The following Fedora 26 Security updates need testing: Age URL 239 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 71 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26 58 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef squid-4.0.23-1.fc26 52 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c7c6160e65 thunderbird-52.6.0-1.fc26 33 https://bodhi.fedoraproject.org/updates/FEDORA-2018-db5041e661 bro-2.5.3-1.fc26 26 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c1f73debee drupal7-7.57-1.fc26 21 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c967cee830 dovecot-2.2.34-1.fc26 17 https://bodhi.fedoraproject.org/updates/FEDORA-2018-122ea355a7 memcached-1.4.39-2.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6143b1d911 calibre-3.19.0-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d809bd2fd6 php-simplesamlphp-saml2_1-1.10.6-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f4ab4d96f9 php-simplesamlphp-saml2-2.3.8-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f2097d8937 php-simplesamlphp-saml2_3-3.1.4-1.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-505e83d30e webkitgtk4-2.20.0-1.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c1769746da python-paramiko-2.2.3-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b0f6a5bdbc glpi-9.1.7.1-2.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e03a17fa61 mosquitto-1.4.15-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0c2141fcbc apache-commons-compress-1.13-3.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c188d3f09a unboundid-ldapsdk-4.0.5-1.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a233dae4ab tomcat-8.0.50-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f26d891469 libvorbis-1.3.6-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a46b358764 slf4j-1.7.22-5.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1e32d78b95 mozjs52-52.7.2-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddb95c8324 python-notebook-5.0.0-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-024afa2d48 qt5-qtwebengine-5.10.1-4.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aace372c3f sqlite-3.20.1-2.fc26
The following Fedora 26 Critical Path updates have yet to be approved: Age URL 52 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c7c6160e65 thunderbird-52.6.0-1.fc26 37 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a iproute-4.14.1-5.fc26 17 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bac26576fe lxpanel-0.9.3-7.D20180305gitb85c71a6.fc26 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6b73fc22f3 breeze-icon-theme-5.44.0-1.fc26 extra-cmake-modules-5.44.0-1.fc26 kf5-5.44.0-1.fc26 kf5-attica-5.44.0-1.fc26 kf5-baloo-5.44.0-1.fc26 kf5-bluez-qt-5.44.0-1.fc26 kf5-frameworkintegration-5.44.0-1.fc26 kf5-kactivities-5.44.0-1.fc26 kf5-kactivities-stats-5.44.0-1.fc26 kf5-kapidox-5.44.0-1.fc26 kf5-karchive-5.44.0-1.fc26 kf5-kauth-5.44.0-1.fc26 kf5-kbookmarks-5.44.0-1.fc26 kf5-kcmutils-5.44.0-1.fc26 kf5-kcodecs-5.44.0-1.fc26 kf5-kcompletion-5.44.0-1.fc26 kf5-kconfig-5.44.0-1.fc26 kf5-kconfigwidgets-5.44.0-1.fc26 kf5-kcoreaddons-5.44.0-2.fc26 kf5-kcrash-5.44.0-1.fc26 kf5-kdbusaddons-5.44.0-1.fc26 kf5-kdeclarative-5.44.0-1.fc26 kf5-kded-5.44.0-1.fc26 kf5-kdelibs4support-5.44.0-1.fc26 kf5-kdesignerplugin-5.44.0-1.fc26 kf5-kdesu-5.44.0-1.fc26 kf5-kdewebkit-5.44.0-1.fc26 kf5-kdnssd-5.44.0-1.fc26 kf5-kdoctools-5.44.0-1.fc26 kf5-kemoticons-5.44.0-1.fc26 kf5-kfilemetadata-5.44.0-1.fc26 kf5-kglobalaccel-5.44.0-1.fc26 kf5-kguiad dons-5.44.0-1.fc26 kf5-khtml-5.44.0-1.fc26 kf5-ki18n-5.44.0-1.fc26 kf5-kiconthemes-5.44.0-1.fc26 kf5-kidletime-5.44.0-1.fc26 kf5-kimageformats-5.44.0-1.fc26 kf5-kinit-5.44.0-1.fc26 kf5-kio-5.44.0-2.fc26 kf5-kirigami2-5.44.0-1.fc26 kf5-kitemmodels-5.44.0-1.fc26 kf5-kitemviews-5.44.0-1.fc26 kf5-kjobwidgets-5.44.0-1.fc26 kf5-kjs-5.44.0-1.fc26 kf5-kjsembed-5.44.0-1.fc26 kf5-kmediaplayer-5.44.0-1.fc26 kf5-knewstuff-5.44.0-1.fc26 kf5-knotifications-5.44.0-1.fc26 kf5-knotifyconfig-5.44.0-1.fc26 kf5-kpackage-5.44.0-1.fc26 kf5-kparts-5.44.0-1.fc26 