The following Fedora 27 Security updates need testing: Age URL 54 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27 36 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e38f759144 python-bleach-2.1.3-1.fc27 36 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8ff86925c3 memcached-1.5.6-1.fc27 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d48955723f wordpress-4.9.5-1.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c9395f9bec remctl-3.14-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6e6d8c314b drupal8-8.4.6-3.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-57bbe74c6c pcs-0.9.164-1.fc27 The following Fedora 27 Critical Path updates have yet to be approved: Age URL 25 https://bodhi.fedoraproject.org/updates/FEDORA-2018-55a6726164 PackageKit-1.1.9-2.fc27 gnome-software-3.28.0-4.fc27 libappstream-glib-0.7.7-2.fc27 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-772fcd140c linux-firmware-20180402-83.git8c1e439c.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-85791ad8d9 webkitgtk4-2.20.1-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7b617c869f desktop-file-utils-0.23-8.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d7eac0e821 python-beautifulsoup4-4.6.0-2.fc27.1 The following builds have been pushed to Fedora 27 updates-testing babeld-1.8.1-1.fc27 bindfs-1.13.9-1.fc27 bolt-0.3-1.fc27 cifs-utils-6.8-1.fc27 cmark-0.27.1-5.fc27 deja-dup-38.0-1.fc27 dippi-2.6.2-1.fc27 dogtag-pki-10.5.7-1.fc27 fleet-commander-admin-0.10.7-1.fc27 fleet-commander-client-0.10.2-2.fc27 gdal-2.1.4-5.1.fc27 gerbv-2.6.2-1.fc27 ghc-hakyll-4.9.8.0-2.fc27 ghc-skylighting-0.3.3.1-1.fc27 gnupg2-2.2.6-1.fc27 golang-github-jackpal-gateway-1.0.4-0.4.gitcbcf4e3.fc27 ibus-typing-booster-1.5.36-1.fc27 java-9-openjdk-9.0.4.11-6.fc27 java-openjdk-10.0.0.46-10.fc27 jgraphx-3.6.0.0-4.fc27 js-jsroot-5.4.1-1.fc27 kernel-4.15.16-300.fc27 knot-2.6.6-1.fc27 libbson-1.9.4-1.fc27 pandoc-1.19.2.4-1.fc27 pandoc-citeproc-0.10.5.1-1.fc27 perl-Gtk2-Unique-0.05-22.fc27 php-zendframework-zend-db-2.9.3-1.fc27 phpunit6-6.5.8-1.fc27 pki-core-10.5.7-2.fc27 powerline-go-1.9.0-1.fc27 python-fedmsg-meta-fedora-infrastructure-0.24.1-1.fc27 python-productmd-1.11-2.fc27 python-pycryptodomex-3.6.0-2.fc27 python-pypillowfight-0.2.4-1.fc27 rpkg-1.53-1.fc27 rubygem-rdoc-5.1.0-3.fc27 salt-2018.3.0-1.fc27 sbsigntools-0.9.1-1.fc27 Details about builds: ================================================================================ babeld-1.8.1-1.fc27 (FEDORA-2018-c2c3bd81be) Ad-hoc network routing daemon -------------------------------------------------------------------------------- Update Information: 1.8.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1564798 - babeld-1.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1564798 -------------------------------------------------------------------------------- ================================================================================ bindfs-1.13.9-1.fc27 (FEDORA-2018-f3c0ecf40a) Fuse filesystem to mirror a directory -------------------------------------------------------------------------------- Update Information: - update to new version 1.13.9 + spec cleanup / modernization -------------------------------------------------------------------------------- ================================================================================ bolt-0.3-1.fc27 (FEDORA-2018-4723a3dc84) Thunderbolt device manager -------------------------------------------------------------------------------- Update Information: bolt 0.3 upstream release ---- bolt 0.2 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1562986 - [abrt] bolt: __strrchr_avx2(): boltd killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1562986 -------------------------------------------------------------------------------- ================================================================================ cifs-utils-6.8-1.fc27 (FEDORA-2018-01629a1bd8) Utilities for mounting and managing CIFS mounts -------------------------------------------------------------------------------- Update Information: Update to the latest upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1555086 - cifs-utils-6.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1555086 -------------------------------------------------------------------------------- ================================================================================ cmark-0.27.1-5.fc27 (FEDORA-2018-a8276dedf7) CommonMark parsing and rendering -------------------------------------------------------------------------------- Update Information: - update pandoc from 1.19.1 to 1.19.2.4 - update pandoc-citeproc from 0.10.4.1 to 0.10.5.1 - update hakyll from 4.9.7.0 to 4.9.8.0 - update skylighting from 0.1.1.5 to 0.3.3.1 - fix libdir in libcmark.pc for lib64 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1497456 - pandoc does not support https https://bugzilla.redhat.com/show_bug.cgi?id=1497456 -------------------------------------------------------------------------------- ================================================================================ deja-dup-38.0-1.fc27 (FEDORA-2018-e32b411643) Simple backup tool and frontend for duplicity -------------------------------------------------------------------------------- Update Information: 38.