I propose we remove "Default boot and install (i386)" section from
https://fedoraproject.org/wiki/Template:Installation_test_matrix
We no longer have i386 references anywhere, just in that installation
matrix. It has been an alternate arch since F26 and not blocking as an
installation medium since F25. The existing section just makes the page
longer and less readable. I see no harm removing it. OpenQA results will
still be visible on OpenQA homepage. Thoughts?
Hi I'm Pat (tablepc)
I joined the QA group a few weeks ago and I've been helping out a bit,
but I've concluded I need a mentor. If you would like to do that please
reply.
Have a Great Day!
Pat
On Thu, 2018-03-29 at 19:18 +0200, Jan Kurik wrote:
> The Fedora 28 Beta RC3 compose [1] is considered as GOLD and is going to be
> shipped live on Tuesday, April 3rd, 2018.
Just so folks now, this means we're shipping Beta-1.3 (RC3) as Beta
final. That decision is now done and irreversible. There's no need to
test Beta-1.1 any more.
It *is* still useful to run any outstanding Beta-1.3 tests, though, as
they feed into Final preparation.
A new nightly validation event will be created sometime soon after Beta
release, and become the 'current' event, then we'll be testing
nightlies again up until Final candidates.
Thanks folks!
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
The following Fedora 28 Security updates need testing:
Age URL
15 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bfdad62cd6 wireshark-2.4.5-3.fc28
12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d305559481 mosquitto-1.4.15-1.fc28
8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bb66329dee sqlite-3.22.0-4.fc28
7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1c9f6768cf exempi-2.4.5-1.fc28
4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1aeac808ce gd-2.2.5-3.fc28
4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-633acf0ed6 jackson-databind-2.9.4-3.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-60ec960104 bchunk-1.2.2-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b13b720a3d php-7.2.4-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aa5e668e64 thunderbird-52.7.0-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8049b2c488 nodejs-8.11.0-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-75bca4c5a0 drupal7-7.58-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-906ba26b4d drupal8-8.4.6-1.fc28
The following Fedora 28 Critical Path updates have yet to be approved:
Age URL
15 https://bodhi.fedoraproject.org/updates/FEDORA-2018-654231f9e7 libtirpc-1.0.3-0.fc28
14 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3c10274df1 pcre2-10.31-4.fc28
10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-83ed6f8a9a pcre-8.42-1.fc28
10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6019d0a8f0 xfce4-settings-4.12.3-1.fc28
10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-64a05f528d hivex-1.3.15-3.fc28
9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-42200bfff3 python-setuptools-39.0.1-1.fc28
9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0c1670b318 realmd-0.16.3-12.fc28
9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-74acab54cf qemu-2.11.1-2.fc28
8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-00c5193ae8 libpwquality-1.4.0-7.fc28
8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-eb196768cd avahi-0.7-10.fc28
8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bb66329dee sqlite-3.22.0-4.fc28
8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-998509b780 python-asn1crypto-0.24.0-1.fc28 python-cryptography-vectors-2.2.1-1.fc28 python-cryptography-2.2.1-1.fc28
7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1c9f6768cf exempi-2.4.5-1.fc28
7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-370f1fc201 libX11-1.6.5-7.fc28
7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5a4d0ee124 dnsmasq-2.79-1.fc28
7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2ee87d2721 python-pid-2.1.1-7.fc28
5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ea9ace8675 libiscsi-1.18.0-3.fc28
4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c3c9b95a7b readline-7.0-9.fc28
4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-02e145266f gdbm-1.14.1-4.fc28
4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a95a4a8d8e osinfo-db-20180325-1.fc28
4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-782412cd18 sgabios-0.20170427git-1.fc28
4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-08531132c6 checkpolicy-2.7-7.fc28 libselinux-2.7-13.fc28 libsemanage-2.7-12.fc28 libsepol-2.7-6.fc28 policycoreutils-2.7-17.fc28
3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-543efe8260 SLOF-0.1.git20171214-2.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a2dead92f8 appstream-data-28-6.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-93c3715e80 openldap-2.4.46-1.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b709c38412 ppp-2.4.7-18.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-efe2f471f2 satyr-0.25-4.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-09a48963ea bcache-tools-1.0.8-12.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a2b3791b2b abrt-2.10.8-2.fc28 bluez-5.49-2.fc28 cryptsetup-2.0.2-2.fc28 device-mapper-multipath-0.7.4-2.git07e7bd5.fc28 fastd-18-9.fc28 filezilla-3.32.0-0.rc1.fc28.1 freeradius-3.0.15-12.fc28 fwts-18.01.00-2.fc28 gdal-2.2.4-2.fc28 gdcm-2.8.4-5.fc28 gfal2-2.15.3-2.fc28 girara-0.2.7-7.fc28 gluster-block-0.3-5.fc28 json-c-0.13.1-1.fc28 lcgdm-dav-0.20.0-2.fc28 libmypaint-1.3.0-7.fc28 libreport-2.9.3-8.fc28 libstorj-1.0.2-5.fc28 libu2f-host-1.1.4-3.fc28 libu2f-server-1.0.1-12.fc28 libverto-jsonrpc-0.1.0-19.fc28 libvmi-0.11.0-13.20170706gite919365.fc28 mypaint-1.2.1-18.fc28 ndctl-59.2-2.fc28 newsbeuter-2.9-9.fc28 openhpi-3.7.0-5.fc28 opensips-2.3.3-3.fc28 postgis-2.4.3-3.fc28 riemann-c-client-1.9.0-10.fc28 strongswan-5.6.2-2.fc28 sway-0.15.1-3.fc28 syslog-ng-3.14.1-4.fc28 systemtap-3.2-8.fc28 tlog-4-3.fc28 zmap-2.1.1-7.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-318a38494a util-linux-2.32-2.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bbffdeb641 kernel-4.16.0-0.rc7.git0.1.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2c1484e4cd audit-2.8.3-2.fc28
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-109321c535 tcp_wrappers-7.6-91.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a24ede24b4 publicsuffix-list-20180328-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-be5660a0d9 git-2.17.0-0.2.rc2.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1668d86ea9 enca-1.19-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aa5e668e64 thunderbird-52.7.0-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-87d72fc01e vte291-0.51.3-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1f0ce82941 libreport-2.9.4-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8d801e7eb7 libsolv-0.6.34-1.fc28
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7f1047b24e pygobject3-3.28.2-1.fc28
The following builds have been pushed to Fedora 28 updates-testing
adapta-gtk-theme-3.93.0.220-1.fc28
amarok-2.9.0-1.fc28
ansifilter-2.10-1.fc28
dialog-1.3-13.20171209.fc28
dmlite-1.10.1-3.fc28
dogtag-pki-10.6.0-0.3.fc28
dogtag-pki-theme-10.6.0-0.3.fc28
gap-pkg-guava-3.14-1.fc28
glibc-2.27-8.fc28
gnome-software-3.28.0-5.fc28
highlight-3.42-1.fc28
httpd-2.4.33-1.fc28
ibus-1.5.18-4.fc28
jgoodies-common-1.8.1-1.fc28
krb5-1.16-18.fc28
libid3tag-0.15.1b-27.fc28
libsecret-0.18.6-1.fc28
lollypop-0.9.403-1.fc28
mariadb-10.2.14-1.fc28
mariadb-connector-c-3.0.3-3.fc28
mate-themes-3.22.16-1.fc28
mod_http2-1.10.16-1.fc28
nano-2.9.5-1.fc28
nvml-1.4-3.fc28
openssl-1.1.0h-2.fc28
passwd-0.80-1.fc28
php-zendframework-zend-diactoros-1.7.1-1.fc28
php-zendframework-zend-dom-2.7.0-1.fc28
pki-console-10.6.0-0.3.fc28
pki-core-10.6.0-0.3.fc28
plymouth-0.9.3-5.fc28
podman-0.3.5-1.gitdb6bf9e.fc28
python-social-auth-app-flask-1.0.0-1.fc28
python-social-auth-app-flask-sqlalchemy-1.0.1-1.fc28
python-social-auth-core-1.7.0-1.fc28
python-social-auth-storage-sqlalchemy-1.1.0-1.fc28
python37-3.7.0-0.14.b3.fc28
salt-2017.7.5-1.fc28
selinux-policy-3.14.1-19.fc28
skopeo-0.1.29-1.git7add6fc.fc28
sqlitebrowser-3.10.1-5.fc28
uwsgi-2.0.16-1.fc28
Details about builds:
================================================================================
adapta-gtk-theme-3.93.0.220-1.fc28 (FEDORA-2018-65e1f5c155)
An adaptive Gtk+ theme based on Material Design Guidelines
--------------------------------------------------------------------------------
Update Information:
- New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1562036 - adapta-gtk-theme-3.93.0.204 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1562036
--------------------------------------------------------------------------------
================================================================================
amarok-2.9.0-1.fc28 (FEDORA-2018-e635906fa4)
Media player
--------------------------------------------------------------------------------
Update Information:
New upstream release, includes many bugfixes and improvements, see also:
https://amarok.kde.org/en/node/888
--------------------------------------------------------------------------------
================================================================================
ansifilter-2.10-1.fc28 (FEDORA-2018-869769d94f)
ANSI terminal escape code converter
--------------------------------------------------------------------------------
Update Information:
- Updated to new 2.10 upstream version, fixes rhbz #1552957
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1552957 - ansifilter-2.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1552957
--------------------------------------------------------------------------------
================================================================================
dialog-1.3-13.20171209.fc28 (FEDORA-2018-7e2bb6f473)
A utility for creating TTY dialog boxes
--------------------------------------------------------------------------------
Update Information:
This is an update to the latest upstream release and also a fix for building the
package with the latest hardened LDFLAGS.
--------------------------------------------------------------------------------
================================================================================
dmlite-1.10.1-3.fc28 (FEDORA-2018-7ce07c8d2c)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
dmlite 1.10 is a major update to DPM internals including Dome. ---- dmlite
1.10 is a major update to DPM internals including Dome. ---- dmlite 1.10 is a
major update to DPM internals including Dome.
--------------------------------------------------------------------------------
================================================================================
dogtag-pki-10.6.0-0.3.fc28 (FEDORA-2018-1270ede284)
Dogtag Public Key Infrastructure (PKI) Suite
--------------------------------------------------------------------------------
Update Information:
Update to PKI 10.6.0 Beta 2
--------------------------------------------------------------------------------
================================================================================
dogtag-pki-theme-10.6.0-0.3.fc28 (FEDORA-2018-1270ede284)
Certificate System - Dogtag PKI Theme Components
--------------------------------------------------------------------------------
Update Information:
Update to PKI 10.6.0 Beta 2
--------------------------------------------------------------------------------
================================================================================
gap-pkg-guava-3.14-1.fc28 (FEDORA-2018-53b2583bef)
Computing with error-correcting codes
--------------------------------------------------------------------------------
Update Information:
Changes in version 3.14: - The external binaries from J. S. Leon and Cen Tjhai
can now be used on all architectures (Unix/Linux, MacOS, and Windows) - The bug
fix for MinimumWeight() from 3.13 was not sufficiently well tested... - The
decoding method for cyclic codes fails in certain situations. We are leaving
this as a known bug for the moment. - A bug fix for MinimumDistanceLeon() from
Alex K. - Lots of clean up of the lib files -- removing old comments, obsolete
version strings, leftovers from CVS, etc. - Constructions were added for several
of the optimal codes in the bounds tables that were referenced in the now
defunct online table by Brouwer and Verhoeff.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1560989 - gap-pkg-guava-v3.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1560989
--------------------------------------------------------------------------------
================================================================================
glibc-2.27-8.fc28 (FEDORA-2018-7da76edc12)
The GNU libc libraries
--------------------------------------------------------------------------------
Update Information:
This update incorporates various fixes from the upstream glibc 2.27 branch,
including updated locale definitions for `ca_ES` (RHBZ#1546495).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1546495 - ca_ES: update date definitions from CLDR
https://bugzilla.redhat.com/show_bug.cgi?id=1546495
--------------------------------------------------------------------------------
================================================================================
gnome-software-3.28.0-5.fc28 (FEDORA-2018-df398f7390)
A software center for GNOME
--------------------------------------------------------------------------------
Update Information:
- Fix empty OS Updates showing up - Make rpm-ostree update triggering work
--------------------------------------------------------------------------------
================================================================================
highlight-3.42-1.fc28 (FEDORA-2018-4e6661d114)
Universal source code to formatted text converter
--------------------------------------------------------------------------------
Update Information:
- Updated to new 3.42 upstream version
--------------------------------------------------------------------------------
================================================================================
httpd-2.4.33-1.fc28 (FEDORA-2018-6744ca470d)
Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:
This update includes the latest upstream release of the Apache HTTP Server,
version 2.4.33. A number of security vulnerabilities are fixed in this release:
* *Low*: Possible out of bound read in mod_cache_socache (CVE-2018-1303) *
*Low*: Possible out of bound access after failure in reading the HTTP request
(CVE-2018-1301) * *Low*: Weak Digest auth nonce generation in mod_auth_digest
(CVE-2018-1312) * *Low*: <FilesMatch> bypass with a trailing newline in
the file name (CVE-2017-15715) * *Low*: Out of bound write in mod_authnz_ldap
when using too small Accept-Language values (CVE-2017-15710) * *Moderate*:
Tampering of mod_session data for CGI applications (CVE-2018-1283) For more
information about changes in this release, see:
https://www.apache.org/dist/httpd/CHANGES_2.4.33
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1560174 - httpd-2.4.33 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1560174
[ 2 ] Bug #1560618 - CVE-2017-15715 httpd: <FilesMatch> bypass with a trailing newline in the file name [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560618
[ 3 ] Bug #1560644 - CVE-2018-1301 httpd: Out of bound access after failure in reading the HTTP request [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560644
[ 4 ] Bug #1560635 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in mod_auth_digest [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560635
[ 5 ] Bug #1560400 - CVE-2018-1303 httpd: http: Out of bounds read in mod_cache_socache can allow a remote attacker to cause a denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560400
[ 6 ] Bug #1560396 - CVE-2018-1283 httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560396
[ 7 ] Bug #1560616 - CVE-2017-15710 httpd: Out of bound write in mod_authnz_ldap when using too small Accept-Language values [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560616
--------------------------------------------------------------------------------
================================================================================
ibus-1.5.18-4.fc28 (FEDORA-2018-7442c8ce1c)
Intelligent Input Bus for Linux OS
--------------------------------------------------------------------------------
Update Information:
improve order of unicode matches
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1554714 - improve order of unicode matches
https://bugzilla.redhat.com/show_bug.cgi?id=1554714
--------------------------------------------------------------------------------
================================================================================
jgoodies-common-1.8.1-1.fc28 (FEDORA-2018-a38eb01a35)
Common library shared by JGoodies libraries and applications
--------------------------------------------------------------------------------
Update Information:
* Marked classes ArrayListModel and LinkedListModel as final. * Replaced files
package.html by package-info.java.
