The following Fedora 26 Security updates need testing: Age URL 40 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01 python-XStatic-jquery-ui-1.12.0.1-2.fc26 24 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5cef2adff4 wireshark-2.2.6-1.fc26 19 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a7161eb173 squirrelmail-1.4.22-19.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-50b9370529 lynis-2.5.0-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f3ee3bea6 chicken-4.12.0-2.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-edecdcb23e deluge-1.3.15-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e9936d561b lxterminal-0.3.0-3.fc26 menu-cache-1.0.2-4.D20170514git56f6668459.fc26 pcmanfm-1.2.5-2.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-60775d65bb FlightGear-2017.1.3-2.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f533a944e FlightCrew-0.9.1-7.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1fe6f25af9 authconfig-7.0.1-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6125002d79 libvncserver-0.9.11-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-811133dc2c chromium-58.0.3029.110-2.fc26 chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe7c3c9c30 wordpress-4.7.5-1.fc26
The following Fedora 26 Critical Path updates have yet to be approved: Age URL 55 https://bodhi.fedoraproject.org/updates/FEDORA-2017-90bcb067bf fedora-release-26-0.6 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-39fb5cc3d5 python-productmd-1.7-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b2bcf2658d nss-3.30.2-1.1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e9936d561b lxterminal-0.3.0-3.fc26 menu-cache-1.0.2-4.D20170514git56f6668459.fc26 pcmanfm-1.2.5-2.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7f762b31f8 selinux-policy-3.13.1-254.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-410a632bc7 gperftools-2.5.91-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d044d51c5f python-coverage-4.4.1-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e11f32d40e glusterfs-3.10.2-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-89f4e19ca0 tigervnc-1.8.0-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-455e2c1c09 gssproxy-0.7.0-6.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-782a60cd2e uboot-tools-2017.05-1.fc26 arm-trusted-firmware-1.3-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c9d12f264d gnupg2-2.1.21-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-46cca25356 less-487-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1fe6f25af9 authconfig-7.0.1-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-65d7aa02aa kernel-4.11.1-300.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8750e6df04 bluez-5.45-1.fc26 The following builds have been pushed to Fedora 26 updates-testing GeoIP-1.6.11-1.fc26 arm-trusted-firmware-1.3-2.fc26 authconfig-7.0.1-1.fc26 bluez-5.45-1.fc26 certbot-0.14.1-2.fc26 chromium-58.0.3029.110-2.fc26 chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc26 copr-dist-git-0.27-1.fc26 copr-frontend-1.109-1.fc26 engrampa-1.18.2-1.fc26 fedora-arm-installer-1.99.16-1.fc26 felix-scr-2.0.10-1.fc26 gimagereader-3.2.1-4.fc26 gnupg2-2.1.21-2.fc26 golang-github-10gen-openssl-0-0.12.git4c6dbaf.fc26 golang-github-cznic-internal-1.0.0-1.20170516.git6c349f9.fc26 golang-github-fortytw2-leaktest-1.0.0-1.fc26 gssproxy-0.7.0-6.fc26 inxi-2.3.8-3.fc26 kernel-4.11.1-300.fc26 kompose-0.6.0-0.1.fc26 layla-fonts-2.0-1.fc26 less-487-3.fc26 libcxx-3.9.1-1.fc26 libcxxabi-3.9.1-1.fc26 libvncserver-0.9.11-2.fc26 lightdm-autologin-greeter-1.0-1.fc26 lightdm-settings-1.0.7-1.fc26 mate-menu-17.10.1-1.fc26 mate-panel-1.18.2-2.fc26 mraa-1.7.0-1.fc26 nfs-ganesha-2.4.5-3.fc26 petsc-3.7.6-3.fc26 php-justinrainbow-json-schema5-5.2.1-1.fc26 piglit-1.0.20170515-4.GITa969d23f.fc26 pydf-12-1.fc26 python-Bottleneck-1.2.1-1.fc26 python-acme-0.14.1-1.fc26 python-cassandra-driver-3.9.0-2.fc26 python-certbot-apache-0.14.1-1.fc26 python-dill-0.2.6-1.fc26 python-pandas-0.20.1-1.fc26 python-pandas-datareader-0.3.0-1.post0.fc26 python-statsmodels-0.8.0-1.fc26 python-voluptuous-0.10.5-1.fc26 python-x2go-0.5.0.5-1.fc26 root-6.08.06-7.fc26 rubygem-hoe-3.16.0-1.fc26 sedutil-1.12-3.fc26 system-config-kdump-2.0.16-6.fc26 tigervnc-1.8.0-1.fc26 tinycompress-1.1.4-1.fc26 uboot-tools-2017.05-1.fc26 waf-1.9.11-1.fc26 wcslib-5.16-1.fc26 wine-2.8-1.fc26 wordpress-4.7.5-1.fc26 ws-commons-util-1.0.2-5.fc26 xapian-bindings-1.4.4-1.fc26 xapian-core-1.4.4-1.fc26 xml-maven-plugin-1.0.1-3.fc26 xpa-2.1.18-1.fc26 xpp3-1.1.4-15.c.fc26 Details about builds: ================================================================================ GeoIP-1.6.11-1.fc26 (FEDORA-2017-6225329319) Library for country/city/organization to IP address or hostname mapping -------------------------------------------------------------------------------- Update Information: This update fixes a crash that could happen when reading a corrupted database file (https://github.com/maxmind/geoip-api-c/issues/87). -------------------------------------------------------------------------------- ================================================================================ arm-trusted-firmware-1.3-2.fc26 (FEDORA-2017-782a60cd2e) ARM Trusted Firmware -------------------------------------------------------------------------------- Update