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1565606 - deja-dup-38.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1565606 -------------------------------------------------------------------------------- ================================================================================ dippi-2.6.2-1.fc27 (FEDORA-2018-d8d628dd08) Calculate display info like DPI and aspect ratio -------------------------------------------------------------------------------- Update Information: Update to version 2.6.2. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1565609 - dippi-2.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1565609 -------------------------------------------------------------------------------- ================================================================================ dogtag-pki-10.5.7-1.fc27 (FEDORA-2018-656e22942a) Dogtag Public Key Infrastructure (PKI) Suite -------------------------------------------------------------------------------- Update Information: Re-base Dogtag to 10.5.7 -------------------------------------------------------------------------------- ================================================================================ fleet-commander-admin-0.10.7-1.fc27 (FEDORA-2018-38b28f606f) Fleet Commander -------------------------------------------------------------------------------- Update Information: Updated to release 0.10.7 -------------------------------------------------------------------------------- ================================================================================ fleet-commander-client-0.10.2-2.fc27 (FEDORA-2018-d856b07b23) Fleet Commander Client -------------------------------------------------------------------------------- Update Information: Fixed building dependencies -------------------------------------------------------------------------------- ================================================================================ gdal-2.1.4-5.1.fc27 (FEDORA-2018-b996d9f1cd) GIS file format library -------------------------------------------------------------------------------- Update Information: Solves build failure with package using gdal headers -------------------------------------------------------------------------------- References: [ 1 ] Bug #1565050 - GDAL: wrong declaration in /usr/include/gdal/gdal_priv.h (with patch) https://bugzilla.redhat.com/show_bug.cgi?id=1565050 -------------------------------------------------------------------------------- ================================================================================ gerbv-2.6.2-1.fc27 (FEDORA-2018-0a6dc945ec) Gerber file viewer from the gEDA toolkit -------------------------------------------------------------------------------- Update Information: - new upstream release 2.6.2 fixes rhbz #1100403 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1100403 - gerbv-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1100403 -------------------------------------------------------------------------------- ================================================================================ ghc-hakyll-4.9.8.0-2.fc27 (FEDORA-2018-a8276dedf7) A static website compiler library -------------------------------------------------------------------------------- Update Information: - update pandoc from 1.19.1 to 1.19.2.4 - update pandoc-citeproc from 0.10.4.1 to 0.10.5.1 - update hakyll from 4.9.7.0 to 4.9.8.0 - update skylighting from 0.1.1.5 to 0.3.3.1 - fix libdir in libcmark.pc for lib64 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1497456 - pandoc does not support https https://bugzilla.redhat.com/show_bug.cgi?id=1497456 -------------------------------------------------------------------------------- ================================================================================ ghc-skylighting-0.3.3.1-1.fc27 (FEDORA-2018-a8276dedf7) Syntax highlighting library -------------------------------------------------------------------------------- Update Information: - update pandoc from 1.19.1 to 1.19.2.4 - update pandoc-citeproc from 0.10.4.1 to 0.10.5.1 - update hakyll from 4.9.7.0 to 4.9.8.0 - update skylighting from 0.1.1.5 to 0.3.3.1 - fix libdir in libcmark.pc for lib64 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1497456 - pandoc does not support https https://bugzilla.redhat.com/show_bug.cgi?id=1497456 -------------------------------------------------------------------------------- ================================================================================ gnupg2-2.2.6-1.fc27 (FEDORA-2018-3fc05e009d) Utility for secure communication and data storage -------------------------------------------------------------------------------- Update Information: Minor update from upstream with fix for CVE-2018-9234 and other bug fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1563931 - CVE-2018-9234 gnupg2: GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1563931 [ 2 ] Bug #1565387 - gnupg2-2.