The following Fedora 26 Security updates need testing: Age URL 277 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 109 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26 96 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef squid-4.0.23-1.fc26 71 https://bodhi.fedoraproject.org/updates/FEDORA-2018-db5041e661 bro-2.5.3-1.fc26 37 https://bodhi.fedoraproject.org/updates/FEDORA-2018-010396b4a2 chromium-65.0.3325.181-1.fc26 32 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26 29 https://bodhi.fedoraproject.org/updates/FEDORA-2018-22b25bab31 httpd-2.4.33-2.fc26 17 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ac348a00ef opencv-3.2.0-15.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3622f44a12 scummvm-2.0.0-1.fc26 scummvm-tools-2.0.0-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8ba4601398 dovecot-2.2.35-1.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7be77249d4 ruby-2.4.4-88.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8b920c2b00 community-mysql-5.7.22-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0c0671072b knot-resolver-2.3.0-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f9e0f1caf7 glusterfs-3.10.12-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6071a600e8 php-7.1.17-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2359c2ae0e drupal7-7.59-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-eb69078020 xen-4.8.3-4.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-884a105c04 kernel-4.16.5-100.fc26 The following Fedora 26 Critical Path updates have yet to be approved: Age URL 74 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a iproute-4.14.1-5.fc26 32 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-58d5da4dde osinfo-db-20180416-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6dde187524 redhat-rpm-config-66-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f9e0f1caf7 glusterfs-3.10.12-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-eb69078020 xen-4.8.3-4.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6d82adbfeb libnfs-1.11.0-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-33ce52aa2d sssd-1.16.1-3.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-884a105c04 kernel-4.16.5-100.fc26 The following builds have been pushed to Fedora 26 updates-testing R-commonmark-1.5-1.fc26 R-reticulate-1.7-1.fc26 ckeditor-4.9.2-1.fc26 copr-cli-1.69-1.fc26 copyq-3.4.0-1.fc26 jpegoptim-1.4.6-1.fc26 nfdump-1.6.17-1.fc26 php-paragonie-random-compat-2.0.12-1.fc26 php-simplesamlphp-saml2_3-3.1.5-1.fc26 python-copr-1.88-1.fc26 rubygem-domain_name-0.5.20180417-1.fc26 utf8proc-2.1.1-2.fc26 Details about builds: ================================================================================ R-commonmark-1.5-1.fc26 (FEDORA-2018-531bf59956) High Performance CommonMark and Github Markdown Rendering in R -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1572932 - R-commonmark-1.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1572932 -------------------------------------------------------------------------------- ================================================================================ R-reticulate-1.7-1.fc26 (FEDORA-2018-e61a47794d) R Interface to Python -------------------------------------------------------------------------------- Update Information: Initial package of reticulate for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1572960 - Review Request: R-reticulate - R Interface to Python https://bugzilla.redhat.com/show_bug.cgi?id=1572960 -------------------------------------------------------------------------------- ================================================================================ ckeditor-4.9.2-1.fc26 (FEDORA-2018-1361f39801) WYSIWYG text editor to be used inside web pages -------------------------------------------------------------------------------- Update Information: ## 4.9.2 https://ckeditor.com/cke4/release/CKEditor-4.9.2 ### Security Updates - Fixed XSS vulnerability in the Enhanced Image (image2) plugin reported by Kyaw Min Thein. - Issue summary: It was possible to execute XSS inside CKEditor using the <img> tag and specially crafted HTML. Please note that the default presets (Basic/Standard/Full) do not include this plugin, so you are only at risk if you made a custom build and enabled this plugin. ## 4.9.1 https://ckeditor.com/cke4/release/CKEditor-4.9.1 ### Fixed Issues - \#1835: Fixed: Integration between CKFinder and File Browser plugin does not work. ## 4.9.0 https://ckeditor.com/cke4/release/CKEditor-4.9.0 ### New Features - \#932: Introduced Easy Image feature for inserting images that are automatically rescaled, optimized, responsive and delivered through a blazing-fast CDN. Three new plugins were