Information: u-boot 2017.05 GA release with initial support for arm-trusted-firmware and Pine64 support -------------------------------------------------------------------------------- ================================================================================ authconfig-7.0.1-1.fc26 (FEDORA-2017-1fe6f25af9) Command line tool for setting up authentication from network services -------------------------------------------------------------------------------- Update Information: New release fixing moderate (information leak) issue with PAM configuration when authentication to remote services via SSSD is enabled. To fix the incorrect configuration run: authconfig --updateall -------------------------------------------------------------------------------- References: [ 1 ] Bug #1441604 - CVE-2017-7488 authconfig: Information leak when SSSD is used for authentication against remote server https://bugzilla.redhat.com/show_bug.cgi?id=1441604 -------------------------------------------------------------------------------- ================================================================================ bluez-5.45-1.fc26 (FEDORA-2017-8750e6df04) Bluetooth utilities -------------------------------------------------------------------------------- Update Information: Update to 5.45, Include api docs in devel package -------------------------------------------------------------------------------- ================================================================================ certbot-0.14.1-2.fc26 (FEDORA-2017-64270716a0) A free, automated certificate authority client -------------------------------------------------------------------------------- Update Information: * Update to 0.14.1 * Tweaks to the renew timer (bz#1444814 bz#1441846) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1441846 - Improvements to timer randomization https://bugzilla.redhat.com/show_bug.cgi?id=1441846 [ 2 ] Bug #1448431 - python-certbot-apache-0.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448431 [ 3 ] Bug #1448423 - python-acme-0.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448423 [ 4 ] Bug #1444814 - certbot: error: argument --pre-hook: expected one argument https://bugzilla.redhat.com/show_bug.cgi?id=1444814 [ 5 ] Bug #1448430 - certbot-0.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448430 -------------------------------------------------------------------------------- ================================================================================ chromium-58.0.3029.110-2.fc26 (FEDORA-2017-811133dc2c) A WebKit (Blink) powered web browser -------------------------------------------------------------------------------- Update Information: Update to chromium 58. Move chrome-remote-desktop to user systemd service. Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443850 [ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443849 [ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking https://bugzilla.redhat.com/show_bug.cgi?id=1443848 [ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443847 [ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443845 [ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1443841 [ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps https://bugzilla.redhat.com/show_bug.cgi?id=1443840 [ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443839 [ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443838 [ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443837 [ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview https://bugzilla.redhat.com/show_bug.cgi?id=1443836 [ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1443835 [ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc https://bugzilla.redhat.com/show_bug.cgi?id=1448031 -------------------------------------------------------------------------------- ================================================================================ chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc26 (FEDORA-2017-811133dc2c) Google Native Client Toolchain -------------------------------------------------------------------------------- Update Information: Update to chromium 58. Move chrome-remote-desktop to user systemd service. Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443850 [ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443849 [ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking https://bugzilla.redhat.com/show_bug.cgi?id=1443848 [ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443847 [ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443845 [ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1443841 [ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps https://bugzilla.redhat.com/show_bug.cgi?id=1443840 [ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443839 [ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1443838 [ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink https://bugzilla.redhat.com/show_bug.cgi?id=1443837 [ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview https://bugzilla.redhat.com/show_bug.cgi?id=1443836 [ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1443835 [ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc https://bugzilla.redhat.com/show_bug.cgi?id=1448031 -------------------------------------------------------------------------------- ================================================================================ copr-dist-git-0.27-1.fc26 (FEDORA-2017-dfa471a067) Copr services for Dist Git server -------------------------------------------------------------------------------- Update Information: Fixes problem with fedpkg builds, see https://bugzilla.redhat.com/show_bug.cgi?id=1447102 -------------------------------------------------------------------------------- ================================================================================ copr-frontend-1.109-1.fc26 (FEDORA-2017-cd3e36a1cc) Frontend for Copr -------------------------------------------------------------------------------- Update Information: - debugging infos in build_on_pagure_commit.py - error handling in build_on_pagure_commit.py - Bug 1448333 - Unable to edit someone's else project settings - do not require .git suffix in Git repo URL for webhook rebuilds of Tito and MockSCM packages - use MBS for building modules via UI - add class for communicating with MBS - add NSV property for modulemd generator - "#55 Builds triggered by GitHub WebHook (tag event) do not enable Internet during build" - use ModulemdGenerator for construnting the yaml file ---- - use custom chroot for modules instead of F24 - send the original filename to MBS - get rid of 'unknown key username' warning - fix modularity unit test - validate uploaded yaml file - dont print how to use a module when it is not succeeded - move MBS_URL to config - allow to submit optional params to mbs - frontend act as a gateway between user and mbs - allow to create module and it's action separately - make new-lines work in <code> blocks - Bug 1442047 - Regenerate action is not restricted to an owner of the project. - redirect output of update_indexes_quick in cron into /dev/null - validate fork name characters (RhBug: 1435123) - Bug 1433508 - Half-cancelled builds are not deleted correctly. - Add extra step for setting up GitHub Webhook - add "buildroot" repository into generated build- config - python3 compatibility fixes in frontend core - correctly set repo and ref to point to our dist-git - replace fedorahosted links - replace no-longer working fedorahosted links with the pagure ones -------------------------------------------------------------------------------- ================================================================================ engrampa-1.18.2-1.fc26 (FEDORA-2017-666387bb92) MATE Desktop file archiver -------------------------------------------------------------------------------- Update Information: - update to 1.18.2 -------------------------------------------------------------------------------- ================================================================================ fedora-arm-installer-1.99.16-1.fc26 (FEDORA-2017-abf0e69a89) Writes binary image files to any specified block device -------------------------------------------------------------------------------- Update Information: Update to 1.99.16 ---- Update to 1.99.15 ---- Add support for numerous new devices, various bug fixes and improvements -------------------------------------------------------------------------------- References: [ 1 ] Bug #1447456 - fedora-arm-installer ask for sudo root password uselessly https://bugzilla.redhat.com/show_bug.cgi?id=1447456 [ 2 ] Bug #1447457 - --supported-boards do not work https://bugzilla.redhat.com/show_bug.cgi?id=1447457 -------------------------------------------------------------------------------- ================================================================================ felix-scr-2.0.10-1.fc26 (FEDORA-2017-0007037957) Apache Felix Service Component Runtime (SCR) -------------------------------------------------------------------------------- Update Information: Update Felix SCR to the latest release. See the upstream changelog for details: http://svn.apache.org/repos/asf/felix/releases/org.apache.felix.scr-2.0.10/chang elog.txt Also eliminates an unnecessary dependency on the "xml-commons-apis" package. -------------------------------------------------------------------------------- ================================================================================ gimagereader-3.2.1-4.fc26 (FEDORA-2017-e46ec0bbe8) A front-end to tesseract-ocr -------------------------------------------------------------------------------- Update Information: This update backports a patch to fix some missing icons in the Gtk interface. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451357 - There seems to be some missing icons. https://bugzilla.redhat.com/show_bug.cgi?id=1451357 -------------------------------------------------------------------------------- ================================================================================ gnupg2-2.1.21-2.fc26 (FEDORA-2017-c9d12f264d) Utility for secure communication and data storage -------------------------------------------------------------------------------- Update Information: New upstream release fixing possible corruption of key databases in old format -------------------------------------------------------------------------------- ================================================================================ golang-github-10gen-openssl-0-0.12.git4c6dbaf.fc26 (FEDORA-2017-b89641d196) OpenSSL bindings for Go (forked from github.com/spacemonkeygo/openssl) -------------------------------------------------------------------------------- Update Information: Use compat-openssl and disable building on ppc64 to solve FTBFS. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1423638 - golang-github-10gen-openssl: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1423638 -------------------------------------------------------------------------------- ================================================================================ golang-github-cznic-internal-1.0.0-1.20170516.git6c349f9.fc26 (FEDORA-2017-e9dc7f81fa) Shared dependencies for other cznic Go libraries -------------------------------------------------------------------------------- Update Information: Initial package for fedora. This is one of the (indirect) dependencies of syncthing. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431740 - Review Request: golang-github-cznic-internal - Shared dependencies for other cznic Go libraries https://bugzilla.redhat.com/show_bug.cgi?id=1431740 -------------------------------------------------------------------------------- ================================================================================ golang-github-fortytw2-leaktest-1.0.0-1.fc26 (FEDORA-2017-4aa88be2fa) Goroutine Leak Detector -------------------------------------------------------------------------------- Update Information: Use upstream version tag -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451530 - golang-github-fortytw2-leaktest-v1.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1451530 -------------------------------------------------------------------------------- ================================================================================ gssproxy-0.7.0-6.fc26 (FEDORA-2017-455e2c1c09) GSSAPI Proxy -------------------------------------------------------------------------------- Update Information: * Fix segfault when no gssproxy config files are present. * Ported to gcc7. -------------------------------------------------------------------------------- ================================================================================ inxi-2.3.8-3.fc26 (FEDORA-2017-d6f45529dd) A full featured system information script -------------------------------------------------------------------------------- Update Information: Removed deprecated net-tools dependency. -------------------------------------------------------------------------------- ================================================================================ kernel-4.11.1-300.fc26 (FEDORA-2017-65d7aa02aa) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.11.1 update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ================================================================================ kompose-0.6.0-0.1.fc26 (FEDORA-2017-acd2196245) Tool to move from 'docker-compose' to Kubernetes -------------------------------------------------------------------------------- Update Information: Updated to latest release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1446862 - kompose-v0.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1446862 -------------------------------------------------------------------------------- ================================================================================ layla-fonts-2.0-1.fc26 (FEDORA-2017-e1d681f65d) A collection of traditional Arabic fonts -------------------------------------------------------------------------------- Update Information: - Fixed fonts. They work on MacOS now - Changed Latin letters and numbers -------------------------------------------------------------------------------- ================================================================================ less-487-3.fc26 (FEDORA-2017-46cca25356) A text file browser similar to more, but better -------------------------------------------------------------------------------- Update Information: read correctly text files named accidentally '*.rpm' (rhbz#1449790) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1449790 - README.rpm is bad name for readme file https://bugzilla.redhat.com/show_bug.cgi?id=1449790 -------------------------------------------------------------------------------- ================================================================================ libcxx-3.9.1-1.fc26 (FEDORA-2017-770b0e3907) C++ standard library targeting C++11 -------------------------------------------------------------------------------- Update Information: Sync with the rest of the llvm/clang stack. -------------------------------------------------------------------------------- ================================================================================ libcxxabi-3.9.1-1.fc26 (FEDORA-2017-770b0e3907) Low level support for a standard C++ library -------------------------------------------------------------------------------- Update Information: Sync with the rest of the llvm/clang stack. -------------------------------------------------------------------------------- ================================================================================ libvncserver-0.9.11-2.fc26 (FEDORA-2017-6125002d79) Library to make writing a VNC server easy -------------------------------------------------------------------------------- Update Information: Update to latest stable release, include fixes for gnutls and gtk-vnc compatibility. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1410168 - CVE-2016-9942 libvncserver: Heap-based buffer overflow in ultra.c https://bugzilla.redhat.com/show_bug.cgi?id=1410168 [ 2 ] Bug #1410166 - CVE-2016-9941 libvncserver: Heap-based buffer overflow in rfbproto.c https://bugzilla.redhat.com/show_bug.cgi?id=1410166 -------------------------------------------------------------------------------- ================================================================================ lightdm-autologin-greeter-1.0-1.fc26 (FEDORA-2017-34b2988430) Autologin greeter using LightDM -------------------------------------------------------------------------------- Update Information: Initial import -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451134 - Review Request: lightdm-autologin-greeter - Autologin greeter using LightDM https://bugzilla.redhat.com/show_bug.cgi?id=1451134 -------------------------------------------------------------------------------- ================================================================================ lightdm-settings-1.0.7-1.fc26 (FEDORA-2017-b1007bc3b5) Configuration tool for the LightDM display manager -------------------------------------------------------------------------------- Update Information: * New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451532 - lightdm-settings-1.0.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1451532 -------------------------------------------------------------------------------- ================================================================================ mate-menu-17.10.1-1.fc26 (FEDORA-2017-9c2cc59359) Advanced Menu for the MATE Desktop -------------------------------------------------------------------------------- Update Information: update to 17.10.1 -------------------------------------------------------------------------------- ================================================================================ mate-panel-1.18.2-2.fc26 (FEDORA-2017-4c43516fb5) MATE Desktop panel and applets -------------------------------------------------------------------------------- Update Information: - panel-launcher: fix translation in tooltip comment -------------------------------------------------------------------------------- ================================================================================ mraa-1.7.0-1.fc26 (FEDORA-2017-0e423f623f) A low level skeleton library for Industrial IO Communication -------------------------------------------------------------------------------- Update Information: Update to 1.7.0 -------------------------------------------------------------------------------- ================================================================================ nfs-ganesha-2.4.5-3.fc26 (FEDORA-2017-75d29a9898) NFS-Ganesha is a NFS Server running in user space -------------------------------------------------------------------------------- Update Information: rebuild with libntirpc-1.4.4 -------------------------------------------------------------------------------- ================================================================================ petsc-3.7.6-3.fc26 (FEDORA-2017-484e6de0e1) Portable Extensible Toolkit for Scientific Computation -------------------------------------------------------------------------------- Update Information: - Update to 3.7.6 - Install petscvariables/petscrules - Install pkgconfig files -------------------------------------------------------------------------------- ================================================================================ php-justinrainbow-json-schema5-5.2.1-1.fc26 (FEDORA-2017-4f26f03d0c) A library to validate a json schema -------------------------------------------------------------------------------- Update Information: **Version 5.2.1** * fix #353 Validation of JSON-Schema * fix #405 fix bug when applying defaults * fix #408 SchemaStorage::addSchema() should call BaseConsstraint::arrayToObjectRecursive() on the provide schemas * fix #409 [BUGFIX] Cast empty schema arrays to object * fix #411 [BUGFIX] Split $objectDefinition into $schema and $properties * fix #415 Issue-414: Allow The Option of T or space for Date time. * fix #416 Testcase for minProperties with properties defined + Fix Test * fix #419 [BUGFIX] Split "uri" format into "uri" & "uri-reference", fix meta-schema bug * fix #421 [BUGFIX] Tweak phpdocumentor dependency to avoid install conflicts -------------------------------------------------------------------------------- ================================================================================ piglit-1.0.20170515-4.GITa969d23f.fc26 (FEDORA-2017-ba4064bfcb) Collection of automated tests for OpenGL implementations -------------------------------------------------------------------------------- Update Information: Update to the latest upstream to test Vulcan cards -------------------------------------------------------------------------------- ================================================================================ pydf-12-1.fc26 (FEDORA-2017-6670143f8d) Fully colorized df clone written in python -------------------------------------------------------------------------------- Update Information: Update to version 