--------------------------------------------------------------------------------
================================================================================
krb5-1.16-18.fc28 (FEDORA-2018-a0cb211d9c)
The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:
Fix issue with calling `kdestroy -A` when the ccache is KCM ---- * Enable
SPAKE on clients and servers. In its current form, SPAKE makes brute force
attacks on passwords infeasible and makes Kerberos less reliant on time
synchronization. More information: https://datatracker.ietf.org/doc/draft-ietf-
kitten-krb-spake-preauth/?include_text=1 * Improve protections for internal,
sensitive buffers. * Improve internal hex-encoding/decoding support. ---- -
List preauth types in trace output when known - Add support for pkinit freshness
(rfc8070) - misc bugfixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561917 - kdestroy -A does not work with multiple principals when using KCM
https://bugzilla.redhat.com/show_bug.cgi?id=1561917
[ 2 ] Bug #1540086 - [RFE] make preauth types more descriptive in krb5 trace
https://bugzilla.redhat.com/show_bug.cgi?id=1540086
--------------------------------------------------------------------------------
================================================================================
libid3tag-0.15.1b-27.fc28 (FEDORA-2018-d187b44f75)
ID3 tag manipulation library
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2004-2779 and CVE-2017-11550
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561983 - CVE-2004-2779 libid3tag: id3_utf16_deserialize() misparses ID3v2 tags with an odd number of bytes resulting in an endless loop
https://bugzilla.redhat.com/show_bug.cgi?id=1561983
[ 2 ] Bug #1478934 - CVE-2017-11550 libid3tag: NULL Pointer Dereference in id3_ucs4_length function in ucs4.c
https://bugzilla.redhat.com/show_bug.cgi?id=1478934
--------------------------------------------------------------------------------
================================================================================
libsecret-0.18.6-1.fc28 (FEDORA-2018-5af20cd3ac)
Library for storing and retrieving passwords and other secrets
--------------------------------------------------------------------------------
Update Information:
libsecret 0.18.6 release. * Fix shared key derivation between libsecret and
gnome-keyring [#778357] * Avoid run-time error when gnome-keyring is not
responding [#787391] * Enable cross compilation [#748111] * Port build scripts
to Python 3 [#687637] * Build and test fixes [#767002, #777826, #734630,
#768112] * GI annotation fixes [#785034] * Fix textual typos [#782206, ...] *
Updated translations
--------------------------------------------------------------------------------
================================================================================
lollypop-0.9.403-1.fc28 (FEDORA-2018-6a600adbe1)
Music player for GNOME
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.403 ---- - Update lollypop-portal to 0.9.7
--------------------------------------------------------------------------------
================================================================================
mariadb-10.2.14-1.fc28 (FEDORA-2018-12f271b5a2)
A community developed branch of MySQL
--------------------------------------------------------------------------------
Update Information:
**MariaDB 10.2.14** Release notes:
https://mariadb.com/kb/en/library/mariadb-10214-release-notes/ Maintainer
Update I do now consider Spider storage engine ready to use in Fedora, as I
was finally able to run its testsuite successfully Upstream Warning
Upgrading from earlier 10.2.x versions is highly recommended for all Galera
users due to bug MDEV-12837 which caused serious stability issues with earlier
versions. See the bug issue page for more information.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561251 - mariadb-10.2.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1561251
--------------------------------------------------------------------------------
================================================================================
mariadb-connector-c-3.0.3-3.fc28 (FEDORA-2018-b161e11f7f)
The MariaDB Native Client library (C driver)
--------------------------------------------------------------------------------
Update Information:
Fix of the plugindir
--------------------------------------------------------------------------------
================================================================================
mate-themes-3.22.16-1.fc28 (FEDORA-2018-cb1b196799)
MATE Desktop themes
--------------------------------------------------------------------------------
Update Information:
- update to 3.22.16
--------------------------------------------------------------------------------
================================================================================
mod_http2-1.10.16-1.fc28 (FEDORA-2018-eec13e2e8d)
module implementing HTTP/2 for Apache 2
--------------------------------------------------------------------------------
Update Information:
This update includes the latest upstream release of mod_http2, version 1.10.16.
