-2018-4835c867a4) Compiler for Apache Clownfish -------------------------------------------------------------------------------- Update Information: This release xorrects building on Perl without "." in Perl module search path. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1549551 - perl-Clownfish-CFC-0.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1549551 [ 2 ] Bug #1549550 - perl-Clownfish-0.6.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1549550 -------------------------------------------------------------------------------- ================================================================================ perl-Mail-JMAPTalk-0.10-1.fc26 (FEDORA-2018-6b02e39b11) Perl client for JMAP protocol -------------------------------------------------------------------------------- Update Information: This release adds CallMethods() method for wrapping new-style JMAP. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1529811 - perl-Mail-JMAPTalk-0.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1529811 -------------------------------------------------------------------------------- ================================================================================ perl-XML-LibXML-2.0129-3.fc26 (FEDORA-2018-7efc906066) Perl interface to the libxml2 library -------------------------------------------------------------------------------- Update Information: This release adjusts tests to libxml2-2.9.5. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1489529 - perl-XML-LibXML-2.0129-7.fc28 FTBFS: tests fail with libxml2-2.9.5 https://bugzilla.redhat.com/show_bug.cgi?id=1489529 -------------------------------------------------------------------------------- ================================================================================ python-recaptcha-client-2.0.0-1.fc26 (FEDORA-2018-d3c13a9a74) Python module for reCAPTCHA and reCAPTCHA Mailhide -------------------------------------------------------------------------------- Update Information: 1. add 'version=2' against displayhtml, load_scripts functions to make use of reCAPTCHA v2 2. introduce the v2submit (along with submit to keep backwards compatibility) function to support reCAPTCHA v2 3. upstream has been forked into a new Github project -------------------------------------------------------------------------------- ================================================================================ rpkg-1.52-1.fc26 (FEDORA-2018-4f7c1a7ef7) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information: - Mock ThreadPool in test_module_overview (cqi) - Drop rpmfluff in test (cqi) - Fix hardcoded directory name in test (lsedlar) - Improve testenv for py26 (cqi) - Run tests with old GitPython in py26 testenv (cqi) - Compile pycurl with openssl after F27 (cqi) - Ignore .egg/ from git (cqi) - Add py26 to testenv (cqi) - Install koji from PyPI (cqi) - Make compose-id and repo-url to take one or more values (csomh) - Let git ignore more directories (cqi) - Exclude pyc and __pycache__ globally in sdist (cqi) - Handle nonexisting mbs-manager (cqi) - Add dependent packages for Python 2.6 in setup.py (cqi) - Updated module cli API (mcurlej) - Declare Python versions rpkg can work with - #278 (cqi) - Fix flake8 errors (cqi) - Fix tests that do not work with Python 3 (cqi) - Fix tests: not impact by dict.items call (cqi) - Add py36 to testenv - #274 (cqi) - Run tox to run tests and check code styles - #276 (cqi) - Use flake8 3.5.0 (cqi) - Add files under requirements/ to sdist package (cqi) - Install Koji shared library via setuptools (cqi) - Set install and tests requires in setup.py (cqi) - Split pypi requirements and refine versions (cqi) - Change type of compose id from string to int (bfontecc) - Install RPM Python binding from PyPI (cqi) - Fix test test_lint_each_file_once (cqi) - Add compose-id and signing-intent arguments (bfontecc) - Use env's python (lucarval) - Use progress callback and TaskWatcher from koji_cli.lib (cqi) - Get buildhash from git+https:// url (lsedlar) - lint: Avoid checking rpm's multiple times (tmz) - Fix giturl as well by calling construct_build_url (cqi) - Fix construct anongiturl for chain-build (cqi) - Fix mock openidc_client (cqi) -------------------------------------------------------------------------------- ================================================================================ ruby-2.4.3-87.fc26 (FEDORA-2018-1fffa787e7) An interpreter of object-oriented scripting language -------------------------------------------------------------------------------- Update Information: Fix: Multiple vulnerabilities in RubyGems https://www.ruby- lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1547431 - CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 rubygems: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1547431 [ 2 ] Bug #1528226 - CVE-2017-17790 ruby: Command injection in lib/resolv.rb:lazy_initialize() allows arbitrary code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1528226 -------------------------------------------------------------------------------- ================================================================================ uim-1.8.6-17.fc26 (FEDORA-2018-0209bafc31) A multilingual input method library -------------------------------------------------------------------------------- Update Information: Fix the buffer overflow issue -------------------------------------------------------------------------------- References: [ 1 ] Bug #1549478 - buffer overflow in uim https://bugzilla.redhat.com/show_bug.cgi?id=1549478 -------------------------------------------------------------------------------- ================================================================================ v8-6.2.91-7.fc26 (FEDORA-2018-ff5e3db878) JavaScript Engine -------------------------------------------------------------------------------- Update Information: Add missing .so link. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1517657 - Missing libv8_libplatform.so and libv8_libbase.so in v8-devel https://bugzilla.redhat.com/show_bug.cgi?id=1517657 -------------------------------------------------------------------------------- ================================================================================ vdr-epg2vdr-1.1.91-1.fc26 (FEDORA-2018-409c6fe41e) A plugin to retrieve EPG data from a mysql database into VDR -------------------------------------------------------------------------------- Update Information: Update to 1.1.91 -------------------------------------------------------------------------------- ================================================================================ youtube-dl-2018.02.26-1.fc26 (FEDORA-2018-996581f22f) A small command-line program to download online videos -------------------------------------------------------------------------------- Update Information: Update to the latest upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1544291 - youtube-dl-2018.02.26 is available https://bugzilla.redhat.com/show_bug.cgi?id=1544291 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