added to support it: - Easy Image - Cloud Services - Image Base - \#1338: Keystroke labels are displayed for function keys (like F7, F8). - \#643: The File Browser plugin can now upload files using XHR requests. This allows for setting custom HTTP headers using the config.fileTools_requestHeaders configuration option. - \#1365: The File Browser plugin uses XHR requests by default. - \#1399: Added the possibility to set CKEDITOR.config.startupFocus as start or end to specify where the editor focus should be after the initialization. - \#1441: The Magic Line plugin line element can now be identified by the data-cke-magic-line="1" attribute. ### Fixed Issues - \#595: Fixed: Pasting does not work on mobile devices. - \#869: Fixed: Empty selection clears cached clipboard data in the editor. - \#1419: Fixed: The Widget Selection plugin selects the editor content with the Alt+A key combination on Windows. - \#1274: Fixed: Balloon Toolbar does not match a single selected image using the contextDefinition.cssSelectormatcher. - \#1232: Fixed: Balloon Toolbar buttons should be registered as focusable elements. - \#1342: Fixed: Balloon Toolbar should be re-positioned after the change event. - \#1426: [IE8-9] Fixed: Missing Balloon Toolbar background in the Kama skin. Thanks to Christian Elmer! - \#1470: Fixed: Balloon Toolbar is not visible after drag and drop of a widget it is attached to. - \#1048: Fixed: Balloon Panel is not positioned properly when a margin is added to its non-static parent. - \#889: Fixed: Unclear error message for width and height fields in the Image and Enhanced Image plugins. - \#859: Fixed: Cannot edit a link after a double-click on the text in the link. - \#1013: Fixed: Paste from Word does not work correctly with the config.forcePasteAsPlainText option. - \#1356: Fixed: Border parse function does not allow spaces in the color value. - \#1010: Fixed: The CSS border shorthand property was incorrectly expanded ignoring the border-color style. - \#1535: Fixed: Widget mouseover border contrast is insufficient. - \#1516: Fixed: Fake selection allows removing content in read-only mode using the Backspace and Delete keys. - \#1570: Fixed: Fake selection allows cutting content in read-only mode using the Ctrl/Cmd + X keys. - \#1363: Fixed: Paste notification is unclear and it might confuse users. ### API Changes - \#1346: Balloon Toolbar context manager API is now available in the pluginDefinition.init method of the requiringplugin. - \#1530: Added the possibility to use custom icons for buttons. ### Other Changes - Updated SCAYT (Spell Check As You Type) and WebSpellChecker plugins: - SCAYT scayt_minWordLength configuration option now defaults to 3 instead of 4. - SCAYT default number of suggested words in the context menu changed to 3. - \#90: Fixed: Selection is lost on link creation if SCAYT highlights the word. - Fixed: SCAYT crashes when the browser localStorage is disabled. - [IE11] Fixed: Unable to get property type of undefined or null reference error in the browser console when SCAYT is disabled/enabled. - \#46: Fixed: Editing is blocked when remote spell checker server is offline. - Fixed: User Dictionary cannot be created in WSC due to You already have the dictionary error. - Fixed: Words with apostrophe ' on the replacement make the WSC dialog inaccessible. - Fixed: SCAYT/WSC causes the Uncaught TypeError error in the browser console. - \#1337: Updated the samples layout with the new CKEditor 4 logo and color scheme. - \#1591: CKBuilder and language tools are now downloaded over HTTPS. Thanks to August Detlefsen! -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 29 2018 Shawn Iwinski <shawn@xxxxxxxx> - 4.9.2-1 - Update to 4.9.2 (RHBZ #1556589) - Fix license files * Wed Feb 7 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 4.8.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1556589 - ckeditor-4.9.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1556589 -------------------------------------------------------------------------------- ================================================================================ copr-cli-1.69-1.fc26 (FEDORA-2018-57d1bc6ef9) Command line interface for COPR -------------------------------------------------------------------------------- Update Information: - fix non-passing unittests under f28+ - simplify bar.finish logic - rpkg deployment into COPR - containers + releng continuation - fix #280 cli upload to nonexisting project makes terminal cursor disappear - fix #220 copr-cli doesn't display build progress in non-interactive terminal - add download-build --dest description to man page - add `copr delete-build` build into man pages -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 