The following Fedora 26 Security updates need testing: Age URL 232 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 64 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26 51 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef squid-4.0.23-1.fc26 44 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c7c6160e65 thunderbird-52.6.0-1.fc26 26 https://bodhi.fedoraproject.org/updates/FEDORA-2018-db5041e661 bro-2.5.3-1.fc26 23 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5a249b4214 cryptopp-5.6.5-2.fc26 23 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fc47f3c85d glibc-arm-linux-gnu-2.26-4.fc26 19 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c1f73debee drupal7-7.57-1.fc26 15 https://bodhi.fedoraproject.org/updates/FEDORA-2018-70c191d84a ntp-4.2.8p11-1.fc26 14 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c967cee830 dovecot-2.2.34-1.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-122ea355a7 memcached-1.4.39-2.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5a5f51753c net-snmp-5.7.3-27.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6143b1d911 calibre-3.19.0-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d809bd2fd6 php-simplesamlphp-saml2_1-1.10.6-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f4ab4d96f9 php-simplesamlphp-saml2-2.3.8-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f2097d8937 php-simplesamlphp-saml2_3-3.1.4-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5673d070df ImageMagick-6.9.9.38-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-505e83d30e webkitgtk4-2.20.0-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a0cca16ec6 exim-4.90.1-3.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66c96e0024 curl-7.53.1-16.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7011a8b0da firefox-59.0-4.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1d3d0e6f2e monitorix-3.10.1-1.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 44 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c7c6160e65 thunderbird-52.6.0-1.fc26 29 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a iproute-4.14.1-5.fc26 26 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5e5bb3f1fb koji-1.15.0-4.fc26 26 https://bodhi.fedoraproject.org/updates/FEDORA-2018-53c4737dfb git-2.13.6-3.fc26 14 https://bodhi.fedoraproject.org/updates/FEDORA-2018-001ca50386 libdrm-2.4.90-2.fc26 14 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e3590e7463 iptables-1.6.2-2.fc26 libnftnl-1.0.9-2.fc26 nftables-0.8.2-2.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9efc9ddbb6 xfce4-settings-4.12.2-2.fc26 10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bac26576fe lxpanel-0.9.3-7.D20180305gitb85c71a6.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1e6641ec83 gsm-1.0.17-2.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3cf2e9af11 redhat-rpm-config-65-1.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6b73fc22f3 breeze-icon-theme-5.44.0-1.fc26 extra-cmake-modules-5.44.0-1.fc26 kf5-5.44.0-1.fc26 kf5-attica-5.44.0-1.fc26 kf5-baloo-5.44.0-1.fc26 kf5-bluez-qt-5.44.0-1.fc26 kf5-frameworkintegration-5.44.0-1.fc26 kf5-kactivities-5.44.0-1.fc26 kf5-kactivities-stats-5.44.0-1.fc26 kf5-kapidox-5.44.0-1.fc26 kf5-karchive-5.44.0-1.fc26 kf5-kauth-5.44.0-1.fc26 kf5-kbookmarks-5.44.0-1.fc26 kf5-kcmutils-5.44.0-1.fc26 kf5-kcodecs-5.44.0-1.fc26 kf5-kcompletion-5.44.0-1.fc26 kf5-kconfig-5.44.0-1.fc26 kf5-kconfigwidgets-5.44.0-1.fc26 kf5-kcoreaddons-5.44.0-2.fc26 kf5-kcrash-5.44.0-1.fc26 kf5-kdbusaddons-5.44.0-1.fc26 kf5-kdeclarative-5.44.0-1.fc26 kf5-kded-5.44.0-1.fc26 kf5-kdelibs4support-5.44.0-1.fc26 kf5-kdesignerplugin-5.44.0-1.fc26 kf5-kdesu-5.44.0-1.fc26 kf5-kdewebkit-5.44.0-1.fc26 kf5-kdnssd-5.44.0-1.fc26 kf5-kdoctools-5.44.0-1.fc26 kf5-kemoticons-5.44.0-1.fc26 kf5-kfilemetadata-5.44.0-1.fc26 kf5-kglobalaccel-5.44.0-1.fc26 kf5-kguiad dons-5.44.0-1.fc26 kf5-khtml-5.44.0-1.fc26 kf5-ki18n-5.44.0-1.fc26 kf5-kiconthemes-5.44.0-1.fc26 kf5-kidletime-5.44.0-1.fc26 kf5-kimageformats-5.44.0-1.fc26 kf5-kinit-5.44.0-1.fc26 kf5-kio-5.44.0-2.fc26 kf5-kirigami2-5.44.0-1.fc26 