12 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1338050 - Update pydf to version 12 https://bugzilla.redhat.com/show_bug.cgi?id=1338050 -------------------------------------------------------------------------------- ================================================================================ python-Bottleneck-1.2.1-1.fc26 (FEDORA-2017-71e9127c26) Collection of fast NumPy array functions written in Cython -------------------------------------------------------------------------------- Update Information: * New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451146 - python-Bottleneck-1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1451146 -------------------------------------------------------------------------------- ================================================================================ python-acme-0.14.1-1.fc26 (FEDORA-2017-64270716a0) Python library for the ACME protocol -------------------------------------------------------------------------------- Update Information: * Update to 0.14.1 * Tweaks to the renew timer (bz#1444814 bz#1441846) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1441846 - Improvements to timer randomization https://bugzilla.redhat.com/show_bug.cgi?id=1441846 [ 2 ] Bug #1448431 - python-certbot-apache-0.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448431 [ 3 ] Bug #1448423 - python-acme-0.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448423 [ 4 ] Bug #1444814 - certbot: error: argument --pre-hook: expected one argument https://bugzilla.redhat.com/show_bug.cgi?id=1444814 [ 5 ] Bug #1448430 - certbot-0.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448430 -------------------------------------------------------------------------------- ================================================================================ python-cassandra-driver-3.9.0-2.fc26 (FEDORA-2017-4a94e48981) Python driver for Apache Cassandra -------------------------------------------------------------------------------- Update Information: Fix and enable tests on more (big endian) platforms -------------------------------------------------------------------------------- ================================================================================ python-certbot-apache-0.14.1-1.fc26 (FEDORA-2017-64270716a0) The apache plugin for certbot -------------------------------------------------------------------------------- Update Information: * Update to 0.14.1 * Tweaks to the renew timer (bz#1444814 bz#1441846) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1441846 - Improvements to timer randomization https://bugzilla.redhat.com/show_bug.cgi?id=1441846 [ 2 ] Bug #1448431 - python-certbot-apache-0.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448431 [ 3 ] Bug #1448423 - python-acme-0.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448423 [ 4 ] Bug #1444814 - certbot: error: argument --pre-hook: expected one argument https://bugzilla.redhat.com/show_bug.cgi?id=1444814 [ 5 ] Bug #1448430 - certbot-0.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1448430 -------------------------------------------------------------------------------- ================================================================================ python-dill-0.2.6-1.fc26 (FEDORA-2017-01908e05bd) Serialize all of Python -------------------------------------------------------------------------------- Update Information: New upstream source -------------------------------------------------------------------------------- ================================================================================ python-pandas-0.20.1-1.fc26 (FEDORA-2017-52c39f311c) Python library providing high-performance data analysis tools -------------------------------------------------------------------------------- Update Information: Update pandas to new upstream release 0.20. See changes here: http://pandas.pydata.org/pandas-docs/stable/whatsnew.html#v0-20-1-may-5-2017 -------------------------------------------------------------------------------- ================================================================================ python-pandas-datareader-0.3.0-1.post0.fc26 (FEDORA-2017-52c39f311c) Data readers from the pandas codebase -------------------------------------------------------------------------------- Update Information: Update pandas to new upstream release 0.20. See changes here: http://pandas.pydata.org/pandas-docs/stable/whatsnew.html#v0-20-1-may-5-2017 -------------------------------------------------------------------------------- ================================================================================ python-statsmodels-0.8.0-1.fc26 (FEDORA-2017-2a7ce62bb9) Statistics in Python -------------------------------------------------------------------------------- Update Information: See details here: http://www.statsmodels.org/devel/release/index.html -------------------------------------------------------------------------------- ================================================================================ python-voluptuous-0.10.5-1.fc26 (FEDORA-2017-9eda96b9cb) A Python data validation library -------------------------------------------------------------------------------- Update Information: See changes here: https://github.com/alecthomas/voluptuous/blob/master/CHANGELOG.md -------------------------------------------------------------------------------- ================================================================================ python-x2go-0.5.0.5-1.fc26 (FEDORA-2017-77cb3985e4) Python module providing X2Go client API -------------------------------------------------------------------------------- Update Information: Update to 0.5.0.5 - support for newer gevent versions (1.1 and higher) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451150 - python-x2go-0.5.