This includes a security fix (CVE-2018-1302): When an HTTP/2 stream was
destroyed after being handled, mod_http2 could have written a NULL pointer
potentially to an already freed memory. The memory pools maintained by the
server make this vulnerabilty hard to trigger in usual configurations, the
reporter and the team could not reproduce it outside debug builds, so it is
classified as low risk.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561570 - CVE-2018-1302 mod_http2: httpd: Use-after-free on HTTP/2 stream shutdown [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1561570
[ 2 ] Bug #1560627 - CVE-2018-1302 httpd: Use-after-free on HTTP/2 stream shutdown [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560627
--------------------------------------------------------------------------------
================================================================================
nano-2.9.5-1.fc28 (FEDORA-2018-bd7aefcc75)
A small text editor
--------------------------------------------------------------------------------
Update Information:
GNU nano 2.9.5 "Ki��a pada" changes the way the Scroll-Up and Scroll-Down
commands work (M-- and M-+): instead of keeping the cursor in the same screen
position they now keep the cursor in the same text position (if possible). This
version further adds a new color name, "normal", which gives the default
foreground or background color, which is useful when you want to undo some
overzealous painting by earlier syntax regexes.
--------------------------------------------------------------------------------
================================================================================
nvml-1.4-3.fc28 (FEDORA-2018-4f96e400d5)
Persistent Memory Development Kit (former NVML)
--------------------------------------------------------------------------------
Update Information:
update to PMDK version 1.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1539562 - nvml: redhat-rpm-config linker flags not injected into build
https://bugzilla.redhat.com/show_bug.cgi?id=1539562
[ 2 ] Bug #1539564 - nvml: Missing -lpthread for some library links
https://bugzilla.redhat.com/show_bug.cgi?id=1539564
[ 3 ] Bug #1480578 - nvml-1.4-rc4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1480578
--------------------------------------------------------------------------------
================================================================================
openssl-1.1.0h-2.fc28 (FEDORA-2018-49651b2236)
Utilities from the general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:
Minor update to version 1.1.0h.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561260 - CVE-2018-0733 openssl: Implementation bug in PA-RISC CRYPTO_memcmp function allows attackers to forge authenticated messages in a reduced number of attempts
https://bugzilla.redhat.com/show_bug.cgi?id=1561260
[ 2 ] Bug #1561266 - CVE-2018-0739 openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1561266
--------------------------------------------------------------------------------
================================================================================
passwd-0.80-1.fc28 (FEDORA-2018-82b50aece6)
An utility for setting or changing passwords using PAM
--------------------------------------------------------------------------------
Update Information:
Update to **passwd-0.80**
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1293929 - passwd man page is incomplete
https://bugzilla.redhat.com/show_bug.cgi?id=1293929
--------------------------------------------------------------------------------
================================================================================
php-zendframework-zend-diactoros-1.7.1-1.fc28 (FEDORA-2018-c433d8f226)
PSR HTTP Message implementations
--------------------------------------------------------------------------------
Update Information:
**Version 1.7.1** - 2018-02-26 * **Changed** -
[#293](https://github.com/zendframework/zend-diactoros/pull/293) updates
`Uri::getHost()` to cast the value via `strtolower()` before returning it.
While this represents a change, it is fixing a bug in our implementation: the
PSR-7 specification for the method, which follows IETF RFC 3986 section 3.2.2,
requires that the host name be normalized to lowercase. * **Fixed** -
[#290](https://github.com/zendframework/zend-diactoros/pull/290) fixes
`Stream::getSize()` such that it checks that the result of `fstat` was
succesful before attempting to return its `size` member; in the case of an
error, it now returns `null`.
--------------------------------------------------------------------------------
================================================================================
php-zendframework-zend-dom-2.7.0-1.fc28 (FEDORA-2018-39557dac3e)
Zend Framework Dom component
--------------------------------------------------------------------------------
Update Information:
**Version 2.7.0** - 2018-03-27 * **Added** -
[#20](https://github.com/zendframework/zend-dom/pull/4) adds support for
attribute selectors that contain spaces, such as `input[value="Marty McFly"]`.
Previously, spaces within the selector value would result in a query per space-
separated word; they now, correctly, result in a single query for the exact
value. - [#19](https://github.com/zendframework/zend-dom/pull/4) adds
support for PHP versions 7.1 and 7.2. - Adds documentation and publishes it
to https://docs.zendframework.com/zend-dom/ * **Removed** -
[#13](https://github.com/zendframework/zend-dom/pull/4) and
[#19](https://github.com/zendframework/zend-dom/pull/4) remove support for PHP
versions prior to 5.6. - [#13](https://github.com/zendframework/zend-
dom/pull/4) and [#19](https://github.com/zendframework/zend-dom/pull/4) remove
support for HHVM.
--------------------------------------------------------------------------------
================================================================================
pki-console-10.6.0-0.3.fc28 (FEDORA-2018-1270ede284)
Certificate System - PKI Console
--------------------------------------------------------------------------------
Update Information:
Update to PKI 10.6.0 Beta 2
--------------------------------------------------------------------------------
================================================================================
pki-core-10.6.0-0.3.fc28 (FEDORA-2018-1270ede284)
Certificate System - PKI Core Components
--------------------------------------------------------------------------------
Update Information:
Update to PKI 10.6.0 Beta 2
--------------------------------------------------------------------------------
================================================================================
plymouth-0.9.3-5.fc28 (FEDORA-2018-1d88d843bf)
Graphical Boot Animation and Logger
--------------------------------------------------------------------------------
Update Information:
https://src.fedoraproject.org/rpms/plymouth/c/daa9884553360ae7cf21ecddb30e7…
931329?branch=master
--------------------------------------------------------------------------------
================================================================================
podman-0.3.5-1.gitdb6bf9e.fc28 (FEDORA-2018-3c6bce4c98)
Manage Pods, Containers and Container Images
--------------------------------------------------------------------------------
Update Information:
Upstream release 0.3.5
--------------------------------------------------------------------------------
================================================================================
python-social-auth-app-flask-1.0.0-1.fc28 (FEDORA-2018-a083d68bda)
The Flask app component of python-social-auth
--------------------------------------------------------------------------------
Update Information:
The initial python-social-auth packages
--------------------------------------------------------------------------------
================================================================================
python-social-auth-app-flask-sqlalchemy-1.0.1-1.fc28 (FEDORA-2018-a083d68bda)
The Flask app component of python-social-auth with SQLAlchemy integration
