The following Fedora 26 Security updates need testing: Age URL 146 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bf5a0ce01 python-XStatic-jquery-ui-1.12.0.1-2.fc26 85 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2522df3526 nodejs-brace-expansion-1.1.7-1.fc26 48 https://bodhi.fedoraproject.org/updates/FEDORA-2017-690a2548ba openvswitch-2.7.1-2.fc26 40 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1c053de325 memcached-1.4.39-1.fc26 36 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 18 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d4248ba346 botan-1.10.16-1.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab0def38cd tomcat-8.0.46-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0fbd57c134 drupal8-8.3.7-1.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3ae21f2324 copr-dist-git-0.36-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f27031c8f ImageMagick-6.9.9.9-1.fc26 WindowMaker-0.95.8-3.fc26 autotrace-0.31.1-49.fc26 converseen-0.9.6.2-3.fc26 dmtx-utils-0.7.4-4.fc26 drawtiming-0.7.1-22.fc26 emacs-25.2-5.fc26 gtatool-2.2.0-6.fc26 imageinfo-0.05-27.fc26 inkscape-0.92.1-4.20170510bzr15686.fc26.1 k3d-0.8.0.6-8.fc26 kxstitch-1.2.0-9.fc26 perl-Image-SubImageFind-0.03-13.fc26 pfstools-2.0.6-3.fc26 php-pecl-imagick-3.4.3-2.fc26 psiconv-0.9.8-22.fc26 q-7.11-29.fc26 ripright-0.11-5.fc26 rss-glx-0.9.1.p-29.fc26.1 rubygem-rmagick-2.16.0-4.fc26.2 synfig-1.2.0-9.fc26.1 synfigstudio-1.2.0-5.fc26 techne-0.2.3-20.fc26 vdr-scraper2vdr-1.0.5-4.20170611git254122b.fc26 vips-8.5.7-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-382c240580 mbedtls-2.6.0-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7cc0e6a5f5 gd-2.2.5-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2d4ead8da9 libidn2-2.0.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe4f93fde4 mingw-libidn2-2.0.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b7f1197c23 xen-4.8.1-8.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-06cace06ce mingw-openjpeg2-2.2.0-2.fc26 openjpeg2-2.2.0-2.fc26
The following Fedora 26 Critical Path updates have yet to be approved: Age URL 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-68611800c4 gnutls-3.5.15-1.fc26 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-24dcbfa22d pungi-4.1.17-4.fc26 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d119cd8c3f sddm-0.14.0-14.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b4e5e30f42 appstream-data-26-15.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-06cace06ce mingw-openjpeg2-2.2.0-2.fc26 openjpeg2-2.2.0-2.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b7f1197c23 xen-4.8.1-8.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2d4ead8da9 libidn2-2.0.4-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e4a31c3222 libblockdev-2.12-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-40a1119767 sqlite-3.20.1-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d0478b3eea pango-1.40.11-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-103e80de0b glibc-2.25-10.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-59962d8ed3 gnome-settings-daemon-3.24.3-3.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f27031c8f ImageMagick-6.9.9.9-1.fc26 WindowMaker-0.95.8-3.fc26 autotrace-0.31.1-49.fc26 converseen-0.9.6.2-3.fc26 dmtx-utils-0.7.4-4.fc26 drawtiming-0.7.1-22.fc26 emacs-25.2-5.fc26 gtatool-2.2.0-6.fc26 imageinfo-0.05-27.fc26 inkscape-0.92.1-4.20170510bzr15686.fc26.1 k3d-0.8.0.6-8.fc26 kxstitch-1.2.0-9.fc26 perl-Image-SubImageFind-0.03-13.fc26 pfstools-2.0.6-3.fc26 php-pecl-imagick-3.4.3-2.fc26 psiconv-0.9.8-22.fc26 q-7.11-29.fc26 ripright-0.11-5.fc26 rss-glx-0.9.1.p-29.fc26.1 rubygem-rmagick-2.16.0-4.fc26.2 synfig-1.2.0-9.fc26.1 synfigstudio-1.2.0-5.fc26 techne-0.2.3-20.fc26 vdr-scraper2vdr-1.0.5-4.20170611git254122b.fc26 vips-8.5.7-2.fc26
The following builds have been pushed to Fedora 26 updates-testing
ImageMagick-6.9.9.9-1.fc26 R-base64enc-0.1.3-1.fc26 R-highr-0.6-2.fc26 R-jpeg-0.1.8-3.fc26 R-mime-0.5-1.fc26 R-pbdRPC-0.1.1-7.fc26 R-png-0.1.7-3.fc26 R-stringi-1.1.5-1.fc26 R-uuid-0.1.2-2.fc26 R-withr-2.0.0-2.fc26 R-yaml-2.1.14-2.fc26 Rex-1.5.0-2.fc26 WindowMaker-0.95.8-3.fc26 appstream-data-26-15.fc26 arc-theme-20170302-7.fc26 arduino-1.8.4-1.fc26 arduino-builder-1.3.25-1.fc26 arduino-listSerialPortsC-1.4.0-1.fc26 atomic-1.19.1-2.fc26 autotrace-0.31.1-49.fc26 babl-0.1.30-1.fc26 banshee-2.6.2-25.fc26 bugzilla-5.0.3-6.fc26 caja-1.18.4-2.fc26 chromium-60.0.3112.113-1.fc26 ckeditor-4.7.2-1.fc26 clinfo-2.2.17.08.25-1.fc26 compat-ImageMagick693-6.9.3.10-1.fc26 conda-4.3.24-3.fc26 converseen-0.9.6.2-3.fc26 dmtx-utils-0.7.4-4.fc26 dovecot-2.2.32-2.fc26 drawtiming-0.7.1-22.fc26 duply-2.0.3-2.fc26 emacs-25.2-5.fc26 erlang-chronos-0.5.1-1.fc26 erlang-hyper-0-0.1.20161011git4b1abc4.fc26 erlang-riak_kv-2.1.8-1.fc26 erlang-riak_search-2.1.7-1.fc26 erlang-stdlib2-0-0.1.20170810git5ccd9b2.fc26 fence-agents-4.0.24-8.fc26 flatcam-8.5-7.20170701gita9a4ec75db12.fc26 foo2zjs-0.20170412-5.fc26 gd-2.2.5-1.fc26 gdeploy-2.0.2-14.fc26 gegl03-0.3.20-1.fc26 ghc-attoparsec-iso8601-1.0.0.0-1.fc26 ghc-base-orphans-0.6-1.fc26 ghc-bencode-0.6.0.0-4.fc26 ghc-disk-free-space-0.1.0.1-4.fc26 ghc-dns-2.0.10-2.fc26 ghc-email-validate-2.3.1-1.fc26 ghc-fdo-notify-0.3.1-7.fc26 ghc-foundation-0.0.13-3.fc26 ghc-generic-deriving-1.11.2-3.fc26 ghc-magic-1.1-4.fc26 ghc-microlens-0.4.8.1-2.fc26 ghc-mountpoints-1.0.2-4.fc26 ghc-network-info-0.2.0.8-6.fc26 ghc-network-multicast-0.2.0-1.fc26 ghc-resource-pool-0.2.3.2-7.fc26 ghc-silently-1.2.5-4.fc26 ghc-skein-1.0.9.4-4.fc26 ghc-terminal-size-0.3.2.1-4.fc26 ghc-th-abstraction-0.2.5.0-1.fc26 ghc-uri-bytestring-0.2.3.3-2.fc26 ghc-xml-hamlet-0.4.1-1.fc26 glibc-2.25-10.fc26 gnome-photos-3.24.3-1.fc26 gnome-settings-daemon-3.24.3-3.fc26 gnome-shell-extension-sustmi-3.0-15.git.e3def68.fc26 golang-github-cheggaaa-pb-1.0.12-0.1.git9a180eb.fc26 golang-github-gdamore-tcell-0-0.1.20170807gitd55f61c.fc26 google-noto-emoji-fonts-20170827-1.fc26 gtatool-2.2.0-6.fc26 httpie-0.9.4-9.fc26 httrack-3.49.2-1.fc26 hwinfo-21.47-2.fc26 imageinfo-0.05-27.fc26 inkscape-0.92.1-4.20170510bzr15686.fc26.1 java-1.8.0-openjdk-1.8.0.144-5.b01.fc26 jbuilder-1.0-0.3.beta12.fc26 k3d-0.8.0.6-8.fc26 kdevelop-5.1.2-1.fc26 kdevelop-php-5.1.2-1.fc26 kdevelop-python-5.1.2-1.py3.fc26 kdevplatform-5.1.2-1.fc26 krita-3.2.1-1.fc26 kxstitch-1.2.0-9.fc26 libarcus-2.7.0-1.fc26 libblockdev-2.12-1.fc26 libidn2-2.0.4-1.fc26 libjson-rpc-cpp-1.0.0-1.fc26 liblayout-0.2.10-14.fc26 libmseed-2.19.4-4.fc26 libqxp-0.0.0-1.fc26 libreoffice-5.3.6.1-1.fc26 librep-0.92.7-1.fc26 libsavitar-2.7.0-1.fc26 libx86emu-1.11-2.fc26 logwatch-7.4.3-6.fc26 lshw-B.02.18-11.fc26 mbedtls-2.6.0-1.fc26 mg-20170828-1.fc26 mingw-libidn2-2.0.4-1.fc26 