The following Fedora 26 Security updates need testing: Age URL 33 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8e4c14eeec php-onelogin-php-saml-2.10.5-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab43d1d240 tnef-1.4.14-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f997e46fa7 python-django-1.10.7-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01 python-XStatic-jquery-ui-1.12.0.1-2.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2f3096ba16 php-pear-CAS-1.3.5-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e8b639c286 dovecot-2.2.29.1-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2e94c7b518 yara-3.5.0-7.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-822d460ae2 collectd-5.7.1-3.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8150618774 mupdf-1.10a-5.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0e64c4c186 tomcat-8.0.43-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f9f909a7b7 bind-9.11.0-7.P5.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a354efc764 bind99-9.9.9-5.P8.fc26
The following Fedora 26 Critical Path updates have yet to be approved: Age URL 26 https://bodhi.fedoraproject.org/updates/FEDORA-2017-90bcb067bf fedora-release-26-0.6 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c74484d3bd libfm-1.2.5-3.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-525d9c8af2 thunderbird-52.0-2.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a95a89e4ba livecd-tools-24.3-2.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-674c3c0e96 highlight-3.36-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a354efc764 bind99-9.9.9-5.P8.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8fbc3ac7a8 bash-4.4.12-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a10f04bea8 cyrus-sasl-2.1.26-31.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-165322f06a libsemanage-2.6-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-746673dc6e menu-cache-1.0.2-2.D20170417git54ab9e4576.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-659dd5675b xorg-x11-drv-nouveau-1.0.14-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ad354f5e25 libdbusmenu-16.04.0-2.fc26 The following builds have been pushed to Fedora 26 updates-testing apcupsd-3.14.14-5.fc26 baloo-4.14.3-14.fc26 bash-4.4.12-2.fc26 bind-9.11.0-7.P5.fc26 bind99-9.9.9-5.P8.fc26 ceph-10.2.7-1.fc26 cloud-init-0.7.9-5.fc26 cyrus-sasl-2.1.26-31.fc26 gl2ps-1.4.0-1.fc26 glogg-1.1.3-1.fc26 golang-github-ccding-go-stun-0-0.1.20170323.git04a4eed.fc26 golang-github-cznic-b-0-0.1.20170413.git6955404.fc26 golang-github-oschwald-geoip2-golang-1.0.0-1.20170314.git0fd242d.fc26 gsignond-1.0.6-1.fc26 ibus-typing-booster-1.5.31-1.fc26 input-pad-1.0.99.20140916-6.fc26 kdepim4-4.14.10-30.fc26 kshutdown-4.1-0.1.beta.fc26 libgsignon-glib-2.4.1-1.20161228.git03d9c64.fc26 libpsm2-10.2.103_1-1.fc26 libsemanage-2.6-3.fc26 libzypp-16.6.1-1.fc26 man-pages-ja-20170415-1.fc26 medusa-2.2-3.fc26 menu-cache-1.0.2-2.D20170417git54ab9e4576.fc26 perl-PAR-1.015-1.fc26 perl-XML-Simple-2.24-1.fc26 rhythmbox-alternative-toolbar-0.17.3-5.fc26 samdump2-3.0.0-10.fc26 sslscan-1.10.2-8.fc26 stunnel-5.41-1.fc26 superlu_dist-5.1.3-2.fc26 transmission-2.92-6.fc26 xorg-x11-drv-nouveau-1.0.14-1.fc26 zypper-1.13.22-1.fc26 Details about builds: ================================================================================ apcupsd-3.14.14-5.fc26 (FEDORA-2017-8d8c2c5b50) APC UPS Power Control Daemon -------------------------------------------------------------------------------- Update Information: Reintegrate patch to force a machine halt instead of a poweroff. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442577 - apcupsd control script does not invoke shutdown properly - AGAIN https://bugzilla.redhat.com/show_bug.cgi?id=1442577 -------------------------------------------------------------------------------- ================================================================================ baloo-4.14.3-14.fc26 (FEDORA-2017-2400b566b3) A framework for searching and managing metadata -------------------------------------------------------------------------------- Update Information: Build kdepim4 for f26 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437119 - knode-libs dependency issues https://bugzilla.redhat.com/show_bug.cgi?id=1437119 -------------------------------------------------------------------------------- ================================================================================ bash-4.4.12-2.fc26 (FEDORA-2017-8fbc3ac7a8) The GNU Bourne Again shell -------------------------------------------------------------------------------- Update Information: Document 'bashbug' for reporting bugs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1255886 - 'bash --help' should mention how to report bugs https://bugzilla.redhat.com/show_bug.cgi?id=1255886 -------------------------------------------------------------------------------- ================================================================================ bind-9.11.0-7.P5.fc26 (FEDORA-2017-f9f909a7b7) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1441125 - CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;" https://bugzilla.redhat.com/show_bug.cgi?id=1441125 [ 2 ] Bug #1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver https://bugzilla.redhat.com/show_bug.cgi?id=1441133 [ 3 ] Bug #1441137 - CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received https://bugzilla.redhat.com/show_bug.cgi?id=1441137 -------------------------------------------------------------------------------- ================================================================================ bind99-9.9.9-5.P8.fc26 (FEDORA-2017-a354efc764) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) libraries -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-3136, CVE-2017-3137 and CVE-2017-3138 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1441125 - CVE-2017-3136 bind: Incorrect error handling causes assertion failure when using DNS64 with "break-dnssec yes;" https://bugzilla.redhat.com/show_bug.cgi?id=1441125 [ 2 ] Bug #1441133 - CVE-2017-3137 bind: Processing a response containing CNAME or DNAME with unusual order can crash resolver https://bugzilla.redhat.com/show_bug.cgi?id=1441133 [ 3 ] Bug #1441137 - CVE-2017-3138 bind: REQUIRE assertion failure when null command string on control channel is received https://bugzilla.redhat.com/show_bug.cgi?id=1441137 -------------------------------------------------------------------------------- ================================================================================ ceph-10.2.7-1.fc26 (FEDORA-2017-838cf332c3) User space components of the Ceph file system -------------------------------------------------------------------------------- Update Information: New release (1:10.2.7-1) -------------------------------------------------------------------------------- ================================================================================ cloud-init-0.7.9-5.fc26 (FEDORA-2017-bc0a1f99cf) Cloud instance init scripts -------------------------------------------------------------------------------- Update Information: This update improves support for DigitalOcean's metadata service and networking. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442463 - Pull new DigitalOcean DataSource for Cloud-init https://bugzilla.redhat.com/show_bug.cgi?id=1442463 -------------------------------------------------------------------------------- ================================================================================ cyrus-sasl-2.1.26-31.fc26 (FEDORA-2017-a10f04bea8) The Cyrus SASL library -------------------------------------------------------------------------------- Update Information: Allow cyrus sasl to get the ssf from GSSAPI -------------------------------------------------------------------------------- ================================================================================ gl2ps-1.4.0-1.fc26 (FEDORA-2017-f1d9aa1d35) An OpenGL to PostScript printing library -------------------------------------------------------------------------------- Update Information: New in 1.4.0: * Make it possible to add primitives directly, without parsing the OpenGL feedback buffer, using gl2psAddPolyPrimitive; * gl2psBeginPage now accepts a buffersize of 0; * new gl2psForceRasterPos, gl2psLineCap and gl2psLineJoin; * fixed scaling of images in PDF output; * fixed bug leading to corrupted PDF output. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1385915 - Package current svn snapshot of 1.4.0 https://bugzilla.redhat.com/show_bug.cgi?id=1385915 [ 2 ] Bug #1438616 - gl2ps-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1438616 -------------------------------------------------------------------------------- ================================================================================ glogg-1.1.3-1.fc26 (FEDORA-2017-bfdb24568f) Smart interactive log explorer -------------------------------------------------------------------------------- Update Information: New upstream release 1.1.3, rhbz#1434627 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1434627 - glogg-1.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1434627 -------------------------------------------------------------------------------- ================================================================================ golang-github-ccding-go-stun-0-0.1.20170323.git04a4eed.fc26 (FEDORA-2017-685af345e5) STUN client (RFC 3489 and RFC 5389) implementation in Go -------------------------------------------------------------------------------- Update Information: New package for fedora. This is one of the dependencies of syncthing. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437389 - Review Request: golang-github-ccding-go-stun - STUN client (RFC 3489 and RFC 5389) implementation in Go https://bugzilla.redhat.com/show_bug.cgi?id=1437389 -------------------------------------------------------------------------------- ================================================================================ golang-github-cznic-b-0-0.1.20170413.git6955404.fc26 (FEDORA-2017-e740cb75e8) B+ Tree implementation in Go -------------------------------------------------------------------------------- Update Information: New package for fedora. This is one of the dependencies of syncthing. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431741 - Review Request: golang-github-cznic-b - B+ Tree implementation in Go https://bugzilla.redhat.com/show_bug.cgi?id=1431741 -------------------------------------------------------------------------------- ================================================================================ golang-github-oschwald-geoip2-golang-1.0.0-1.20170314.git0fd242d.fc26 (FEDORA-2017-43dcb207fa) GeoIP2 lookup library for Go -------------------------------------------------------------------------------- Update Information: New package for fedora. This is one of the dependencies of syncthing. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431763 - Review Request: golang-github-oschwald-geoip2-golang - GeoIP2 lookup library for Go https://bugzilla.redhat.com/show_bug.cgi?id=1431763 -------------------------------------------------------------------------------- ================================================================================ gsignond-1.0.6-1.fc26 (FEDORA-2017-4cfec99e64) GSignOn daemon -------------------------------------------------------------------------------- Update Information: New package for fedora. This is one of the last missing dependencies for a complete Pantheon Desktop Environment. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442547 - Review Request: gsignond - GSignOn daemon https://bugzilla.redhat.com/show_bug.cgi?id=1442547 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.5.31-1.fc26 (FEDORA-2017-2311a138ab) A completion input method -------------------------------------------------------------------------------- Update Information: update to 1.5.31 -------------------------------------------------------------------------------- ================================================================================ input-pad-1.0.99.20140916-6.fc26 (FEDORA-2017-48653252ad) On-screen Input Pad to Send Characters with Mouse -------------------------------------------------------------------------------- Update Information: Removed EEK. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256997 - RFE: no need to subpackage input-pad-xtest https://bugzilla.redhat.com/show_bug.cgi?id=1256997 -------------------------------------------------------------------------------- ================================================================================ kdepim4-4.14.10-30.fc26 (FEDORA-2017-2400b566b3) KDE4 PIM (Personal Information Manager) applications -------------------------------------------------------------------------------- Update Information: Build kdepim4 for f26 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437119 - knode-libs dependency issues https://bugzilla.redhat.com/show_bug.cgi?id=1437119 -------------------------------------------------------------------------------- ================================================================================ kshutdown-4.1-0.1.beta.fc26 (FEDORA-2017-90e2104559) Graphical shutdown utility for Plasma 5 -------------------------------------------------------------------------------- Update Information: KShutdown 4.1 beta release. See https://kshutdown.sourceforge.io/releases/4.1beta.html for more information. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442897 - kshutdown-4.1beta is available https://bugzilla.redhat.com/show_bug.cgi?id=1442897 -------------------------------------------------------------------------------- ================================================================================ libgsignon-glib-2.4.1-1.20161228.git03d9c64.fc26 (FEDORA-2017-7da348eda5) GLib API for the SSO framework -------------------------------------------------------------------------------- Update Information: New package for fedora. This is one of the last missing dependencies for a complete Pantheon Desktop Environment. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442853 - Review Request: libgsignon-glib - GLib API for the SSO framework https://bugzilla.redhat.com/show_bug.cgi?id=1442853 -------------------------------------------------------------------------------- ================================================================================ libpsm2-10.2.103_1-1.fc26 (FEDORA-2017-e94d6bb44c) Intel PSM Libraries -------------------------------------------------------------------------------- Update Information: Rebase to latest upstream master branch and fix build failures caught by gcc 7.x. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1423872 - libpsm2: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1423872 -------------------------------------------------------------------------------- ================================================================================ libsemanage-2.6-3.fc26 (FEDORA-2017-165322f06a) SELinux binary policy manipulation library -------------------------------------------------------------------------------- Update Information: Do not list duplicate port entries after setting a boolean (#1439875) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1439875 - Setting booleans causes duplicate ports in semanage listings https://bugzilla.redhat.com/show_bug.cgi?id=1439875 -------------------------------------------------------------------------------- ================================================================================ libzypp-16.6.1-1.fc26 (FEDORA-2017-ba82706aa3) A package management library -------------------------------------------------------------------------------- Update Information: Import Zypper package manager into Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1427185 - Review Request: zypper - Command line package manager from SUSE https://bugzilla.redhat.com/show_bug.cgi?id=1427185 [ 2 ] Bug #1427182 - Review Request: libzypp - A package management library https://bugzilla.redhat.com/show_bug.cgi?id=1427182 -------------------------------------------------------------------------------- ================================================================================ man-pages-ja-20170415-1.fc26 (FEDORA-2017-b7e79585d8) Japanese man (manual) pages from the Japanese Manual Project -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ================================================================================ medusa-2.2-3.fc26 (FEDORA-2017-b8831f66e3) Parallel brute forcing password cracker -------------------------------------------------------------------------------- Update Information: Fix FTBFS due to openssl change. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1423933 - medusa: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1423933 -------------------------------------------------------------------------------- ================================================================================ menu-cache-1.0.2-2.D20170417git54ab9e4576.fc26 (FEDORA-2017-746673dc6e) Caching mechanism for freedesktop.org compliant menus -------------------------------------------------------------------------------- Update Information: Update to the current latest git. This contains a fix for menu-cache-gen segfault. -------------------------------------------------------------------------------- ================================================================================ perl-PAR-1.015-1.fc26 (FEDORA-2017-6c4aa5e8d9) Perl Archive Toolkit -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442295 - perl-PAR-1.015 is available https://bugzilla.redhat.com/show_bug.cgi?id=1442295 -------------------------------------------------------------------------------- ================================================================================ perl-XML-Simple-2.24-1.fc26 (FEDORA-2017-8bad4dbdca) Easy API to maintain XML in Perl -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442759 - perl-XML-Simple-2.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1442759 -------------------------------------------------------------------------------- ================================================================================ rhythmbox-alternative-toolbar-0.17.3-5.fc26 (FEDORA-2017-dce11edf30) Rhythmbox plugin -------------------------------------------------------------------------------- Update Information: Removed the noarch label to resolv bug 1434240 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1434240 - plugin doesn't appear under list of available plugins https://bugzilla.redhat.com/show_bug.cgi?id=1434240 -------------------------------------------------------------------------------- ================================================================================ samdump2-3.0.0-10.fc26 (FEDORA-2017-ac5bfc153d) Retrieves syskey and extracts hashes from Windows 2k/NT/XP/Vista SAM -------------------------------------------------------------------------------- Update Information: Fix FTBFS due to openssl change. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1424416 - samdump2: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1424416 -------------------------------------------------------------------------------- ================================================================================ sslscan-1.10.2-8.fc26 (FEDORA-2017-a71286868a) Security assessment tool for SSL -------------------------------------------------------------------------------- Update Information: Fixed FTBFS due to openssl change. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1424470 - sslscan: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1424470 -------------------------------------------------------------------------------- ================================================================================ stunnel-5.41-1.fc26 (FEDORA-2017-00f5b9774e) A TLS-encrypting socket wrapper -------------------------------------------------------------------------------- Update Information: New upstream release 5.41 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1373918 - stunnel-5.41 is available https://bugzilla.redhat.com/show_bug.cgi?id=1373918 -------------------------------------------------------------------------------- ================================================================================ superlu_dist-5.1.3-2.fc26 (FEDORA-2017-e2b96ce208) Solution of large, sparse, nonsymmetric systems of linear equations -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398400 - Review Request: superlu_dist - Solution of large, sparse, nonsymmetric systems of linear equations https://bugzilla.redhat.com/show_bug.cgi?id=1398400 -------------------------------------------------------------------------------- ================================================================================ transmission-2.92-6.fc26 (FEDORA-2017-af75e6b707) A lightweight GTK+ BitTorrent client -------------------------------------------------------------------------------- Update Information: Restore systemd functionality. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442085 - transmission-daemon gets killed by systemd unless Type=simple given https://bugzilla.redhat.com/show_bug.cgi?id=1442085 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-nouveau-1.0.14-1.fc26 (FEDORA-2017-659dd5675b) Xorg X11 nouveau video driver for NVIDIA graphics chipsets -------------------------------------------------------------------------------- Update Information: Update to 1.0.14 -------------------------------------------------------------------------------- ================================================================================ zypper-1.13.22-1.fc26 (FEDORA-2017-ba82706aa3) Command line package manager using libzypp -------------------------------------------------------------------------------- Update Information: Import Zypper package manager into Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1427185 - Review Request: zypper - Command line package manager from SUSE https://bugzilla.redhat.com/show_bug.cgi?id=1427185 [ 2 ] Bug #1427182 - Review Request: libzypp - A package management library https://bugzilla.redhat.com/show_bug.cgi?id=1427182 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@lists.fedoraproject.org To unsubscribe send an email to test-le...@lists.fedoraproject.org