--------------------------------------------------------------------------------
Update Information:
The initial python-social-auth packages
--------------------------------------------------------------------------------
================================================================================
python-social-auth-core-1.7.0-1.fc28 (FEDORA-2018-a083d68bda)
The core component of the python-social-auth ecosystem
--------------------------------------------------------------------------------
Update Information:
The initial python-social-auth packages
--------------------------------------------------------------------------------
================================================================================
python-social-auth-storage-sqlalchemy-1.1.0-1.fc28 (FEDORA-2018-a083d68bda)
The SQLAlchemy storage component of python-social-auth
--------------------------------------------------------------------------------
Update Information:
The initial python-social-auth packages
--------------------------------------------------------------------------------
================================================================================
python37-3.7.0-0.14.b3.fc28 (FEDORA-2018-53b3891e8d)
Version 3.7 of the Python interpreter
--------------------------------------------------------------------------------
Update Information:
Update to 3.7.0b3
--------------------------------------------------------------------------------
================================================================================
salt-2017.7.5-1.fc28 (FEDORA-2018-ee16b473ba)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Update to feature release 2017.7.5-1 for Python 2
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.14.1-19.fc28 (FEDORA-2018-234de0ee13)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1063900
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561304 - SELinux is preventing accounts-daemon from using the 'dac_override' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1561304
[ 2 ] Bug #1561467 - SELinux is preventing abrt-hook-ccpp from using the 'dac_override' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1561467
[ 3 ] Bug #1561053 - SELinux is preventing cockpit-ws read access on cpuinfo
https://bugzilla.redhat.com/show_bug.cgi?id=1561053
--------------------------------------------------------------------------------
================================================================================
skopeo-0.1.29-1.git7add6fc.fc28 (FEDORA-2018-a0399ca7a2)
Inspect Docker images and repositories on registries
--------------------------------------------------------------------------------
Update Information:
docker-archive generates docker legacy compatible images Do not create
$DiffID subdirectories for layers with no configs Ensure the layer IDs in
legacy docker/tarfile metadata are unique docker-archive: repeated layers
are symlinked in the tar file sysregistries: remove all trailing slashes
Improve docker/* error messages Fix failure to make auth directory
Create a new slice in Schema1.UpdateLayerInfos Drop unused
storageImageDestination.{image,systemContext} Load a *storage.Image only
once in storageImageSource Support gzip for docker-archive files Remove
.tar extension from blob and config file names ostree, src: support copy of
compressed layers ostree: re-pull layer if it misses
uncompressed_digest|uncompressed_size image: fix docker schema v1 -> OCI
conversion Add /etc/containers/certs.d as default certs directory
--------------------------------------------------------------------------------
================================================================================
sqlitebrowser-3.10.1-5.fc28 (FEDORA-2018-66ee458330)
Create, design, and edit SQLite database files
--------------------------------------------------------------------------------
Update Information:
This update fixes an issue where the sqlitebrowser application could not be
minimized when using certain desktop environments, among which gnome shell.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561976 - Unable to minimize and to switch workspaces
https://bugzilla.redhat.com/show_bug.cgi?id=1561976
--------------------------------------------------------------------------------
================================================================================
uwsgi-2.0.16-1.fc28 (FEDORA-2018-81823acb6d)
Fast, self-healing, application container server
--------------------------------------------------------------------------------
Update Information:
- Disable tcp_wrapper support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1518795 - [F28 change] uwsgi should not require tcp_wrappers
https://bugzilla.redhat.com/show_bug.cgi?id=1518795
--------------------------------------------------------------------------------
The following Fedora 27 Security updates need testing:
Age URL
41 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27
27 https://bodhi.fedoraproject.org/updates/FEDORA-2018-52d79f4f36 dovecot-2.2.34-1.fc27
23 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e38f759144 python-bleach-2.1.3-1.fc27
23 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8ff86925c3 memcached-1.5.6-1.fc27
16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c923533479 webkitgtk4-2.20.0-1.fc27
12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7c2e0a998d acpica-tools-20180209-1.fc27
12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ad652798b8 mosquitto-1.4.15-1.fc27
10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-50f0da5d38 tomcat-8.0.50-1.fc27
9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-223d8fc52a java-1.8.0-openjdk-aarch32-1.8.0.161-1.180220.fc27
6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c442aad4dc exempi-2.4.5-1.fc27
3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2f9d3604d6 librelp-1.2.15-1.fc27
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1217b02061 bchunk-1.2.2-1.fc27
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-12f92ff831 php-7.1.16-1.fc27
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ecf73042e3 libuv-1.19.2-1.fc27 nodejs-8.11.0-1.fc27
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-143886fdbd drupal7-7.58-1.fc27
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6e6d8c314b drupal8-8.4.6-1.fc27
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e06468b832 libid3tag-0.15.1b-25.fc27
The following Fedora 27 Critical Path updates have yet to be approved:
Age URL
27 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1c31f1eccd iptables-1.6.2-2.fc27 libnftnl-1.0.9-2.fc27 nftables-0.8.2-2.fc27
16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c923533479 webkitgtk4-2.20.0-1.fc27
12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-55a6726164 PackageKit-1.1.9-2.fc27 gnome-software-3.28.0-4.fc27 libappstream-glib-0.7.7-2.fc27
9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-95dac71a1c pcre-8.42-1.fc27
9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e344a6d79b xfce4-settings-4.12.3-1.fc27
7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-adbc1da28c pcre2-10.31-4.fc27
6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c442aad4dc exempi-2.4.5-1.fc27
2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3255279d3d satyr-0.25-2.fc27
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4e2a6c0c93 libtirpc-1.0.3-1.fc27
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7128949eb5 enca-1.19-1.fc27
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-26de7be74c libreport-2.9.3-3.fc27
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2d1858d4d1 passwd-0.80-1.fc27
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6900d92768 publicsuffix-list-20180328-1.fc27
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-13dc9b1bf6 exo-0.12.0-3.fc27 xfce4-screenshooter-1.9.1-1.fc27
The following builds have been pushed to Fedora 27 updates-testing
amarok-2.9.0-1.fc27
ansifilter-2.10-1.fc27
dmlite-1.10.1-3.fc27
highlight-3.42-1.fc27
httpd-2.4.33-1.fc27
jgoodies-common-1.8.1-1.fc27
kernel-4.15.14-300.fc27
krb5-1.15.2-8.fc27
lollypop-0.9.403-1.fc27