mingw-openjpeg2-2.2.0-2.fc26 moarvm-0.2017.08.1-1.fc26 nfs-ganesha-2.5.2-1.fc26 no-more-secrets-0.3.2-3.fc26 nqp-0.0.2017.08-1.fc26 ocaml-cudf-0.9-1.fc26 ocaml-fileutils-0.5.1-4.fc26 ocaml-gettext-0.3.5-10.fc26.1 ocaml-opam-file-format-2.0.0-0.2.beta3.fc26 openjpeg2-2.2.0-2.fc26 openmsx-0.14.0-1.fc26 pango-1.40.11-3.fc26 pentaho-reporting-flow-engine-0.9.4-14.fc26 perl-Exporter-Easy-0.18-2.fc26 perl-Image-SubImageFind-0.03-13.fc26 perl-Imager-1.006-1.fc26 pfstools-2.0.6-3.fc26 php-7.1.9-1.fc26 php-PHPMailer-5.2.25-1.fc26 php-behat-gherkin-4.4.5-1.fc26 php-codeception-verify-0.4.0-1.fc26 php-consolidation-annotated-command-2.4.13-1.fc26 php-consolidation-log-1.0.3-2.fc26 php-consolidation-output-formatters-3.1.11-1.fc26 php-dflydev-dot-access-data-1.1.0-2.fc26 php-flow-jsonpath-0.3.4-1.fc26 php-henrikbjorn-lurker-1.2.0-1.fc26 php-horde-Horde-Compress-2.2.1-1.fc26 php-horde-Horde-Core-2.30.2-1.fc26 php-horde-Horde-Date-2.4.1-1.fc26 php-horde-Horde-Imap-Client-2.29.15-1.fc26 php-horde-Horde-Mime-Viewer-2.2.2-1.fc26 php-jakubledl-dissect-1.0.1-1.fc26 php-latte-2.4.6-1.fc26 php-league-container-2.4.1-1.fc26 php-nette-application-2.4.9-1.fc26 php-nette-bootstrap-2.4.5-1.fc26 php-nette-caching-2.5.5-1.fc26 php-nette-forms-2.4.6-1.fc26 php-nette-http-2.4.7-1.fc26 php-nette-utils-2.4.8-1.fc26 php-pear-crypt-gpg-1.6.1-1.fc26 php-pecl-imagick-3.4.3-2.fc26 php-simplesamlphp-saml2_3-3.0.2-3.fc26 php-symfony-polyfill-1.5.0-1.fc26 php-zetacomponents-document-1.3.1-1.fc26 pioneer-20170827-2.fc26 poedit-2.0.3-3.fc26 prename-1.9-4.fc26 psiconv-0.9.8-22.fc26 purple-discord-0-11.20170829git9115bd2.fc26 purple-facebook-0.9.5-1.9ff9acf9fa14.fc26 pyp2rpm-3.2.3-1.fc26 python-CDDB-1.4-22.fc26 python-ansible-tower-cli-3.1.7-1.fc26 python-incremental-17.5.0-1.fc26 python-keyring-10.4.0-2.fc26 python-markdown-2.6.9-2.fc26 python-polib-1.0.7-9.fc26 python-semver-2.7.8-1.fc26 python-treq-17.8.0-2.fc26 python-uranium-2.7.0-2.fc26 q-7.11-29.fc26 rakudo-0.2017.08-1.fc26 rebase-helper-0.10.1-1.fc26 ripright-0.11-5.fc26 rss-glx-0.9.1.p-29.fc26.1 rubygem-byebug-9.1.0-1.fc26 rubygem-pkg-config-1.2.7-1.fc26 rubygem-rack-attack-5.0.1-1.fc26 rubygem-rmagick-2.16.0-4.fc26.2 rubygem-yell-2.0.7-2.fc26 sasutils-0.3.9-1.fc26 scap-security-guide-0.1.35-1.fc26 sqlite-3.20.1-1.fc26 synfig-1.2.0-9.fc26.1 synfigstudio-1.2.0-5.fc26 techne-0.2.3-20.fc26 tintin-2.01.3-1.fc26 ugene-1.27.0-1.fc26 urh-1.8.5-1.fc26 vdr-scraper2vdr-1.0.5-4.20170611git254122b.fc26 vips-8.5.7-2.fc26 vips-8.5.8-1.fc26 waf-1.9.13-1.fc26 wings-2.1.5-1.fc26 wxGTK3-3.0.3-5.fc26 xen-4.8.1-8.fc26 xrootd-4.7.0-1.fc26
Details about builds:
================================================================================ ImageMagick-6.9.9.9-1.fc26 (FEDORA-2017-8f27031c8f) An X application for displaying and manipulating images -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ R-base64enc-0.1.3-1.fc26 (FEDORA-2017-3516f3975f) Tools for base64 encoding -------------------------------------------------------------------------------- Update Information:
Initial package of base64enc for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485591 - Review Request: R-base64enc - Tools for base64 encoding https://bugzilla.redhat.com/show_bug.cgi?id=1485591 --------------------------------------------------------------------------------
================================================================================ R-highr-0.6-2.fc26 (FEDORA-2017-4a5bc6053e) Syntax Highlighting for R Source Code -------------------------------------------------------------------------------- Update Information:
Initial package of highr for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484742 - Review Request: R-highr - Syntax Highlighting for R Source Code https://bugzilla.redhat.com/show_bug.cgi?id=1484742 --------------------------------------------------------------------------------
================================================================================ R-jpeg-0.1.8-3.fc26 (FEDORA-2017-2373af094e) Read and write JPEG images -------------------------------------------------------------------------------- Update Information:
Initial package of jpeg for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484739 - Review Request: R-jpeg - Read and write JPEG images https://bugzilla.redhat.com/show_bug.cgi?id=1484739 --------------------------------------------------------------------------------
================================================================================ R-mime-0.5-1.fc26 (FEDORA-2017-24d3b5e536) Map Filenames to MIME Types -------------------------------------------------------------------------------- Update Information:
Initial package of mime for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485266 - Review Request: R-mime - Map Filenames to MIME Types https://bugzilla.redhat.com/show_bug.cgi?id=1485266 --------------------------------------------------------------------------------
================================================================================ R-pbdRPC-0.1.1-7.fc26 (FEDORA-2017-6d8fd96627) Programming with Big Data -- Remote Procedure Call -------------------------------------------------------------------------------- Update Information:
Initial package of pbdRPC for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485038 - Review Request: R-pbdRPC - Programming with Big Data -- Remote Procedure Call https://bugzilla.redhat.com/show_bug.cgi?id=1485038 --------------------------------------------------------------------------------
================================================================================ R-png-0.1.7-3.fc26 (FEDORA-2017-7c0ccf4c7d) Read and write PNG images -------------------------------------------------------------------------------- Update Information:
Initial package of png for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484738 - Review Request: R-png - Read and write PNG images https://bugzilla.redhat.com/show_bug.cgi?id=1484738 --------------------------------------------------------------------------------
================================================================================ R-stringi-1.1.5-1.fc26 (FEDORA-2017-b6aa9e0a39) Character String Processing Facilities -------------------------------------------------------------------------------- Update Information:
Initial package of stringi for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485210 - Review Request: R-stringi - Character String Processing Facilities https://bugzilla.redhat.com/show_bug.cgi?id=1485210 --------------------------------------------------------------------------------
================================================================================ R-uuid-0.1.2-2.fc26 (FEDORA-2017-47edffafed) Tools for generating and handling of UUIDs -------------------------------------------------------------------------------- Update Information:
Initial package of uuid for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484764 - Review Request: R-uuid - Tools for generating and handling of UUIDs https://bugzilla.redhat.com/show_bug.cgi?id=1484764 --------------------------------------------------------------------------------
================================================================================ R-withr-2.0.0-2.fc26 (FEDORA-2017-fb2e54fed7) Run Code 'With' Temporarily Modified Global State -------------------------------------------------------------------------------- Update Information:
Initial package of withr for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484734 - Review Request: R-withr - Run Code 'With' Temporarily Modified Global State https://bugzilla.redhat.com/show_bug.cgi?id=1484734 --------------------------------------------------------------------------------
================================================================================ R-yaml-2.1.14-2.fc26 (FEDORA-2017-5e2b1ed1c7) Methods to Convert R Data to YAML and Back -------------------------------------------------------------------------------- Update Information:
Initial package of yaml for R. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484726 - Review Request: R-yaml - Methods to Convert R Data to YAML and Back https://bugzilla.redhat.com/show_bug.cgi?id=1484726 --------------------------------------------------------------------------------
================================================================================ Rex-1.5.0-2.fc26 (FEDORA-2017-9eb9e9d630) Tool for Automation, Remote Execution and Configuration Deployment -------------------------------------------------------------------------------- Update Information:
Upgrade to Rex 1.5.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1120788 - None https://bugzilla.redhat.com/show_bug.cgi?id=1120788 --------------------------------------------------------------------------------
================================================================================ WindowMaker-0.95.8-3.fc26 (FEDORA-2017-8f27031c8f) A fast, feature rich Window Manager -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ appstream-data-26-15.fc26 (FEDORA-2017-b4e5e30f42) Fedora AppStream metadata -------------------------------------------------------------------------------- Update Information:
New metadata version --------------------------------------------------------------------------------
================================================================================ arc-theme-20170302-7.fc26 (FEDORA-2017-4ea876e059) Flat theme with transparent elements -------------------------------------------------------------------------------- Update Information:
- Add several patches from upstream --------------------------------------------------------------------------------
================================================================================ arduino-1.8.4-1.fc26 (FEDORA-2017-f0a69429bd) An IDE for Arduino-compatible electronics prototyping platforms -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release + arduino-listSerialPortsC (new package) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1435029 - arduino-1.8.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1435029 [ 2 ] Bug #1482095 - None https://bugzilla.redhat.com/show_bug.cgi?id=1482095 --------------------------------------------------------------------------------
================================================================================ arduino-builder-1.3.25-1.fc26 (FEDORA-2017-f0a69429bd) A command line tool for compiling Arduino sketches -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release + arduino-listSerialPortsC (new package) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1435029 - arduino-1.8.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1435029 [ 2 ] Bug #1482095 - None https://bugzilla.redhat.com/show_bug.cgi?id=1482095 --------------------------------------------------------------------------------
================================================================================ arduino-listSerialPortsC-1.4.0-1.fc26 (FEDORA-2017-f0a69429bd) Simple multiplatform program to list serial ports with vid/pid/iserial fields -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release + arduino-listSerialPortsC (new package) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1435029 - arduino-1.8.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1435029 [ 2 ] Bug #1482095 - None https://bugzilla.redhat.com/show_bug.cgi?id=1482095 --------------------------------------------------------------------------------
================================================================================ atomic-1.19.1-2.fc26 (FEDORA-2017-5ae7743319) Tool for managing ProjectAtomic systems and containers -------------------------------------------------------------------------------- Update Information:
Addition of run for system containers ---- Release new version 1.19.1 --------------------------------------------------------------------------------
================================================================================ autotrace-0.31.1-49.fc26 (FEDORA-2017-8f27031c8f) Utility for converting bitmaps to vector graphics -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ babl-0.1.30-1.fc26 (FEDORA-2017-31ff2aff69) A dynamic, any to any, pixel format conversion library -------------------------------------------------------------------------------- Update Information:
Upstream bugfix and feature releases. --------------------------------------------------------------------------------
================================================================================ banshee-2.6.2-25.fc26 (FEDORA-2017-901c53087b) Easily import, manage, and play selections from your music collection -------------------------------------------------------------------------------- Update Information:
Bring fixes from later banshee builds to Fedora 25. Fix issue where banshee could not process podcasts with Windows encoded XML. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1409665 - Banshee cannot process podcasts whose XML has Windows end-of-line sequences https://bugzilla.redhat.com/show_bug.cgi?id=1409665 --------------------------------------------------------------------------------
================================================================================ bugzilla-5.0.3-6.fc26 (FEDORA-2017-5f9e8cf9a1) Bug tracking system -------------------------------------------------------------------------------- Update Information:
The bugzilla package could no longer be built from source. This update overhauls its requirements and build-requirements to correct that. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1462514 - None https://bugzilla.redhat.com/show_bug.cgi?id=1462514 --------------------------------------------------------------------------------
================================================================================ caja-1.18.4-2.fc26 (FEDORA-2017-a84ccb5228) File manager for MATE -------------------------------------------------------------------------------- Update Information:
- add more upstream fixes - use https://github.com/mate-desktop/caja/pull/837 - use https://github.com/mate-desktop/caja/pull/838 --------------------------------------------------------------------------------
================================================================================ chromium-60.0.3112.113-1.fc26 (FEDORA-2017-e11dade5d0) A WebKit (Blink) powered web browser -------------------------------------------------------------------------------- Update Information:
Update to 60.0.3112.113. Added support for aarch64 (except on EPEL7). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1460813 - chromium not part of aarch64 package repo. https://bugzilla.redhat.com/show_bug.cgi?id=1460813 [ 2 ] Bug #1413644 - Unsupported encoding iso-8859-2 / windows-1251 / ... https://bugzilla.redhat.com/show_bug.cgi?id=1413644 --------------------------------------------------------------------------------
================================================================================ ckeditor-4.7.2-1.fc26 (FEDORA-2017-1bd6f59bb3) WYSIWYG text editor to be used inside web pages -------------------------------------------------------------------------------- Update Information:
## CKEditor 4.7.2 ### New Features: * [#455](https://github.com/ckeditor /ckeditor-dev/issues/455): Added [Advanced Content Filter](https://docs.ckeditor.com/#!/guide/dev_acf) integration with the [Justify](http://ckeditor.com/addon/justify) plugin. ### Fixed Issues: * [#663](https://github.com/ckeditor/ckeditor-dev/issues/663): [Chrome] Fixed: Clicking the scrollbar throws an `Uncaught TypeError: element.is is not a function` error. * [#520](https://github.com/ckeditor/ckeditor-dev/issues/520): Fixed: Widgets cannot be properly pasted into a table cell. * [#579](https://github.com/ckeditor/ckeditor-dev/issues/579): Fixed: Internal `cke_table-faked-selection-table` class is visible in the Stylesheet Classes field of the [Table Properties](http://ckeditor.com/addon/table) dialog. * [#545](https://github.com/ckeditor/ckeditor-dev/issues/545): [Edge] Fixed: Error thrown when pressing the [Select All](https://ckeditor.com/addon/selectall) button in [Source Mode](http://ckeditor.com/addon/sourcearea). * [#582](https://github.com/ckeditor/ckeditor-dev/issues/582): Fixed: Double slash in the path to stylesheet needed by the [Table Selection](http://ckeditor.com/addon/tableselection) plugin. Thanks to [Marius Dumitru Florea](https://github.com/mflorea)! * [#491](https://github.com/ckeditor/ckeditor-dev/issues/491): Fixed: Unnecessary dependency on the [Editor Toolbar](http://ckeditor.com/addon/toolbar) plugin inside the [Notification](http://ckeditor.com/addon/notification) plugin. * [#646](https://github.com/ckeditor/ckeditor-dev/issues/646): Fixed: Error thrown into the browser console after opening the [Styles Combo](http://ckeditor.com/addon/stylescombo) plugin menu in the editor without any selection. * [#501](https://github.com/ckeditor/ckeditor-dev/issues/501): Fixed: Double click does not open the dialog for modifying anchors inserted via the [Link](http://ckeditor.com/addon/link) plugin. * [#9780](https://dev.ckeditor.com/ticket/9780): [IE8-9] Fixed: Clicking inside an empty [read-only](http://docs.ckeditor.com/#!/api/CKEDITOR.editor-property- readOnly) editor throws an error. * [#16820](https://dev.ckeditor.com/ticket/16820): [IE10] Fixed: Clicking below a single horizontal rule throws an error. * [#426](https://github.com/ckeditor /ckeditor-dev/issues/426): Fixed: The [`range.cloneContents`](http://docs.ckeditor.com/#!/api/CKEDITOR.dom.range- method-cloneContents) method selects the whole element when the selection starts at the beginning of that element. * [#644](https://github.com/ckeditor/ckeditor- dev/issues/644): Fixed: The [`range.extractContents`](http://docs.ckeditor.com/#!/api/CKEDITOR.dom.range- method-extractContents) method returns an incorrect result when multiple nodes are selected. * [#684](https://github.com/ckeditor/ckeditor-dev/issues/684): Fixed: The [`elementPath.contains`](http://docs.ckeditor.com/#!/api/CKEDITOR.dom .elementPath-method-contains) method incorrectly excludes the last element instead of root when the `fromTop` parameter is set to `true`. ### Other Changes: * Updated the [SCAYT](http://ckeditor.com/addon/scayt) (Spell Check As You Type) plugin: * [#148](https://github.com/WebSpellChecker/ckeditor- plugin-scayt/issues/148): Fixed: SCAYT leaves underlined word after the CKEditor Replace dialog corrects it. * [#751](https://github.com/ckeditor/ckeditor- dev/issues/751): Added the [`CKEDITOR.dom.nodeList.toArray`](https://docs.ckeditor.com/#!/api/CKEDITOR.dom .nodeList-method-toArray) method which returns an array representation of a [node list](https://docs.ckeditor.com/#!/api/CKEDITOR.dom.nodeList). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1482711 - ckeditor-4.7.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1482711 --------------------------------------------------------------------------------
================================================================================ clinfo-2.2.17.08.25-1.fc26 (FEDORA-2017-e4322e72ad) Enumerate OpenCL platforms and devices -------------------------------------------------------------------------------- Update Information:
Update to latest release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486723 - None https://bugzilla.redhat.com/show_bug.cgi?id=1486723 --------------------------------------------------------------------------------
================================================================================ compat-ImageMagick693-6.9.3.10-1.fc26 (FEDORA-2017-1362e7988d) Compat package with ImageMagick 6.9.3 libraries -------------------------------------------------------------------------------- Update Information:
ImageMagick 6.9.3 ABI compatibility package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485869 - Review Request: compat-ImageMagick693 - Compat package with ImageMagick 6.9.3 libraries https://bugzilla.redhat.com/show_bug.cgi?id=1485869 --------------------------------------------------------------------------------