kf5-kpeople-5.44.0-1.fc26 kf5-kplotting-5.44.0-1.fc26 kf5-kpty-5.44.0-1.fc26 kf5-kross-5.44.0-1.fc26 kf5-krunner-5.44.0-1.fc26 kf5-kservice-5.44.0-1.fc26 kf5-ktexteditor-5.44.0-1.fc26 kf5-ktextwidgets-5.44.0-1.fc26 kf5-kunitconversion-5.44.0-1.fc26 kf5-kwallet-5.44.0-1.fc26 kf5-kwayland-5.44.0-1.fc26 kf5-kwidgetsaddons-5.44.0-1.fc26 kf5-kwindowsystem-5.44.0-1.fc26 kf5-kxmlgui-5.44.0-1.fc26 kf5-kxmlrpcclient-5.44.0-1.fc26 kf5-modemmanager-qt-5.44.0- 1.fc26 kf5-networkmanager-qt-5.44.0-1.fc26 kf5-plasma-5.44.0-1.fc26 kf5-prison-5.44.0-1.fc26 kf5-purpose-5.44.0-1.fc26 kf5-solid-5.44.0-1.fc26 kf5-sonnet-5.44.0-1.fc26 kf5-syntax-highlighting-5.44.0-1.fc26 kf5-threadweaver-5.44.0-1.fc26 oxygen-icon-theme-5.44.0-1.fc26 qqc2-desktop-style-5.44.0-1.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-505e83d30e webkitgtk4-2.20.0-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ebb3a0ad9d pytz-2017.2-7.fc26 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8b79ef546d osinfo-db-20180318-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a37f6f92f7 pcre-8.42-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0ecf7675fc xfce4-settings-4.12.3-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f26d891469 libvorbis-1.3.6-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-add17f7db7 llvm-4.0.1-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e01e08c21d flatpak-0.10.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aace372c3f sqlite-3.20.1-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-98ca353528 libdrm-2.4.91-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4ed93e90d1 control-center-3.24.4-1.fc26 gnome-photos-3.24.6-1.fc26 gnome-settings-daemon-3.24.4-1.fc26 The following builds have been pushed to Fedora 26 updates-testing R-R.oo-1.21.0-2.fc26 R-bindrcpp-0.2-1.fc26 R-callr-2.0.2-2.fc26 R-clipr-0.4.0-1.fc26 R-openssl-1.0.1-1.fc26 R-orcutt-2.2-1.fc26 R-poLCA-1.4.1-1.fc26 R-rgdal-1.2.18-1.fc26 R-rprintf-0.2.1-2.fc26 R-statnet.common-4.0.0-1.fc26 R-tkrplot-0.0.23-1.fc26 chromium-65.0.3325.181-1.fc26 erlang-19.3.6.7-1.fc26 gqrx-2.11.1-1.fc26 icecat-52.7.2-1.fc26 libvncserver-0.9.11-3.fc26 purple-facebook-0.9.5-4.9ff9acf9fa14.fc26 python-recaptcha-client-2.0.1-1.fc26 skrooge-2.12.0-1.fc26 urjtag-2017.10-2.fc26 Details about builds: ================================================================================ R-R.oo-1.21.0-2.fc26 (FEDORA-2018-5b98ebb8ea) R Object-Oriented Programming with or without References -------------------------------------------------------------------------------- Update Information: Initial package of R.oo for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558874 - Review Request: R-R.oo - R Object-Oriented Programming with or without References https://bugzilla.redhat.com/show_bug.cgi?id=1558874 -------------------------------------------------------------------------------- ================================================================================ R-bindrcpp-0.2-1.fc26 (FEDORA-2018-1dce6515d7) An 'Rcpp' Interface to Active Bindings -------------------------------------------------------------------------------- Update Information: Initial package of bindrcpp for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558882 - Review Request: R-bindrcpp - An 'Rcpp' Interface to Active Bindings https://bugzilla.redhat.com/show_bug.cgi?id=1558882 -------------------------------------------------------------------------------- ================================================================================ R-callr-2.0.2-2.fc26 (FEDORA-2018-35f3169b9e) Call R from R -------------------------------------------------------------------------------- Update Information: Initial package of callr for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558892 - Review Request: R-callr - Call R from R https://bugzilla.redhat.com/show_bug.cgi?id=1558892 -------------------------------------------------------------------------------- ================================================================================ R-clipr-0.4.0-1.fc26 (FEDORA-2018-afbdf7c11b) Read