kf5-kitemmodels-5.44.0-1.fc26 kf5-kitemviews-5.44.0-1.fc26 kf5-kjobwidgets-5.44.0-1.fc26 kf5-kjs-5.44.0-1.fc26 kf5-kjsembed-5.44.0-1.fc26 kf5-kmediaplayer-5.44.0-1.fc26 kf5-knewstuff-5.44.0-1.fc26 kf5-knotifications-5.44.0-1.fc26 kf5-knotifyconfig-5.44.0-1.fc26 kf5-kpackage-5.44.0-1.fc26 kf5-kparts-5.44.0-1.fc26 kf5-kpeople-5.44.0-1.fc26 kf5-kplotting-5.44.0-1.fc26 kf5-kpty-5.44.0-1.fc26 kf5-kross-5.44.0-1.fc26 kf5-krunner-5.44.0-1.fc26 kf5-kservice-5.44.0-1.fc26 kf5-ktexteditor-5.44.0-1.fc26 kf5-ktextwidgets-5.44.0-1.fc26 kf5-kunitconversion-5.44.0-1.fc26 kf5-kwallet-5.44.0-1.fc26 kf5-kwayland-5.44.0-1.fc26 kf5-kwidgetsaddons-5.44.0-1.fc26 kf5-kwindowsystem-5.44.0-1.fc26 kf5-kxmlgui-5.44.0-1.fc26 kf5-kxmlrpcclient-5.44.0-1.fc26 kf5-modemmanager-qt-5.44.0- 1.fc26 kf5-networkmanager-qt-5.44.0-1.fc26 kf5-plasma-5.44.0-1.fc26 kf5-prison-5.44.0-1.fc26 kf5-purpose-5.44.0-1.fc26 kf5-solid-5.44.0-1.fc26 kf5-sonnet-5.44.0-1.fc26 kf5-syntax-highlighting-5.44.0-1.fc26 kf5-threadweaver-5.44.0-1.fc26 oxygen-icon-theme-5.44.0-1.fc26 qqc2-desktop-style-5.44.0-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5a5f51753c net-snmp-5.7.3-27.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1d88fda62c sssd-1.16.1-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-694c4e8d94 nss-3.36.0-1.0.fc26 nss-softokn-3.36.0-1.0.fc26 nss-util-3.36.0-1.0.fc26 nspr-4.19.0-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-cae2c0b3b3 osinfo-db-20180311-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-505e83d30e webkitgtk4-2.20.0-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1969794434 selinux-policy-3.13.1-260.20.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c308490ec9 jansson-2.11-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7011a8b0da firefox-59.0-4.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-031d0ddaa3 python2-2.7.14-7.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66c96e0024 curl-7.53.1-16.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-13dc94ac37 python3-3.6.4-3.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3fd0a5f75f gnome-software-3.24.3-5.fc26 The following builds have been pushed to Fedora 26 updates-testing atoum-3.3.0-1.fc26 fzf-0.17.3-1.fc26 golang-github-gdamore-tcell-1.0.0-1.fc26 kernel-4.15.10-200.fc26 kgpg-16.12.3-1.fc26.1 libmodulemd-1.1.2-1.fc26 perl-Test-Inter-1.07-1.fc26 phpMyAdmin-4.7.9-1.fc26 pure-ftpd-1.0.47-1.fc26 python-paramiko-2.2.3-1.fc26 roundcubemail-1.3.5-1.fc26 rubygem-cairo-1.15.12-1.fc26 visualboyadvance-m-2.0.2-1.fc26 xfce4-terminal-0.8.7.2-1.fc26 Details about builds: ================================================================================ atoum-3.3.0-1.fc26 (FEDORA-2018-ef8f148bc4) PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: **Version 3.3.0** - 2018-03-15 * [#771](https://github.com/atoum/atoum/pull/771) Normalize and simplify the asserter name when a test case fails ([@hywan]) * [#754](https://github.com/atoum/atoum/pull/754) Add the dot report ([@jubianchi]) * [#769](https://github.com/atoum/atoum/pull/769) CLI: Align options to the left, and increase contrast ([@hywan]) * [#757](https://github.com/atoum/atoum/pull/757) Take the error reporting level into account to exit the runner ([@hywan]) * [#752](https://github.com/atoum/atoum/pull/752) Add an os annotation to only run tests on specific OS ([@jubianchi]) * [#585](https://github.com/atoum/atoum/pull/585) Memory usage is based on the peak & real allocations ([@hywan]) * [#740](https://github.com/atoum/atoum/pull/740) String asserter now has `notMatches` assertion ([@fvilpoix]) -------------------------------------------------------------------------------- ================================================================================ fzf-0.17.3-1.fc26 (FEDORA-2018-90f7da75d4) A command-line fuzzy finder written in Go -------------------------------------------------------------------------------- Update Information: New upstream release. * $LINES and $COLUMNS are exported to preview command so that the command knows the exact size of the preview