mariadb-10.2.14-1.fc27
mate-themes-3.22.16-1.fc27
mod_http2-1.10.16-1.fc27
openssl-1.1.0h-1.fc27
podman-0.3.5-1.gitdb6bf9e.fc27
python-entrypoints-0.2.3-5.fc27
python37-3.7.0-0.14.b3.fc27
salt-2017.7.5-1.fc27
selinux-policy-3.13.1-283.30.fc27
shotwell-0.28.1-1.fc27
skopeo-0.1.29-1.git7add6fc.fc27
sqlitebrowser-3.10.1-5.fc27
Details about builds:
================================================================================
amarok-2.9.0-1.fc27 (FEDORA-2018-3d0fab95b6)
Media player
--------------------------------------------------------------------------------
Update Information:
New upstream release, includes many bugfixes and improvements, see also:
https://amarok.kde.org/en/node/888
--------------------------------------------------------------------------------
================================================================================
ansifilter-2.10-1.fc27 (FEDORA-2018-00436eefa8)
ANSI terminal escape code converter
--------------------------------------------------------------------------------
Update Information:
- Updated to new 2.10 upstream version, fixes rhbz #1552957
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1552957 - ansifilter-2.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1552957
--------------------------------------------------------------------------------
================================================================================
dmlite-1.10.1-3.fc27 (FEDORA-2018-0658b1d4ef)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
dmlite 1.10 is a major update to DPM internals including Dome. ---- dmlite
1.10 is a major update to DPM internals including Dome. ---- dmlite 1.10 is a
major update to DPM internals including Dome. ---- * new upstream release
--------------------------------------------------------------------------------
================================================================================
highlight-3.42-1.fc27 (FEDORA-2018-7df97ca3e3)
Universal source code to formatted text converter
--------------------------------------------------------------------------------
Update Information:
- Updated to new 3.42 upstream version
--------------------------------------------------------------------------------
================================================================================
httpd-2.4.33-1.fc27 (FEDORA-2018-375e3244b6)
Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:
This update includes the latest upstream release of the Apache HTTP Server,
version 2.4.33. A number of security vulnerabilities are fixed in this release:
* *Low*: Possible out of bound read in mod_cache_socache (CVE-2018-1303) *
*Low*: Possible out of bound access after failure in reading the HTTP request
(CVE-2018-1301) * *Low*: Weak Digest auth nonce generation in mod_auth_digest
(CVE-2018-1312) * *Low*: <FilesMatch> bypass with a trailing newline in
the file name (CVE-2017-15715) * *Low*: Out of bound write in mod_authnz_ldap
when using too small Accept-Language values (CVE-2017-15710) * *Moderate*:
Tampering of mod_session data for CGI applications (CVE-2018-1283) For more
information about changes in this release, see:
https://www.apache.org/dist/httpd/CHANGES_2.4.33
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1560174 - httpd-2.4.33 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1560174
[ 2 ] Bug #1560618 - CVE-2017-15715 httpd: <FilesMatch> bypass with a trailing newline in the file name [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560618
[ 3 ] Bug #1560644 - CVE-2018-1301 httpd: Out of bound access after failure in reading the HTTP request [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560644
[ 4 ] Bug #1560635 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in mod_auth_digest [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560635
[ 5 ] Bug #1560400 - CVE-2018-1303 httpd: http: Out of bounds read in mod_cache_socache can allow a remote attacker to cause a denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560400
[ 6 ] Bug #1560396 - CVE-2018-1283 httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560396
[ 7 ] Bug #1560616 - CVE-2017-15710 httpd: Out of bound write in mod_authnz_ldap when using too small Accept-Language values [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560616
--------------------------------------------------------------------------------
================================================================================
jgoodies-common-1.8.1-1.fc27 (FEDORA-2018-12b3bd191c)
Common library shared by JGoodies libraries and applications
--------------------------------------------------------------------------------
Update Information:
* Marked classes ArrayListModel and LinkedListModel as final. * Replaced files
package.html by package-info.java.
--------------------------------------------------------------------------------
================================================================================
kernel-4.15.14-300.fc27 (FEDORA-2018-7802740586)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.15.14 update contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1558977 - NFS mounts failing when keytab present
https://bugzilla.redhat.com/show_bug.cgi?id=1558977
--------------------------------------------------------------------------------
================================================================================
krb5-1.15.2-8.fc27 (FEDORA-2018-04d2f01b78)
The Kerberos network authentication system
--------------------------------------------------------------------------------
Update Information:
Fix issue with calling `kdestroy -A` when the ccache is KCM
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561917 - kdestroy -A does not work with multiple principals when using KCM
https://bugzilla.redhat.com/show_bug.cgi?id=1561917
--------------------------------------------------------------------------------
================================================================================
lollypop-0.9.403-1.fc27 (FEDORA-2018-41027994c7)
Music player for GNOME
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.403 ---- - Update lollypop-portal to 0.9.7 ---- Update to
0.9.402 ---- Update to 0.9.401 ---- Update to 0.9.400
--------------------------------------------------------------------------------
================================================================================
mariadb-10.2.14-1.fc27 (FEDORA-2018-dd7f4bd9d5)
A community developed branch of MySQL
--------------------------------------------------------------------------------
Update Information:
**MariaDB 10.2.14** Release notes:
https://mariadb.com/kb/en/library/mariadb-10214-release-notes/ Maintainer
Update I do now consider Spider storage engine ready to use in Fedora, as I
was finally able to run its testsuite successfully Upstream Warning
Upgrading from earlier 10.2.x versions is highly recommended for all Galera
users due to bug MDEV-12837 which caused serious stability issues with earlier
versions. See the bug issue page for more information.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561251 - mariadb-10.2.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1561251
--------------------------------------------------------------------------------
================================================================================
mate-themes-3.22.16-1.fc27 (FEDORA-2018-f36a0bbffd)
MATE Desktop themes
--------------------------------------------------------------------------------
Update Information:
- update to 3.22.16
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1559045 - gtk+ "Foreign drawing" broken under MATE
https://bugzilla.redhat.com/show_bug.cgi?id=1559045
--------------------------------------------------------------------------------
================================================================================
mod_http2-1.10.16-1.fc27 (FEDORA-2018-0a95bff197)
module implementing HTTP/2 for Apache 2
--------------------------------------------------------------------------------
Update Information:
This update includes the latest upstream release of mod_http2, version 1.10.16.