================================================================================ conda-4.3.24-3.fc26 (FEDORA-2017-0a4ad90d7f) Cross-platform, Python-agnostic binary package manager -------------------------------------------------------------------------------- Update Information:
New package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1478231 - None https://bugzilla.redhat.com/show_bug.cgi?id=1478231 --------------------------------------------------------------------------------
================================================================================ converseen-0.9.6.2-3.fc26 (FEDORA-2017-8f27031c8f) A batch image conversion tool written in C++ with Qt5 and Magick++ -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ dmtx-utils-0.7.4-4.fc26 (FEDORA-2017-8f27031c8f) Tools for working with Data Matrix 2D bar-codes -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ dovecot-2.2.32-2.fc26 (FEDORA-2017-708286ba2f) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information:
- dovecot updated to 2.2.32 - pigeonhole updated to 0.4.20 - Made the retention period for redirect duplicate identifiers configurable. Changed the default retention period from 24 to 12 hours. - sieve-filter: Fixed memory leak: forgot to clean up script binary at end of execution - managesieve-login: Fixed handling of AUTHENTICATE command. A second authenticate command would be parsed wrong. - Modseq tracking didn't always work correctly. This could have caused imap unhibernation to fail or IMAP QRESYNC/CONDSTORE extensions to not work perfectly. - mdbox: "Inconsistency in map index" wasn't fixed automatically - dict-ldap: %variable values used in the LDAP filter weren't escaped. - quota=count: quota_warning = -storage=.. was never executed (try #2). - imapc:
= 32 kB mail bodies were supposed to be cached for subsequent FETCHes, but
weren't. - quota-status service didn't support recipient_delimiter - acl: Don't access dovecot-acl-list files with acl_globals_only=yes - mail_location: If INDEX dir is set, mailbox deletion deletes its childrens' indexes. - director: v2.2.31 caused rapid reconnection loops to directors that were down. --------------------------------------------------------------------------------
================================================================================ drawtiming-0.7.1-22.fc26 (FEDORA-2017-8f27031c8f) A command line tool for generating timing diagrams -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ duply-2.0.3-2.fc26 (FEDORA-2017-4f81f60074) Wrapper for duplicity -------------------------------------------------------------------------------- Update Information:
#### 2.0.3 (29.08.2017) #### - bugfix: "line 2231: CMDS: bad array subscript" - bugfix 112: "env: illegal option -- u" on MacOSX --------------------------------------------------------------------------------
================================================================================ emacs-25.2-5.fc26 (FEDORA-2017-8f27031c8f) GNU Emacs text editor -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ erlang-chronos-0.5.1-1.fc26 (FEDORA-2017-df3fecadc4) Timer utility for Erlang tests -------------------------------------------------------------------------------- Update Information:
* Initial build -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484843 - Review Request: erlang-chronos - Timer utility for Erlang tests https://bugzilla.redhat.com/show_bug.cgi?id=1484843 [ 2 ] Bug #1484835 - Review Request: erlang-stdlib2 - Erlang stdlib extensions https://bugzilla.redhat.com/show_bug.cgi?id=1484835 [ 3 ] Bug #1484846 - Review Request: erlang-hyper - An implementation of the HyperLogLog algorithm in Erlang https://bugzilla.redhat.com/show_bug.cgi?id=1484846 --------------------------------------------------------------------------------
================================================================================ erlang-hyper-0-0.1.20161011git4b1abc4.fc26 (FEDORA-2017-df3fecadc4) An implementation of the HyperLogLog algorithm in Erlang -------------------------------------------------------------------------------- Update Information:
* Initial build -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484843 - Review Request: erlang-chronos - Timer utility for Erlang tests https://bugzilla.redhat.com/show_bug.cgi?id=1484843 [ 2 ] Bug #1484835 - Review Request: erlang-stdlib2 - Erlang stdlib extensions https://bugzilla.redhat.com/show_bug.cgi?id=1484835 [ 3 ] Bug #1484846 - Review Request: erlang-hyper - An implementation of the HyperLogLog algorithm in Erlang https://bugzilla.redhat.com/show_bug.cgi?id=1484846 --------------------------------------------------------------------------------
================================================================================ erlang-riak_kv-2.1.8-1.fc26 (FEDORA-2017-1a2bdc0500) Riak Key/Value Store -------------------------------------------------------------------------------- Update Information:
* Ver. 2.1.8 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1423541 - erlang-riak_kv: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1423541 [ 2 ] Bug #962307 - erlang-riak_kv-2.1.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=962307 --------------------------------------------------------------------------------
================================================================================ erlang-riak_search-2.1.7-1.fc26 (FEDORA-2017-8a41b78b96) Full-text search engine based on Riak -------------------------------------------------------------------------------- Update Information:
* Ver. 2.1.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1423544 - erlang-riak_search: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1423544 [ 2 ] Bug #979552 - erlang-riak_search-2.1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=979552 --------------------------------------------------------------------------------
================================================================================ erlang-stdlib2-0-0.1.20170810git5ccd9b2.fc26 (FEDORA-2017-df3fecadc4) Erlang stdlib extensions -------------------------------------------------------------------------------- Update Information:
* Initial build -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484843 - Review Request: erlang-chronos - Timer utility for Erlang tests https://bugzilla.redhat.com/show_bug.cgi?id=1484843 [ 2 ] Bug #1484835 - Review Request: erlang-stdlib2 - Erlang stdlib extensions https://bugzilla.redhat.com/show_bug.cgi?id=1484835 [ 3 ] Bug #1484846 - Review Request: erlang-hyper - An implementation of the HyperLogLog algorithm in Erlang https://bugzilla.redhat.com/show_bug.cgi?id=1484846 --------------------------------------------------------------------------------