window. * Better error messages when the default command or $FZF_DEFAULT_COMMAND fails. * fzf now distinguishes mouse left click and right click Right click is now bound to toggle action by default. --bind understands left-click and right-click * Added replace-query action Replaces query string with the current selection * Added accept-non-empty action Same as accept, except that it prevents fzf from exiting without any selection -------------------------------------------------------------------------------- ================================================================================ golang-github-gdamore-tcell-1.0.0-1.fc26 (FEDORA-2018-da787cdb4f) An alternate terminal package -------------------------------------------------------------------------------- Update Information: Update to first released version -------------------------------------------------------------------------------- ================================================================================ kernel-4.15.10-200.fc26 (FEDORA-2018-296bf0c332) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.15.10 update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1555145 - CVE-2018-8087 kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service https://bugzilla.redhat.com/show_bug.cgi?id=1555145 [ 2 ] Bug #1552048 - CVE-2018-1068 kernel: Out-of-bounds write via userland offsets in ebt_entry struct in netfilter/ebtables.c https://bugzilla.redhat.com/show_bug.cgi?id=1552048 -------------------------------------------------------------------------------- ================================================================================ kgpg-16.12.3-1.fc26.1 (FEDORA-2018-b9be305562) Manage GPG encryption keys -------------------------------------------------------------------------------- Update Information: Rebuild kgpg against recent kpim-17.12.x frameworks. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1557008 - kgpg: symbol lookup error: kgpg: undefined symbol: https://bugzilla.redhat.com/show_bug.cgi?id=1557008 -------------------------------------------------------------------------------- ================================================================================ libmodulemd-1.1.2-1.fc26 (FEDORA-2018-08727d02fb) Module metadata manipulation library -------------------------------------------------------------------------------- Update Information: - Revert backwards-incompatible change to nsversion for GObject Introspection - Make default stream and profiles optional - Fixes: https://github.com/fedora- modularity/libmodulemd/issues/25 - Fixes: https://github.com/fedora- modularity/libmodulemd/issues/26 - Fixes: https://github.com/fedora- modularity/libmodulemd/issues/27 -------------------------------------------------------------------------------- ================================================================================ perl-Test-Inter-1.07-1.fc26 (FEDORA-2018-99a17cd2aa) Framework for more readable interactive test scripts -------------------------------------------------------------------------------- Update Information: This release corrects handling of empty structures. It also improves documentation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1557083 - perl-Test-Inter-1.07 is available https://bugzilla.redhat.com/show_bug.cgi?id=1557083 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.7.9-1.fc26 (FEDORA-2018-ce381bfaf3) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: Upstream announcement: **phpMyAdmin 4.7.9 is released** 2018-03-05 Welcome to phpMyAdmin 4.7.9, a routine maintenance release containing bug fixes. A complete list of new features and bugs that have been fixed is available in the ChangeLog file or changelog.php included with this release. Notable changes since 4.7.8: * Fixed double escaping in enum dropdowns * Fixed broken sorting * Fixed "Not an integer" error when browsing a table * Fixed an error saying a form has over 1000 fields and suggesting changes to PHP's max_input_vars configuration directive Thanks to our sponsors for helping to make this work possible! The phpMyAdmin