30 2018 Dominik Turecek <dturecek@xxxxxxxxxx> 1.69-1 fix non-passing unittests under f28+ * Thu Apr 26 2018 Dominik Turecek <dturecek@xxxxxxxxxx> 1.68-1 - simplify bar.finish logic - rpkg deployment into COPR - containers + releng continuation - #280 cli upload to nonexisting project makes terminal cursor disappear - #220 copr-cli doesn't display build progress in non-interactive terminal - add download-build --dest description to man page - add `copr delete-build` build into man pages -------------------------------------------------------------------------------- ================================================================================ copyq-3.4.0-1.fc26 (FEDORA-2018-03d8f6b3c8) Advanced clipboard manager -------------------------------------------------------------------------------- Update Information: Upstream release rhbz#1573011 -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 29 2018 Gerald Cox <gbcox@xxxxxxxxxxxxxxxxx> - 3.4.0-1 - Upstream release rhbz#1573011 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1573011 - Upstream release 3.4.0 https://bugzilla.redhat.com/show_bug.cgi?id=1573011 -------------------------------------------------------------------------------- ================================================================================ jpegoptim-1.4.6-1.fc26 (FEDORA-2018-ce53a35ab0) Utility to optimize JPEG files -------------------------------------------------------------------------------- Update Information: v1.4.6 - fix double free introduced in previous release -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 28 2018 Denis Fateyev <denis@xxxxxxxxxxx> - 1.4.6-1 - Update to version 1.4.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1568912 - jpegoptim-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1568912 -------------------------------------------------------------------------------- ================================================================================ nfdump-1.6.17-1.fc26 (FEDORA-2018-6fb1f8ac3b) NetFlow collecting and processing tools -------------------------------------------------------------------------------- Update Information: nfdump-1.6.17 --- - Add program exit in nfx.c after panic with correupt data file - Add missing size check when reading nfdump 1.5.x common record blocks - Add missing option -M in man page. Issue #103 - Add Fix processing of influx URL in nfprofile - Add missing json output format in nfdump help text - Add missing -v option in nfreplay help text - Add new output format json. Print each record as individual json object - Add sampling elements ID 302,304,305. put them identical to ID 48,49,50 - Add option to label filter terms. syntax: () %labelname. - Add %lbl option to print flow label in output - Add ipfix delta timestamp elements 158/159. - Add more detailed autogen.sh - softlink bootstrap - Add x-late src/dst ip aggregation, if compiled with NSEL support - Add ipfix sampling. Process option template/record with sampling elements 34 and 35 - Update nfdump.1 man page for xsrcport & xdstport aggregations. Request #109 - Update nfdump(1) man page for flowlabels - Update sflow code to commit 7322984 of https://github.com/sflow/sflowtool - Merge pull request #51 Influxdb from Luca. Thx for the patch - Fix bug in sorting when guessing flow direction. Issue #92 - Fix minor bugs - Fix definition for InfluxDB in configure.ac Issue #98 - Fix IPFIX time stamps - Fix elements #21,#22 offset calculation, but timestamps not yet evaluated. (#160) - Fix IPFIX add fwd status tag #89 compatible to v9 (1byte) - Fix IPFIX sampling - sampling algorithm no longer required for tag #34 - Fix IPFIX sampling add tags #305 and #304 - set them identical to #34, #35 - Fix header includes" - Fix 64bit fts compat issue in fts_compat.c - Fix potential memory leaks in nfpcapd - Fix wrong offset calculation if unknown options are found - Fix updates on existing samplers in v9 only if values change. issue 84 - Cleanup sflow code - uncomment unnecessary code nfdump-1.6.16 --- - Add support for CISCO IOS 8 bytes timestamps ID 21/22 - Fix issue #72 - multiple stat output - Change -B behaviour as proposed in issue #59. Should not impact with previous use, but is more flexible - Add bzip compress switch in usage output of nfpcapd - Fix compile issues on some platforms - nfpcapd improvements - still beta software. - Minor bug fixes -------------------------------------------------------------------------------- ChangeLog: * Sat Apr 28 2018 Denis Fateyev <denis@xxxxxxxxxxx> - 1.6.17-1 - Update to version 1.6.17 * Thu Feb 8 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.6.15-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Aug 3 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.6.15-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.6.15-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1509693 - nfdump-1.6.