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1565387 -------------------------------------------------------------------------------- ================================================================================ golang-github-jackpal-gateway-1.0.4-0.4.gitcbcf4e3.fc27 (FEDORA-2018-41163b8afe) Discovering the address of a LAN gateway in go -------------------------------------------------------------------------------- Update Information: Update to commit cbcf4e3. -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.5.36-1.fc27 (FEDORA-2018-cb5dd0a93f) A completion input method -------------------------------------------------------------------------------- Update Information: Update to 1.5.36 -------------------------------------------------------------------------------- References: [ 1 ] Bug #156435 - None https://bugzilla.redhat.com/show_bug.cgi?id=156435 -------------------------------------------------------------------------------- ================================================================================ java-9-openjdk-9.0.4.11-6.fc27 (FEDORA-2018-f6cc40bc6c) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: Support some EC ciphers via system NSS. See RHBZ#1537049 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1537049 - java-9-openjdk does not support EC ciphers via system NSS https://bugzilla.redhat.com/show_bug.cgi?id=1537049 -------------------------------------------------------------------------------- ================================================================================ java-openjdk-10.0.0.46-10.fc27 (FEDORA-2018-9ea9bf0f30) OpenJDK Runtime Environment 10 -------------------------------------------------------------------------------- Update Information: This is initial release of rolling release of STS javas. Currently is bringing JDK10 into Fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1557371 - Review Request: java-openjdk - rolling release for short term support OpenJDK https://bugzilla.redhat.com/show_bug.cgi?id=1557371 -------------------------------------------------------------------------------- ================================================================================ jgraphx-3.6.0.0-4.fc27 (FEDORA-2018-b268b5bbb5) Java Graph Drawing Component -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-18197 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1550353 - CVE-2017-18197 jgraphx: XML External Entity (XXE) vulnerability in mxGraphViewImageReader.java:convert() https://bugzilla.redhat.com/show_bug.cgi?id=1550353 -------------------------------------------------------------------------------- ================================================================================ js-jsroot-5.4.1-1.fc27 (FEDORA-2018-74befa276e) JavaScript ROOT - Interactive numerical data analysis graphics -------------------------------------------------------------------------------- Update Information: ## Changes in 5.4.1 1. Fix - monitoring mode in draw.htm page 2. Fix - zooming in colz palette 3. Fix - support both 9.x and 10.x jsdom version in Node.js (#149) 4. Fix - draw axis main line with appropriate attributes (#150) 5. Fix - use axis color when drawing grids lines (#150) 6. Fix - when set pad logx/logy, reset existing user ranges in pad 7. Fix - avoid too deep calling stack when drawing many graphs or histos (#154) 8. Fix - correctly (re)draw tooltips on canvas with many subpads -------------------------------------------------------------------------------- ================================================================================ kernel-4.15.16-300.fc27 (FEDORA-2018-05f3ee3117) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.15.16 update contains a number of updates across the tree. -------------------------------------------------------------------------------- ================================================================================ knot-2.6.6-1.fc27 (FEDORA-2018-0377a68b05) High-performance authoritative DNS server -------------------------------------------------------------------------------- Update Information: Knot DNS 2.6.6 (2018-04-11) =========================== Features: --------- - New EDNS option counters in the statistics module - New '+orphan' filter for the 'zone-purge' operation Improvements: ------------- - Reduced memory consuption of disabled statistics metrics - Some spelling fixes (Thanks to Daniel Kahn Gillmor) - Server no longer fails to start if MODULE_DIR doesn't exist - Configuration include doesn't fail if empty wildcard match - Added a configuration check for a problematical option combination Bugfixes: --------- - NSEC3 chain not re-created