and Write from the System Clipboard -------------------------------------------------------------------------------- Update Information: Initial package of clipr for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558894 - Review Request: R-clipr - Read and Write from the System Clipboard https://bugzilla.redhat.com/show_bug.cgi?id=1558894 -------------------------------------------------------------------------------- ================================================================================ R-openssl-1.0.1-1.fc26 (FEDORA-2018-95d0be5d06) Toolkit for Encryption, Signatures and Certificates Based on OpenSSL -------------------------------------------------------------------------------- Update Information: Initial package of openssl for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1557748 - Review Request: R-openssl - Toolkit for Encryption, Signatures and Certificates Based on OpenSSL https://bugzilla.redhat.com/show_bug.cgi?id=1557748 -------------------------------------------------------------------------------- ================================================================================ R-orcutt-2.2-1.fc26 (FEDORA-2018-cbc14b7fe6) Estimate Procedure in Case of First Order Autocorrelation -------------------------------------------------------------------------------- Update Information: Initial package of orcutt for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558789 - Review Request: R-orcutt - Estimate Procedure in Case of First Order Autocorrelation https://bugzilla.redhat.com/show_bug.cgi?id=1558789 -------------------------------------------------------------------------------- ================================================================================ R-poLCA-1.4.1-1.fc26 (FEDORA-2018-dfd2222a42) Polytomous variable Latent Class Analysis -------------------------------------------------------------------------------- Update Information: Initial package of poLCA for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558859 - Review Request: R-poLCA - Polytomous variable Latent Class Analysis https://bugzilla.redhat.com/show_bug.cgi?id=1558859 -------------------------------------------------------------------------------- ================================================================================ R-rgdal-1.2.18-1.fc26 (FEDORA-2018-c4c5ace033) Bindings for the 'Geospatial' Data Abstraction Library -------------------------------------------------------------------------------- Update Information: Initial package of rgdal for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558779 - Review Request: R-rgdal - Bindings for the 'Geospatial' Data Abstraction Library https://bugzilla.redhat.com/show_bug.cgi?id=1558779 -------------------------------------------------------------------------------- ================================================================================ R-rprintf-0.2.1-2.fc26 (FEDORA-2018-30d4428c94) Adaptive Builder for Formatted Strings -------------------------------------------------------------------------------- Update Information: Initial package of rprintf for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558784 - Review Request: R-rprintf - Adaptive Builder for Formatted Strings https://bugzilla.redhat.com/show_bug.cgi?id=1558784 -------------------------------------------------------------------------------- ================================================================================ R-statnet.common-4.0.0-1.fc26 (FEDORA-2018-f48cf7e2ec) Common R Scripts and Utilities Used by the Statnet Project Software -------------------------------------------------------------------------------- Update Information: Initial package of statnet.common for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558756 - Review Request: R-statnet.common - Common R Scripts and Utilities Used by the Statnet Project Software https://bugzilla.redhat.com/show_bug.cgi?id=1558756 -------------------------------------------------------------------------------- ================================================================================ R-tkrplot-0.0.23-1.fc26 (FEDORA-2018-de88237518) TK Rplot -------------------------------------------------------------------------------- Update Information: Initial package of tkrplot for R -------------------------------------------------------------------------------- References: [ 1 ] Bug #1558757 - Review Request: R-tkrplot - TK Rplot https://bugzilla.redhat.com/show_bug.cgi?id=1558757 -------------------------------------------------------------------------------- ================================================================================ chromium-65.0.3325.181-1.fc26 (FEDORA-2018-010396b4a2) A WebKit (Blink) powered web browser -------------------------------------------------------------------------------- Update Information: Update to Chromium 65. For EPEL7, it has been a long time since a successful build has been possible, so this will fix a LOT of CVEs. CVE-2017-15396 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15412 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15422 CVE-2018-6056 CVE-2018-6406 CVE-2018-6057 CVE-2018-6058 CVE-2018-6059 CVE-2018-6060 CVE-2018-6061 CVE-2018-6062 CVE-2018-6063 CVE-2018-6064 CVE-2018-6065 CVE-2018-6066 CVE-2018-6067 CVE-2018-6068 CVE-2018-6069 CVE-2018-6070 CVE-2018-6071 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1552500 - CVE-2018-6083 chromium-browser: incorrect processing of appmanifests https://bugzilla.redhat.com/show_bug.cgi?id=1552500 [ 2 ] Bug #1552499 - CVE-2018-6082 chromium-browser: circumvention of port blocking https://bugzilla.redhat.com/show_bug.cgi?id=1552499 [ 3 ] Bug #1552498 - CVE-2018-6081 chromium-browser: xss in interstitials https://bugzilla.redhat.com/show_bug.cgi?id=1552498 [ 4 ] Bug #1552497 - CVE-2018-6080 chromium-browser: information disclosure in ipc call https://bugzilla.redhat.com/show_bug.cgi?id=1552497 [ 5 ] Bug #1552496 - CVE-2018-6079 chromium-browser: information disclosure via texture data in webgl https://bugzilla.redhat.com/show_bug.cgi?id=1552496 [ 6 ] Bug #1552495 - CVE-2018-6078 chromium-browser: url spoof in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1552495 [ 7 ] Bug #1552494 - CVE-2018-6077 chromium-browser: timing attack using svg filters https://bugzilla.redhat.com/show_bug.cgi?id=1552494 [ 8 ] Bug #1552493 - CVE-2018-6076 chromium-browser: incorrect handling of url fragment identifiers in blink https://bugzilla.redhat.com/show_bug.cgi?id=1552493 [ 9 ] Bug #1552492 - CVE-2018-6075 chromium-browser: overly permissive cross origin downloads https://bugzilla.redhat.com/show_bug.cgi?id=1552492 [ 10 ] Bug #1552491 - CVE-2018-6074 chromium-browser: mark-of-the-web bypass https://bugzilla.redhat.com/show_bug.cgi?id=1552491 [ 11 ] Bug #1552490 - CVE-2018-6073 chromium-browser: heap bufffer overflow in webgl https://bugzilla.redhat.com/show_bug.cgi?id=1552490 [ 12 ] Bug #1552489 - CVE-2018-6072 chromium-browser: integer overflow in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1552489 [ 13 ] Bug #1552488 - CVE-2018-6071 chromium-browser: heap bufffer overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1552488 [ 14 ] Bug #1552487 - CVE-2018-6070 chromium-browser: csp bypass through extensions https://bugzilla.redhat.com/show_bug.cgi?id=1552487 [ 15 ] Bug #1552486 - CVE-2018-6069 chromium-browser: stack buffer overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1552486 [ 16 ] Bug #1552485 - CVE-2018-6068 chromium-browser: object lifecycle issues in chrome custom tab https://bugzilla.redhat.com/show_bug.cgi?id=1552485 [ 17 ] Bug #1552484 - CVE-2018-6067 chromium-browser: buffer overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1552484 [ 18 ] Bug #1552483 - CVE-2018-6066 chromium-browser: same origin bypass via canvas https://bugzilla.redhat.com/show_bug.cgi?id=1552483 [ 19 ] Bug #1552482 - CVE-2018-6065 chromium-browser: integer overflow in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1552482 [ 20 ] Bug #1552481 - CVE-2018-6064 chromium-browser: type confusion in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1552481 [ 21 ] Bug #1552480 - CVE-2018-6063 chromium-browser: incorrect permissions on shared memory https://bugzilla.redhat.com/show_bug.cgi?id=1552480 [ 22 ] Bug #1552479 - CVE-2018-6057 chromium-browser: incorrect permissions on shared memory https://bugzilla.redhat.com/show_bug.cgi?id=1552479 [ 23 ] Bug #1552478 - CVE-2018-6062 chromium-browser: heap buffer overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1552478 [ 24 ] Bug #1552477 - CVE-2018-6061 chromium-browser: race condition in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1552477 [ 25 ] Bug #1552476 - CVE-2018-6060 chromium-browser: use-after-free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1552476 [ 26 ] Bug #1552475 - CVE-2018-6059 chromium-browser: use-after-free in flash https://bugzilla.redhat.com/show_bug.cgi?id=1552475 [ 27 ] Bug #1552474 - CVE-2018-6058 chromium-browser: use-after-free in flash https://bugzilla.redhat.com/show_bug.cgi?id=1552474 [ 28 ] Bug #1547349 - CVE-2018-6406 libwebm: Out of bounds read in libwebm_util.cc:ParseVP9SuperFrameIndex() can lead to information leak or potential denial of service https://bugzilla.redhat.com/show_bug.cgi?id=1547349 [ 29 ] Bug #1545062 - CVE-2018-6056 chromium-browser: incorrect derived class instantiation in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1545062 [ 30 ] Bug #1523141 - CVE-2017-15427 chromium-browser: insufficient blocking of javascript in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1523141 [ 31 ] Bug #1523140 - CVE-2017-15426 chromium-browser: url spoof in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1523140 [ 32 ] Bug #1523139 - CVE-2017-15425 chromium-browser: url spoof in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1523139 [ 33 ] Bug #1523138 - CVE-2017-15424 chromium-browser: url spoof in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1523138 [ 34 ] Bug #1523137 - CVE-2017-15423 chromium-browser: issue with spake implementation in boringssl https://bugzilla.redhat.com/show_bug.cgi?id=1523137 [ 35 ] Bug #1523136 - CVE-2017-15422 chromium-browser: integer overflow in icu https://bugzilla.redhat.com/show_bug.cgi?id=1523136 [ 36 ] Bug #1523135 - CVE-2017-15420 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1523135 [ 37 ] Bug #1523134 - CVE-2017-15419 chromium-browser: cross origin leak of redirect url in blink https://bugzilla.redhat.com/show_bug.cgi?id=1523134 [ 38 ] Bug #1523133 - CVE-2017-15418 chromium-browser: use of uninitialized value in skia https://bugzilla.redhat.com/show_bug.cgi?id=1523133 [ 39 ] Bug #1523132 - CVE-2017-15417 chromium-browser: cross origin information disclosure in skia https://bugzilla.redhat.com/show_bug.cgi?id=1523132 [ 40 ] Bug #1523131 - CVE-2017-15416 chromium-browser: out of bounds read in blink https://bugzilla.redhat.com/show_bug.cgi?id=1523131 [ 41 ] Bug #1523130 - CVE-2017-15415 chromium-browser: pointer information disclosure in ipc call https://bugzilla.redhat.com/show_bug.cgi?id=1523130 [ 42 ] Bug #1523129 - CVE-2017-15413 chromium-browser: type confusion in webassembly https://bugzilla.redhat.com/show_bug.cgi?id=1523129 [ 43 ] Bug #1523128 - CVE-2017-15412 chromium-browser: use after free in libxml https://bugzilla.redhat.com/show_bug.cgi?id=1523128 [ 44 ] Bug #1523127 - CVE-2017-15411 chromium-browser: use after free in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1523127 [ 45 ] Bug #1523126 - CVE-2017-15410 chromium-browser: use after free in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1523126 [ 46 ] Bug #1523125 - CVE-2017-15409 chromium-browser: out of bounds write in skia https://bugzilla.redhat.com/show_bug.cgi?id=1523125 [ 47 ] Bug #1523124 - CVE-2017-15408 chromium-browser: heap buffer overflow in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1523124 [ 48 ] Bug #1523123 - CVE-2017-15407 chromium-browser: out of bounds write in quic https://bugzilla.redhat.com/show_bug.cgi?id=1523123 -------------------------------------------------------------------------------- ================================================================================ erlang-19.3.6.7-1.fc26 (FEDORA-2018-7b58dae19a) General-purpose programming language and runtime environment -------------------------------------------------------------------------------- Update Information: * Erlang ver. 19.3.6.7 ---- * Ver. 19.3.6.6 -------------------------------------------------------------------------------- ================================================================================ gqrx-2.11.1-1.fc26 (FEDORA-2018-f1a0c07621) Software defined radio receiver powered by GNU Radio and Qt -------------------------------------------------------------------------------- Update Information: new upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1557979 - gqrx-2.11.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1557979 -------------------------------------------------------------------------------- ================================================================================ icecat-52.7.2-1.fc26 (FEDORA-2018-256f431f74) GNU version of Firefox browser -------------------------------------------------------------------------------- Update Information: Update to 52.7.2 -------------------------------------------------------------------------------- ================================================================================ libvncserver-0.9.11-3.fc26 (FEDORA-2018-43541091ab) Library to make writing a VNC server easy -------------------------------------------------------------------------------- Update Information: This release fixes a possible sensitive data leak and a memory exhaustion when handling ClientTextCut messages of the RFB protocol. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1546858 - CVE-2018-7225 libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c https://bugzilla.redhat.com/show_bug.cgi?id=1546858 -------------------------------------------------------------------------------- ================================================================================ purple-facebook-0.9.5-4.9ff9acf9fa14.fc26 (FEDORA-2018-6d2b8ebb45) Facebook protocol plugin for purple2 -------------------------------------------------------------------------------- Update Information: This fixes a [crash in Pidgin after Facebook login](https://github.com/dequis /purple-facebook/issues/403) and ["Failed to read fixed header" due to TLS 1.3](https://github.com/dequis/purple-facebook/issues/410). Read [this notice about Pidgin <= 2.12.0](https://github.com/dequis/purple-facebook/issues/408) and connecting to Facebook using TLS 1.3. -------------------------------------------------------------------------------- ================================================================================ python-recaptcha-client-2.0.1-1.fc26 (FEDORA-2018-0a097ff3be) Python module for reCAPTCHA and reCAPTCHA Mailhide -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ================================================================================ skrooge-2.12.0-1.fc26 (FEDORA-2018-679b970a74) Personal finances manager -------------------------------------------------------------------------------- Update Information: New stable release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1553733 - skrooge-2.12.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1553733 -------------------------------------------------------------------------------- ================================================================================ urjtag-2017.10-2.fc26 (FEDORA-2018-e4c05f36b9) A tool for communicating over JTAG with flash chips and CPUs -------------------------------------------------------------------------------- Update Information: revert back armfix patch ---- added bison and flex for bsdl2jtag command -------------------------------------------------------------------------------- References: [ 1 ] Bug #1553506 - urjtag-2017.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1553506 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@lists.fedoraproject.org To unsubscribe send an email to test-le...@lists.fedoraproject.org