Team -------------------------------------------------------------------------------- ================================================================================ pure-ftpd-1.0.47-1.fc26 (FEDORA-2018-d9aaa17658) Lightweight, fast and secure FTP server -------------------------------------------------------------------------------- Update Information: New version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1490354 - pure-ftpd authentication fails after upgrade from 1.0.42 to 1.0.46 https://bugzilla.redhat.com/show_bug.cgi?id=1490354 -------------------------------------------------------------------------------- ================================================================================ python-paramiko-2.2.3-1.fc26 (FEDORA-2018-c1769746da) SSH2 protocol library for python -------------------------------------------------------------------------------- Update Information: A flaw was found in the implementation of `transport.py` in Paramiko, which did not properly check whether authentication was completed before processing other requests. A customized SSH client could simply skip the authentication step. This flaw is a user authentication bypass in the SSH Server functionality of Paramiko. Where Paramiko is used only for its client-side functionality (e.g. `paramiko.SSHClient`), the vulnerability is not exposed and thus cannot be exploited. This update also fixes an issue where Ed25519 auth key decryption raised an unexpected exception when given a unicode password string (typical in Python 3). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1557130 - CVE-2018-7750 python-paramiko: Authentication bypass in transport.py https://bugzilla.redhat.com/show_bug.cgi?id=1557130 -------------------------------------------------------------------------------- ================================================================================ roundcubemail-1.3.5-1.fc26 (FEDORA-2018-20f1330748) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: RELEASE 1.3.5 ------------- - Managesieve: Fix bug where text: syntax was forced for strings longer than 1024 characters (#6143) - Managesieve: Fix missing Save button in Edit Filter Set page of Classic skin (#6154) - Fix duplicated labels in Test SMTP Config section (#6166) - Fix PHP Warning: exif_read_data(...): Illegal IFD size (#6169) - Enigma: Fix key generation in Safari by upgrade to OpenPGP 2.6.2 (#6149) - Fix security issue in remote content blocking on HTML image and style tags (#6178) - Added 9pt and 11pt to the list of font sizes in HTML editor - Fix handling encoding of HTML tags in "inline" JSON output (#6207) - Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() (#6212) -------------------------------------------------------------------------------- ================================================================================ rubygem-cairo-1.15.12-1.fc26 (FEDORA-2018-46c05e0003) Ruby bindings for cairo -------------------------------------------------------------------------------- Update Information: New version 1.15.12 is released. -------------------------------------------------------------------------------- ================================================================================ visualboyadvance-m-2.0.2-1.fc26 (FEDORA-2018-a505477c10) High compatibility Gameboy Advance Emulator combining VBA builds -------------------------------------------------------------------------------- Update Information: Update to 2.0.2, bug fix release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1556648 - visualboyadvance-m-2.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1556648 -------------------------------------------------------------------------------- ================================================================================ xfce4-terminal-0.8.7.2-1.fc26 (FEDORA-2018-e7526f9bf0) Terminal Emulator for the Xfce Desktop environment -------------------------------------------------------------------------------- Update Information: update to bugfix update (v0.8.7.2) -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