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1451150 -------------------------------------------------------------------------------- ================================================================================ root-6.08.06-7.fc26 (FEDORA-2017-4880048a1c) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information: Backport python 3 compatibility fixes from upstream. Fix for macro scope issue. Rebuild for OCE 0.18.1. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437135 - Upstream Bug in python3-jupyroot https://bugzilla.redhat.com/show_bug.cgi?id=1437135 [ 2 ] Bug #1448289 - variables declared in gROOT->Macro lost from scope https://bugzilla.redhat.com/show_bug.cgi?id=1448289 [ 3 ] Bug #1451362 - CMake config refers to the wrong libJupyROOT.so https://bugzilla.redhat.com/show_bug.cgi?id=1451362 -------------------------------------------------------------------------------- ================================================================================ rubygem-hoe-3.16.0-1.fc26 (FEDORA-2017-d112f64fe0) Hoe is a simple rake/rubygems helper for project Rakefiles -------------------------------------------------------------------------------- Update Information: New version 3.16.0 is released. -------------------------------------------------------------------------------- ================================================================================ sedutil-1.12-3.fc26 (FEDORA-2017-16408468c4) Tools to manage the activation and use of self encrypting drives -------------------------------------------------------------------------------- Update Information: sedutil is the follow on developement to msed. The sedutil-cli command replaces the msed command. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1447741 - Review Request: sedutil - Tools to manage the activation and use of self encrypting drives https://bugzilla.redhat.com/show_bug.cgi?id=1447741 [ 2 ] Bug #1352870 - update msed to sedutil v. 1.12 https://bugzilla.redhat.com/show_bug.cgi?id=1352870 -------------------------------------------------------------------------------- ================================================================================ system-config-kdump-2.0.16-6.fc26 (FEDORA-2017-d5c66c44b6) A graphical interface for configuring kernel crash dumping -------------------------------------------------------------------------------- Update Information: Remove warning related to GtkRadioButton -------------------------------------------------------------------------------- ================================================================================ tigervnc-1.8.0-1.fc26 (FEDORA-2017-89f4e19ca0) A TigerVNC remote display system -------------------------------------------------------------------------------- Update Information: Tigervnc 1.8.0 release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451535 - tigervnc-1.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1451535 -------------------------------------------------------------------------------- ================================================================================ tinycompress-1.1.4-1.fc26 (FEDORA-2017-50a1f67110) A library for compress audio offload in alsa -------------------------------------------------------------------------------- Update Information: 1.1.4 release -------------------------------------------------------------------------------- ================================================================================ uboot-tools-2017.05-1.fc26 (FEDORA-2017-782a60cd2e) U-Boot utilities -------------------------------------------------------------------------------- Update Information: u-boot 2017.05 GA release with initial support for arm-trusted-firmware and Pine64 support -------------------------------------------------------------------------------- ================================================================================ waf-1.9.11-1.fc26 (FEDORA-2017-9d0693e65b) A Python-based build system -------------------------------------------------------------------------------- Update Information: #### NEW IN WAF 1.9.11 #### * Detect Visual Studio 2017 Build Tools using vswhere.exe #1945 * Improve preprocessor performance on system paths in verbose mode #1950 * Better installation defaults for windows import libraries #1860 * cpplint enhancements: --cpplint-root #1953 #1956 * eclipse project generator enhancements #1957 #1958 -------------------------------------------------------------------------------- ================================================================================ wcslib-5.16-1.fc26 (FEDORA-2017-06f3242470) An implementation of the FITS World Coordinate System standard -------------------------------------------------------------------------------- Update Information: Contains minor improvements