when SOA minimum TTL changed - Failed to start server if no template is configured - Possibly incorrect SOA serial upon changed zone reload with DNSSEC signing - Inaccurate outgoing zone transfer size in the log message - Invalid dname compression if empty question section - Missing EDNS in EMALF responses -------------------------------------------------------------------------------- ================================================================================ libbson-1.9.4-1.fc27 (FEDORA-2018-5c25881244) Building, parsing, and iterating BSON documents -------------------------------------------------------------------------------- Update Information: This release does not have any changes in the code. We deliver it only for the purpose of provided up-to-date version string. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1565863 - libbson-1.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1565863 -------------------------------------------------------------------------------- ================================================================================ pandoc-1.19.2.4-1.fc27 (FEDORA-2018-a8276dedf7) Conversion between markup formats -------------------------------------------------------------------------------- Update Information: - update pandoc from 1.19.1 to 1.19.2.4 - update pandoc-citeproc from 0.10.4.1 to 0.10.5.1 - update hakyll from 4.9.7.0 to 4.9.8.0 - update skylighting from 0.1.1.5 to 0.3.3.1 - fix libdir in libcmark.pc for lib64 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1497456 - pandoc does not support https https://bugzilla.redhat.com/show_bug.cgi?id=1497456 -------------------------------------------------------------------------------- ================================================================================ pandoc-citeproc-0.10.5.1-1.fc27 (FEDORA-2018-a8276dedf7) Citeproc support for pandoc -------------------------------------------------------------------------------- Update Information: - update pandoc from 1.19.1 to 1.19.2.4 - update pandoc-citeproc from 0.10.4.1 to 0.10.5.1 - update hakyll from 4.9.7.0 to 4.9.8.0 - update skylighting from 0.1.1.5 to 0.3.3.1 - fix libdir in libcmark.pc for lib64 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1497456 - pandoc does not support https https://bugzilla.redhat.com/show_bug.cgi?id=1497456 -------------------------------------------------------------------------------- ================================================================================ perl-Gtk2-Unique-0.05-22.fc27 (FEDORA-2018-93d73fbeb9) Perl bindings for the C library "libunique" -------------------------------------------------------------------------------- Update Information: This release fixes a crash when starting second program instance. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1560182 - Concurrent Gtk2::Unique execution causes shutter to crash https://bugzilla.redhat.com/show_bug.cgi?id=1560182 -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-db-2.9.3-1.fc27 (FEDORA-2018-ab410cd319) Zend Framework Db component -------------------------------------------------------------------------------- Update Information: **Version 2.9.3** - 2018-04-09 - [#295](https://github.com/zendframework/zend- db/pull/295) fix error when datasource passed to `AbstractResultSet::initialize()` is empty array at php 7.2 environment - [#300](https://github.com/zendframework/zend-db/pull/300) Fix error for nested queries inside field parameters - [#301](https://github.com/zendframework/zend- db/pull/301) fix for issue with set fields that exists in different tables in one query - [#304](https://github.com/zendframework/zend-db/pull/304) fix PDO bind parameter name to use field name with extended charset (PDO only supports alphanumeric and underscore for placeholder/parameter names). -------------------------------------------------------------------------------- ================================================================================ phpunit6-6.5.8-1.fc27 (FEDORA-2018-4749dfd7ed) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: **Version 6.5.8** - 2018-04-10 * **Fixed** * Fixed [#2830](https://github.com/sebastianbergmann/phpunit/issues/2830): `@runClassInSeparateProcess` does not work for tests that use `@dataProvider` -------------------------------------------------------------------------------- ================================================================================ pki-core-10.5.7-2.fc27 (FEDORA-2018-db4b150912) Certificate System - PKI Core Components -------------------------------------------------------------------------------- Update Information: Resolves: dogtagpki Pagure Issue #2940,2946,2950 -------------------------------------------------------------------------------- ================================================================================ powerline-go-1.9.0-1.fc27 (FEDORA-2018-82a1de46c9) A beautiful and useful low-latency prompt for your shell, written