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1509693 -------------------------------------------------------------------------------- ================================================================================ php-paragonie-random-compat-2.0.12-1.fc26 (FEDORA-2018-6a8ba25ddd) PHP 5.x polyfill for random_bytes() and random_int() from PHP 7 -------------------------------------------------------------------------------- Update Information: ### Version 2.0.12 - 2018-04-04 * Minor docblock issue that's breaking Psalm downstream. -------------------------------------------------------------------------------- ChangeLog: * Fri Apr 20 2018 Remi Collet <remi@xxxxxxxxxxxx> - 2.0.12-1 - update to 2.0.12 * Fri Feb 9 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 2.0.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1564120 - php-paragonie-random-compat-2.0.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1564120 -------------------------------------------------------------------------------- ================================================================================ php-simplesamlphp-saml2_3-3.1.5-1.fc26 (FEDORA-2018-f2a64848c9) SAML2 PHP library from SimpleSAMLphp (version 3) -------------------------------------------------------------------------------- Update Information: ## 3.1.5 - Add PHP 7.2 support - Fix wrong class name in ECP request processing -------------------------------------------------------------------------------- ChangeLog: * Sun Apr 29 2018 Shawn Iwinski <shawn@xxxxxxxx> - 3.1.5-1 - Update to 3.1.5 (RHBZ #1568917) * Mon Mar 12 2018 Shawn Iwinski <shawn@xxxxxxxx> - 3.1.4-3 - Update range dependencies' conditional to include RHEL 8+ * Mon Mar 12 2018 Remi Collet <remi@xxxxxxxxxxxx> - 3.1.4-2 - fix dependencies -------------------------------------------------------------------------------- References: [ 1 ] Bug #1568917 - php-simplesamlphp-saml2_3-3.1.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1568917 -------------------------------------------------------------------------------- ================================================================================ python-copr-1.88-1.fc26 (FEDORA-2018-57d1bc6ef9) Python interface for Copr -------------------------------------------------------------------------------- Update Information: - fix non-passing unittests under f28+ - simplify bar.finish logic - rpkg deployment into COPR - containers + releng continuation - fix #280 cli upload to nonexisting project makes terminal cursor disappear - fix #220 copr-cli doesn't display build progress in non-interactive terminal - add download-build --dest description to man page - add `copr delete-build` build into man pages -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 26 2018 Dominik Turecek <dturecek@xxxxxxxxxx> 1.88-1 - rpkg deployment into COPR - containers + releng continuation -------------------------------------------------------------------------------- ================================================================================ rubygem-domain_name-0.5.20180417-1.fc26 (FEDORA-2018-06b21886b7) Domain Name manipulation library for Ruby -------------------------------------------------------------------------------- Update Information: New version 0.5.20180417 is released. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 30 2018 Mamoru TASAKA <mtasaka@xxxxxxxxxxxxxxxxx> - 0.5.20180417-1 - 0.5.20180417 * Fri Feb 9 2018 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.5.20170404-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Jul 27 2017 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 0.5.20170404-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild -------------------------------------------------------------------------------- ================================================================================ utf8proc-2.1.1-2.fc26 (FEDORA-2018-1da6ede209) Library for processing UTF-8 encoded Unicode strings -------------------------------------------------------------------------------- Update Information: Fix missing build flags (RHBZ #1573115). ---- New upstream release. -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 30 2018 Milan Bouchet-Valat <nalimilan@xxxxxxx> - 2.1.1-2 - Fix missing build flags (RHBZ #1573115). * Fri Apr 27 2018 Milan Bouchet-Valat <nalimilan@xxxxxxx> - 2.1.1-1 - New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1573115 - utf8proc: Partial build flags injection https://bugzilla.redhat.com/show_bug.cgi?id=1573115 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