This includes a security fix (CVE-2018-1302): When an HTTP/2 stream was
destroyed after being handled, mod_http2 could have written a NULL pointer
potentially to an already freed memory. The memory pools maintained by the
server make this vulnerabilty hard to trigger in usual configurations, the
reporter and the team could not reproduce it outside debug builds, so it is
classified as low risk.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561570 - CVE-2018-1302 mod_http2: httpd: Use-after-free on HTTP/2 stream shutdown [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1561570
[ 2 ] Bug #1560627 - CVE-2018-1302 httpd: Use-after-free on HTTP/2 stream shutdown [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560627
--------------------------------------------------------------------------------
================================================================================
openssl-1.1.0h-1.fc27 (FEDORA-2018-76afaf1961)
Utilities from the general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:
Minor update to version 1.1.0h.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561260 - CVE-2018-0733 openssl: Implementation bug in PA-RISC CRYPTO_memcmp function allows attackers to forge authenticated messages in a reduced number of attempts
https://bugzilla.redhat.com/show_bug.cgi?id=1561260
[ 2 ] Bug #1561266 - CVE-2018-0739 openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1561266
--------------------------------------------------------------------------------
================================================================================
podman-0.3.5-1.gitdb6bf9e.fc27 (FEDORA-2018-fcedb23729)
Manage Pods, Containers and Container Images
--------------------------------------------------------------------------------
Update Information:
Upstream release 0.3.5
--------------------------------------------------------------------------------
================================================================================
python-entrypoints-0.2.3-5.fc27 (FEDORA-2018-13b54a0aba)
Discover and load entry points from installed packages
--------------------------------------------------------------------------------
Update Information:
provide dist-info
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1530098 - entrypoints version issue
https://bugzilla.redhat.com/show_bug.cgi?id=1530098
--------------------------------------------------------------------------------
================================================================================
python37-3.7.0-0.14.b3.fc27 (FEDORA-2018-5462c32db4)
Version 3.7 of the Python interpreter
--------------------------------------------------------------------------------
Update Information:
Update to 3.7.0b3
--------------------------------------------------------------------------------
================================================================================
salt-2017.7.5-1.fc27 (FEDORA-2018-c4cdd53a52)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Update to feature release 2017.7.5-1 for Python 2 ---- Update to feature
release 2017.7.4
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.13.1-283.30.fc27 (FEDORA-2018-b3791c3118)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1063903
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561755 - SELinux is preventing sh from 'connectto' accesses on the unix_stream_socket /var/lib/sss/pipes/nss.
https://bugzilla.redhat.com/show_bug.cgi?id=1561755
[ 2 ] Bug #1561295 - SELinux is preventing postmap from read, write access on the chr_file /dev/pts/6.
https://bugzilla.redhat.com/show_bug.cgi?id=1561295
[ 3 ] Bug #1560816 - SELinux is preventing mdadm from 'read' accesses on the blk_file md0p1.
https://bugzilla.redhat.com/show_bug.cgi?id=1560816
[ 4 ] Bug #1501331 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1501331
--------------------------------------------------------------------------------
================================================================================
shotwell-0.28.1-1.fc27 (FEDORA-2018-4a0f4e66af)
A photo organizer for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
shotwell 0.28.1 release, with a number of bug fixes and translation updates
compared to the previous 0.27.x releases in Fedora 27. For details, see
https://mail.gnome.org/archives/ftp-release-list/2018-March/msg00231.html
--------------------------------------------------------------------------------
================================================================================
skopeo-0.1.29-1.git7add6fc.fc27 (FEDORA-2018-e98514e9ae)
Inspect Docker images and repositories on registries
--------------------------------------------------------------------------------
Update Information:
docker-archive generates docker legacy compatible images Do not create
$DiffID subdirectories for layers with no configs Ensure the layer IDs in
legacy docker/tarfile metadata are unique docker-archive: repeated layers
are symlinked in the tar file sysregistries: remove all trailing slashes
Improve docker/* error messages Fix failure to make auth directory
Create a new slice in Schema1.UpdateLayerInfos Drop unused
storageImageDestination.{image,systemContext} Load a *storage.Image only
once in storageImageSource Support gzip for docker-archive files Remove
.tar extension from blob and config file names ostree, src: support copy of
compressed layers ostree: re-pull layer if it misses
uncompressed_digest|uncompressed_size image: fix docker schema v1 -> OCI
conversion Add /etc/containers/certs.d as default certs directory
--------------------------------------------------------------------------------
================================================================================
sqlitebrowser-3.10.1-5.fc27 (FEDORA-2018-94adafd7b5)
Create, design, and edit SQLite database files
--------------------------------------------------------------------------------
Update Information:
This update fixes an issue where the sqlitebrowser application could not be
minimized when using certain desktop environments, among which gnome shell.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561976 - Unable to minimize and to switch workspaces
https://bugzilla.redhat.com/show_bug.cgi?id=1561976
--------------------------------------------------------------------------------
The following Fedora 26 Security updates need testing:
Age URL
246 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26
77 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26
65 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef squid-4.0.23-1.fc26
40 https://bodhi.fedoraproject.org/updates/FEDORA-2018-db5041e661 bro-2.5.3-1.fc26
27 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c967cee830 dovecot-2.2.34-1.fc26
23 https://bodhi.fedoraproject.org/updates/FEDORA-2018-122ea355a7 memcached-1.4.39-2.fc26
16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-505e83d30e webkitgtk4-2.20.0-1.fc26
12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e03a17fa61 mosquitto-1.4.15-1.fc26
10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a233dae4ab tomcat-8.0.50-1.fc26
6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5673d070df ImageMagick-6.9.9.38-1.fc26 rubygem-rmagick-2.16.0-15.fc26
6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-010396b4a2 chromium-65.0.3325.181-1.fc26
6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-43541091ab libvncserver-0.9.11-3.fc26
3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6f2df5ab6c librelp-1.2.15-1.fc26
3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-331af74020 gd-2.2.5-2.fc26
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d5aa3e1d90 bchunk-1.2.2-1.fc26
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c71dd2e199 php-7.1.16-1.fc26
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a61baabbac firefox-59.0.2-1.fc26
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e672eaf4df nodejs-6.14.0-1.fc26
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d8269e4262 drupal7-7.58-1.fc26
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-922cc2fbaa drupal8-8.3.9-1.fc26
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-02c0e3725e mariadb-10.1.32-1.fc26
The following Fedora 26 Critical Path updates have yet to be approved:
Age URL
43 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a iproute-4.14.1-5.fc26
16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-505e83d30e webkitgtk4-2.20.0-1.fc26
9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a37f6f92f7 pcre-8.42-1.fc26
9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0ecf7675fc xfce4-settings-4.12.3-1.fc26
7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-98ca353528 libdrm-2.4.91-1.fc26
4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ab61ad2e1b osinfo-db-20180325-1.fc26
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-005f7a449e enca-1.19-1.fc26
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d4cacdf9bc rpm-4.13.1-1.fc26
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26
1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a61baabbac firefox-59.0.2-1.fc26