in go -------------------------------------------------------------------------------- Update Information: Upstream release 1.9.0 -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-meta-fedora-infrastructure-0.24.1-1.fc27 (FEDORA-2018-c717cd6f88) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information: Update to 0.24.1 Changelog is at: https://github.com/fedora- infra/fedmsg_meta_fedora_infrastructure/blob/develop/CHANGELOG.rst#0241 -------------------------------------------------------------------------------- ================================================================================ python-productmd-1.11-2.fc27 (FEDORA-2018-5f72371a85) Library providing parsers for metadata related to OS installation -------------------------------------------------------------------------------- Update Information: New upstream release with support for working with metadata about modules. -------------------------------------------------------------------------------- ================================================================================ python-pycryptodomex-3.6.0-2.fc27 (FEDORA-2018-cec76b92df) A self-contained cryptographic library for Python -------------------------------------------------------------------------------- Update Information: 3.6.0 (8 April 2018) ======== New features ------------ * Introduced ``export_key`` and deprecated ``exportKey`` for DSA and RSA key objects. * Ciphers and hash functions accept ``memoryview`` objects in input. * Added support for SHA-512/224 and SHA-512/256. Resolved issues --------------- * Reintroduced `Crypto.__version__` variable as in PyCrypto. * Fixed compilation problem with MinGW. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1564320 - python-pycryptodomex-3.6.0x is available https://bugzilla.redhat.com/show_bug.cgi?id=1564320 -------------------------------------------------------------------------------- ================================================================================ python-pypillowfight-0.2.4-1.fc27 (FEDORA-2018-acc8bf61ef) Various image processing algorithms -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1550759 - python-pypillowfight-0.2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1550759 -------------------------------------------------------------------------------- ================================================================================ rpkg-1.53-1.fc27 (FEDORA-2018-dad57d3588) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information: ## Changelog - Use NSVs and not build IDs with module-build-local --add-local- build (mprahl) - Fix docstring of test_module_build_local_with_skiptests (mprahl) - Add long_description to package (cqi) - Support local module builds when there are uncommitted changes (mprahl) - Fix clarifying error that occurs when mbs-manager is not installed (mprahl) - Add support for Module Stream Expansion (MBS API v2) (mprahl) - Show errors when a module build fails (mprahl) - Move full download url construction to separate method (frostyx) - Fix compose related params for container-build (lucarval) - Avoid calling /usr/bin/python in tests (miro) - Change default rpmlint configuration file (athoscr) - Use koji.grab_session_options() rather than opencoding it (cfergeau) ## Python 3 A Python 3 package is included in this release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1024823 - rpkg: Use Python 3 instead of Python 2 (and provide both python2-rpkg and python3-rpkg) https://bugzilla.redhat.com/show_bug.cgi?id=1024823 -------------------------------------------------------------------------------- ================================================================================ rubygem-rdoc-5.1.0-3.fc27 (FEDORA-2018-d5e9118e82) RDoc produces HTML and command-line documentation for Ruby projects -------------------------------------------------------------------------------- Update Information: Add missing rubygem(json) dependency. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1565960 - Missing rpm dependency - rubygem-json https://bugzilla.redhat.com/show_bug.cgi?id=1565960 -------------------------------------------------------------------------------- ================================================================================ salt-2018.3.0-1.fc27 (FEDORA-2018-949fb291d3) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Update to feature release 2018.3.0-1 ---- Update to feature release 2017.7.5-1 for Python 2 ---- Update to feature release 2017.7.4 -------------------------------------------------------------------------------- ================================================================================ sbsigntools-0.9.1-1.fc27 (FEDORA-2018-77d16af293) Signing utility for UEFI secure boot -------------------------------------------------------------------------------- Update Information: Tools to add signatures to EFI binaries and Drivers. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