and bugfixes, see http://www.atnf.csiro.au/people/mcalabre/WCS/CHANGES -------------------------------------------------------------------------------- ================================================================================ wine-2.8-1.fc26 (FEDORA-2017-985f3ea413) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: - Direct3D command stream runs asynchronously. - Better serial and parallel ports autodetection. - Still more fixes for high DPI settings. - System tray notifications on macOS. - Various bug fixes. Wine-Staging - Improved fake dll generation. - Implement updating shared data time fields. - Reset debug registers on thread creation. - Added basic ACL viewer in file properties. - Various smaller improvements and bug fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450548 - wine-2.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450548 -------------------------------------------------------------------------------- ================================================================================ wordpress-4.7.5-1.fc26 (FEDORA-2017-fe7c3c9c30) Blog tool and publishing platform -------------------------------------------------------------------------------- Update Information: **WordPress 4.7.5** is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.4 and earlier are affected by six security issues: * Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing. * Improper handling of post meta data values in the XML-RPC API. Reported by Sam Thomas. * Lack of capability checks for post meta data in the XML-RPC API. Reported by Ben Bidner of the WordPress Security Team. * A Cross Site Request Forgery (CRSF) vulnerability was discovered in the filesystem credentials dialog. Reported by Yorick Koster. * A cross-site scripting (XSS) vulnerability was discovered when attempting to upload very large files. Reported by Ronni Skansing. * A cross-site scripting (XSS) vulnerability was discovered related to the Customizer. Reported by Weston Ruter of the WordPress Security Team. Thank you to the reporters of these issues for practicing responsible disclosure. In addition to the security issues above, WordPress 4.7.5 contains 3 maintenance fixes to the 4.7 release series. For more information, see the [release notes](https://codex.wordpress.org/Version_4.7.5) or consult the [list of changes](https://core.trac.wordpress.org/query?status=cl osed&milestone=4.7.5&group=component&col=id&col=summary&col=component&col=status &col=owner&col=type&col=priority&col=keywords&order=priority). -------------------------------------------------------------------------------- ================================================================================ ws-commons-util-1.0.2-5.fc26 (FEDORA-2017-741f0d6273) Common utilities from the Apache Web Services Project -------------------------------------------------------------------------------- Update Information: Removes unnecessary runtime dependencies on xml-commons-apis and junit. -------------------------------------------------------------------------------- ================================================================================ xapian-bindings-1.4.4-1.fc26 (FEDORA-2017-3e71a36123) Bindings for the Xapian Probabilistic Information Retrieval Library -------------------------------------------------------------------------------- Update Information: Update to 1.4.4 -------------------------------------------------------------------------------- ================================================================================ xapian-core-1.4.4-1.fc26 (FEDORA-2017-3e71a36123) The Xapian Probabilistic Information Retrieval Library -------------------------------------------------------------------------------- Update Information: Update to 1.4.4 -------------------------------------------------------------------------------- ================================================================================ xml-maven-plugin-1.0.1-3.fc26 (FEDORA-2017-99801cac35) Maven XML Plugin -------------------------------------------------------------------------------- Update Information: Removes an unnecessary dependency on the "xml-commons-apis" package. The javax.xml classes are now supplied by the JRE. -------------------------------------------------------------------------------- ================================================================================ xpa-2.1.18-1.fc26 (FEDORA-2017-3cce920fcb) The X Public Access messaging system -------------------------------------------------------------------------------- Update Information: New upstream version -------------------------------------------------------------------------------- ================================================================================ xpp3-1.1.4-15.c.fc26 (FEDORA-2017-0007037957) XML Pull Parser -------------------------------------------------------------------------------- Update Information: Update Felix SCR to the latest release. See the upstream changelog for details: http://svn.apache.org/repos/asf/felix/releases/org.apache.felix.scr-2.0.10/chang elog.txt Also eliminates an unnecessary dependency on the "xml-commons-apis" package. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@lists.fedoraproject.org To unsubscribe send an email to test-le...@lists.fedoraproject.org