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-58a96b7680 passwd-0.80-1.fc26
0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-803beecbda publicsuffix-list-20180328-1.fc26
The following builds have been pushed to Fedora 26 updates-testing
amarok-2.9.0-1.fc26
ansifilter-2.10-1.fc26
dmlite-1.10.1-3.fc26
highlight-3.42-1.fc26
httpd-2.4.33-1.fc26
jgoodies-common-1.8.1-1.fc26
kernel-4.15.14-200.fc26
lollypop-0.9.403-1.fc26
mate-themes-3.22.16-1.fc26
mod_http2-1.10.16-1.fc26
openssl-1.1.0h-1.fc26
salt-2017.7.5-1.fc26
Details about builds:
================================================================================
amarok-2.9.0-1.fc26 (FEDORA-2018-537a1b8cd0)
Media player
--------------------------------------------------------------------------------
Update Information:
New upstream release, includes many bugfixes and improvements, see also:
https://amarok.kde.org/en/node/888
--------------------------------------------------------------------------------
================================================================================
ansifilter-2.10-1.fc26 (FEDORA-2018-e28a509cef)
ANSI terminal escape code converter
--------------------------------------------------------------------------------
Update Information:
- Updated to new 2.10 upstream version, fixes rhbz #1552957
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1552957 - ansifilter-2.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1552957
--------------------------------------------------------------------------------
================================================================================
dmlite-1.10.1-3.fc26 (FEDORA-2018-a4034d84bd)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
dmlite 1.10 is a major update to DPM internals including Dome. ---- dmlite
1.10 is a major update to DPM internals including Dome. ---- dmlite 1.10 is a
major update to DPM internals including Dome. ---- * new upstream release
--------------------------------------------------------------------------------
================================================================================
highlight-3.42-1.fc26 (FEDORA-2018-2ef5c8a9a6)
Universal source code to formatted text converter
--------------------------------------------------------------------------------
Update Information:
- Updated to new 3.42 upstream version
--------------------------------------------------------------------------------
================================================================================
httpd-2.4.33-1.fc26 (FEDORA-2018-22b25bab31)
Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:
This update includes the latest upstream release of the Apache HTTP Server,
version 2.4.33. A number of security vulnerabilities are fixed in this release:
* *Low*: Possible out of bound read in mod_cache_socache (CVE-2018-1303) *
*Low*: Possible out of bound access after failure in reading the HTTP request
(CVE-2018-1301) * *Low*: Weak Digest auth nonce generation in mod_auth_digest
(CVE-2018-1312) * *Low*: <FilesMatch> bypass with a trailing newline in
the file name (CVE-2017-15715) * *Low*: Out of bound write in mod_authnz_ldap
when using too small Accept-Language values (CVE-2017-15710) * *Moderate*:
Tampering of mod_session data for CGI applications (CVE-2018-1283) For more
information about changes in this release, see:
https://www.apache.org/dist/httpd/CHANGES_2.4.33
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1560174 - httpd-2.4.33 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1560174
[ 2 ] Bug #1560618 - CVE-2017-15715 httpd: <FilesMatch> bypass with a trailing newline in the file name [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560618
[ 3 ] Bug #1560644 - CVE-2018-1301 httpd: Out of bound access after failure in reading the HTTP request [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560644
[ 4 ] Bug #1560635 - CVE-2018-1312 httpd: Weak Digest auth nonce generation in mod_auth_digest [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560635
[ 5 ] Bug #1560400 - CVE-2018-1303 httpd: http: Out of bounds read in mod_cache_socache can allow a remote attacker to cause a denial of service [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560400
[ 6 ] Bug #1560396 - CVE-2018-1283 httpd: Improper handling of headers in mod_session can allow a remote user to modify session data for CGI applications [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560396
[ 7 ] Bug #1560616 - CVE-2017-15710 httpd: Out of bound write in mod_authnz_ldap when using too small Accept-Language values [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560616
--------------------------------------------------------------------------------
================================================================================
jgoodies-common-1.8.1-1.fc26 (FEDORA-2018-ea73b77275)
Common library shared by JGoodies libraries and applications
--------------------------------------------------------------------------------
Update Information:
* Marked classes ArrayListModel and LinkedListModel as final. * Replaced files
package.html by package-info.java.
--------------------------------------------------------------------------------
================================================================================
kernel-4.15.14-200.fc26 (FEDORA-2018-18754260e4)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.15.14 update contains a number of important fixes across the tree. ----
The 4.15.13 update contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1558977 - NFS mounts failing when keytab present
https://bugzilla.redhat.com/show_bug.cgi?id=1558977
[ 2 ] Bug #1511786 - 4.13+ kernels (nouveau) don't provide nv_backlight
https://bugzilla.redhat.com/show_bug.cgi?id=1511786
--------------------------------------------------------------------------------
================================================================================
lollypop-0.9.403-1.fc26 (FEDORA-2018-84507d1bcc)
Music player for GNOME
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.403 ---- - Update lollypop-portal to 0.9.7 ---- Update to
0.9.402 ---- Update to 0.9.401 ---- Update to 0.9.400
--------------------------------------------------------------------------------
================================================================================
mate-themes-3.22.16-1.fc26 (FEDORA-2018-efec265fdf)
MATE Desktop themes
--------------------------------------------------------------------------------
Update Information:
- update to 3.22.16
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1559045 - gtk+ "Foreign drawing" broken under MATE
https://bugzilla.redhat.com/show_bug.cgi?id=1559045
--------------------------------------------------------------------------------
================================================================================
mod_http2-1.10.16-1.fc26 (FEDORA-2018-6855fa237d)
module implementing HTTP/2 for Apache 2
--------------------------------------------------------------------------------
Update Information:
This update includes the latest upstream release of mod_http2, version 1.10.16.
This includes a security fix (CVE-2018-1302): When an HTTP/2 stream was
destroyed after being handled, mod_http2 could have written a NULL pointer
potentially to an already freed memory. The memory pools maintained by the
server make this vulnerabilty hard to trigger in usual configurations, the
reporter and the team could not reproduce it outside debug builds, so it is
classified as low risk.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561570 - CVE-2018-1302 mod_http2: httpd: Use-after-free on HTTP/2 stream shutdown [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1561570
[ 2 ] Bug #1560627 - CVE-2018-1302 httpd: Use-after-free on HTTP/2 stream shutdown [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1560627
--------------------------------------------------------------------------------
================================================================================
openssl-1.1.0h-1.fc26 (FEDORA-2018-40dc8b8b16)
Utilities from the general purpose cryptography library with TLS implementation
--------------------------------------------------------------------------------
Update Information:
Minor update to version 1.1.0h.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1561260 - CVE-2018-0733 openssl: Implementation bug in PA-RISC CRYPTO_memcmp function allows attackers to forge authenticated messages in a reduced number of attempts
https://bugzilla.redhat.com/show_bug.cgi?id=1561260
[ 2 ] Bug #1561266 - CVE-2018-0739 openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1561266
--------------------------------------------------------------------------------
================================================================================
salt-2017.7.5-1.fc26 (FEDORA-2018-24642bfc00)
A parallel remote execution system
--------------------------------------------------------------------------------
Update Information:
Update to feature release 2017.7.5-1 for Python 2 ---- Update to feature
release 2017.7.4
--------------------------------------------------------------------------------