================================================================================ fence-agents-4.0.24-8.fc26 (FEDORA-2017-79bedba801) Fence Agents for Red Hat Cluster -------------------------------------------------------------------------------- Update Information:
- fence-agents-common: remove fence_scsi_check files - fence-scsi: add "fence_scsi_check_hardreboot" --------------------------------------------------------------------------------
================================================================================ flatcam-8.5-7.20170701gita9a4ec75db12.fc26 (FEDORA-2017-b7a4725bc4) 2D Computer-Aided PCB Manufacturing -------------------------------------------------------------------------------- Update Information:
2D Computer-Aided PCB Manufacturing -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484054 - Review Request: flatcam - 2D Computer-Aided PCB Manufacturing https://bugzilla.redhat.com/show_bug.cgi?id=1484054 --------------------------------------------------------------------------------
================================================================================ foo2zjs-0.20170412-5.fc26 (FEDORA-2017-87fd0768e8) Linux printer driver for ZjStream protocol -------------------------------------------------------------------------------- Update Information:
Remove ICC and firmware files due to licensing -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486204 - None https://bugzilla.redhat.com/show_bug.cgi?id=1486204 --------------------------------------------------------------------------------
================================================================================ gd-2.2.5-1.fc26 (FEDORA-2017-7cc0e6a5f5) A graphics library for quick creation of PNG or JPEG images -------------------------------------------------------------------------------- Update Information:
**Version 2.2.5** - 2017-08-30 * **Security** - Double-free in gdImagePngPtr(). **CVE-2017-6362** - Buffer over-read into uninitialized memory. **CVE-2017-7890** * **Fixed** - Fix #109: XBM reading fails with printed error - Fix #338: Fatal and normal libjpeg/ibpng errors not distinguishable - Fix #357: 2.2.4: Segfault in test suite - Fix #386: gdImageGrayScale() may produce colors - Fix #406: webpng -i removes the transparent color - Fix Coverity #155475: Failure to restore alphaBlendingFlag - Fix Coverity #155476: potential resource leak - Fix several build issues and test failures - Fix and reenable optimized support for reading 1 bps TIFFs --------------------------------------------------------------------------------
================================================================================ gdeploy-2.0.2-14.fc26 (FEDORA-2017-388358a44d) Tool to deploy and manage GlusterFS cluster -------------------------------------------------------------------------------- Update Information:
New package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1344276 - None https://bugzilla.redhat.com/show_bug.cgi?id=1344276 --------------------------------------------------------------------------------
================================================================================ gegl03-0.3.20-1.fc26 (FEDORA-2017-31ff2aff69) Graph based image processing framework -------------------------------------------------------------------------------- Update Information:
Upstream bugfix and feature releases. --------------------------------------------------------------------------------
================================================================================ ghc-attoparsec-iso8601-1.0.0.0-1.fc26 (FEDORA-2017-20ca2726ff) Parsing of ISO 8601 dates, originally from aeson -------------------------------------------------------------------------------- Update Information:
Initial release of attoparsec-iso8601 package for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485296 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485296 --------------------------------------------------------------------------------
================================================================================ ghc-base-orphans-0.6-1.fc26 (FEDORA-2017-374d70a019) Backwards-compatible orphan instances for base -------------------------------------------------------------------------------- Update Information:
Initial package of base-orphans for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485493 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485493 --------------------------------------------------------------------------------
================================================================================ ghc-bencode-0.6.0.0-4.fc26 (FEDORA-2017-3ea50e9b5d) Parser and printer for bencoded data -------------------------------------------------------------------------------- Update Information:
Initial package of bencode for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485489 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485489 --------------------------------------------------------------------------------
================================================================================ ghc-disk-free-space-0.1.0.1-4.fc26 (FEDORA-2017-ad0276f0eb) Retrieve information about disk space usage -------------------------------------------------------------------------------- Update Information:
Initial package of disk-free-space for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485486 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485486 --------------------------------------------------------------------------------
================================================================================ ghc-dns-2.0.10-2.fc26 (FEDORA-2017-cb94236133) DNS library in Haskell -------------------------------------------------------------------------------- Update Information:
Initial package of dns for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485514 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485514 --------------------------------------------------------------------------------
================================================================================ ghc-email-validate-2.3.1-1.fc26 (FEDORA-2017-bb4e14af6c) Email address validation -------------------------------------------------------------------------------- Update Information:
Initial package of email-validate for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485492 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485492 --------------------------------------------------------------------------------
================================================================================ ghc-fdo-notify-0.3.1-7.fc26 (FEDORA-2017-778d3bf1e4) Desktop Notifications client -------------------------------------------------------------------------------- Update Information:
Initial package of fdo-notify for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485757 - Review Request: ghc-fdo-notify - Desktop Notifications client https://bugzilla.redhat.com/show_bug.cgi?id=1485757 --------------------------------------------------------------------------------
================================================================================ ghc-foundation-0.0.13-3.fc26 (FEDORA-2017-6d6d02c7db) Alternative prelude with batteries and no dependencies -------------------------------------------------------------------------------- Update Information:
Initial package of foundation for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485507 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485507 --------------------------------------------------------------------------------
================================================================================ ghc-generic-deriving-1.11.2-3.fc26 (FEDORA-2017-d86e00bdb2) Generic programming library for generalised deriving -------------------------------------------------------------------------------- Update Information:
Initial package of generic-deriving for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485506 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485506 --------------------------------------------------------------------------------
================================================================================ ghc-magic-1.1-4.fc26 (FEDORA-2017-4f8dc8cb8b) Interface to C file/magic library -------------------------------------------------------------------------------- Update Information:
Initial package of magic for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485487 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485487 --------------------------------------------------------------------------------
================================================================================ ghc-microlens-0.4.8.1-2.fc26 (FEDORA-2017-0c66d6ee76) A tiny lens library with no dependencies -------------------------------------------------------------------------------- Update Information:
Initial package of microlens for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485494 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485494 --------------------------------------------------------------------------------
================================================================================ ghc-mountpoints-1.0.2-4.fc26 (FEDORA-2017-89438505d8) List mount points -------------------------------------------------------------------------------- Update Information:
Initial package of mountpoints for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485488 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485488 --------------------------------------------------------------------------------
================================================================================ ghc-network-info-0.2.0.8-6.fc26 (FEDORA-2017-f4fd7cf5fb) Access the local computer's basic network configuration -------------------------------------------------------------------------------- Update Information:
Initial package of network-info for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485491 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485491 --------------------------------------------------------------------------------
================================================================================ ghc-network-multicast-0.2.0-1.fc26 (FEDORA-2017-7ac88a0c00) Simple multicast library -------------------------------------------------------------------------------- Update Information:
Initial package of network-multicast for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485500 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485500 --------------------------------------------------------------------------------
================================================================================ ghc-resource-pool-0.2.3.2-7.fc26 (FEDORA-2017-d0f5586a60) A high-performance striped resource pooling implementation -------------------------------------------------------------------------------- Update Information:
Initial package of resource-pool for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485501 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485501 --------------------------------------------------------------------------------
================================================================================ ghc-silently-1.2.5-4.fc26 (FEDORA-2017-12e5a4938a) Prevent or capture writing to stdout and other handles -------------------------------------------------------------------------------- Update Information:
Initial package of silently for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485497 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485497 --------------------------------------------------------------------------------
================================================================================ ghc-skein-1.0.9.4-4.fc26 (FEDORA-2017-649532c504) Skein, a family of cryptographic hash functions. Includes Skein-MAC as well -------------------------------------------------------------------------------- Update Information:
Initial package of skein for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485499 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485499 --------------------------------------------------------------------------------
================================================================================ ghc-terminal-size-0.3.2.1-4.fc26 (FEDORA-2017-43aecb3bdf) Get terminal window height and width -------------------------------------------------------------------------------- Update Information:
Initial package of terminal-size for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485512 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485512 --------------------------------------------------------------------------------
================================================================================ ghc-th-abstraction-0.2.5.0-1.fc26 (FEDORA-2017-8dd9c58e6f) Nicer interface for reified information about data types -------------------------------------------------------------------------------- Update Information:
Initial package of th-abstraction for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485511 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485511 --------------------------------------------------------------------------------
================================================================================ ghc-uri-bytestring-0.2.3.3-2.fc26 (FEDORA-2017-be8f34722f) Haskell URI parsing as ByteStrings -------------------------------------------------------------------------------- Update Information:
Initial package of uri-bytestring for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485503 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485503 --------------------------------------------------------------------------------
================================================================================ ghc-xml-hamlet-0.4.1-1.fc26 (FEDORA-2017-e0848f74d0) Hamlet-style quasiquoter for XML content -------------------------------------------------------------------------------- Update Information:
Initial package of xml-hamlet for Haskell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485505 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485505 --------------------------------------------------------------------------------
================================================================================ glibc-2.25-10.fc26 (FEDORA-2017-103e80de0b) The GNU libc libraries -------------------------------------------------------------------------------- Update Information:
This update fixes RHBZ#1485900, an implementation error in robust pthread mutexes. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485900 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485900 --------------------------------------------------------------------------------
================================================================================ gnome-photos-3.24.3-1.fc26 (FEDORA-2017-62d50ce338) Access, organize and share your photos on GNOME -------------------------------------------------------------------------------- Update Information:
# Support GEGL >= 0.3.16 # Bugs fixed: * 763329 thumbnailer: Fix typo and complete the right D-Bus call * 780692 Titles are no longer displayed in the album grid # Updated translations: * Icelandic * Slovenian --------------------------------------------------------------------------------
================================================================================ gnome-settings-daemon-3.24.3-3.fc26 (FEDORA-2017-59962d8ed3) The daemon sharing settings from GNOME to GTK+/KDE applications -------------------------------------------------------------------------------- Update Information:
Should fix bug #1322588 "endless brightness / backlight error messages in journalctl" -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1322588 - None https://bugzilla.redhat.com/show_bug.cgi?id=1322588 --------------------------------------------------------------------------------
================================================================================ gnome-shell-extension-sustmi-3.0-15.git.e3def68.fc26 (FEDORA-2017-63baa022f0) Include two extensions, windowoverlay-icons and historymanager-prefix-search -------------------------------------------------------------------------------- Update Information:
First update in years. (Previous package maintainer had disappeared.) This is two GNOME Shell extensions in subpackages, because the upstream tracks them both in a single git repository. Upstream changes since the last package update include: * updates to keep up with changes to the GNOME Shell API (from relatively early in the GNOME 3.x life cycle) * additional translations * various bug fixes --------------------------------------------------------------------------------
================================================================================ golang-github-cheggaaa-pb-1.0.12-0.1.git9a180eb.fc26 (FEDORA-2017-d7ff750fb1) Console progress bar for Golang -------------------------------------------------------------------------------- Update Information:
Bump to upstream 9a180eb4617eb2112e01ca3fa25c61a6303afcaf -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1440773 - golang-github-cheggaaa-pb is outdated and needs to be updated to latest upstream https://bugzilla.redhat.com/show_bug.cgi?id=1440773 --------------------------------------------------------------------------------
================================================================================ golang-github-gdamore-tcell-0-0.1.20170807gitd55f61c.fc26 (FEDORA-2017-3d0e1fe512) An alternate terminal package -------------------------------------------------------------------------------- Update Information:
Initial release of tcell package for Go. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483201 - None https://bugzilla.redhat.com/show_bug.cgi?id=1483201 --------------------------------------------------------------------------------
================================================================================ google-noto-emoji-fonts-20170827-1.fc26 (FEDORA-2017-db5c617447) Google Noto Emoji Fonts -------------------------------------------------------------------------------- Update Information:
Update to upstream snapshot tarball --------------------------------------------------------------------------------
================================================================================ gtatool-2.2.0-6.fc26 (FEDORA-2017-8f27031c8f) Commandline tool to manipulate GTAs -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ httpie-0.9.4-9.fc26 (FEDORA-2017-b1210554f2) A Curl-like tool for humans -------------------------------------------------------------------------------- Update Information:
Rebuild to fix manpage generation --------------------------------------------------------------------------------
================================================================================ httrack-3.49.2-1.fc26 (FEDORA-2017-894f547b96) Website copier and offline browser -------------------------------------------------------------------------------- Update Information:
update -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1423723 - httrack: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1423723 [ 2 ] Bug #1438201 - httrack-3.49.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1438201 --------------------------------------------------------------------------------
================================================================================ hwinfo-21.47-2.fc26 (FEDORA-2017-ae4b9c270c) Hardware information tool -------------------------------------------------------------------------------- Update Information:
New packages added. --------------------------------------------------------------------------------
================================================================================ imageinfo-0.05-27.fc26 (FEDORA-2017-8f27031c8f) Extract attributes of digital images -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ inkscape-0.92.1-4.20170510bzr15686.fc26.1 (FEDORA-2017-8f27031c8f) Vector-based drawing program using SVG -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ java-1.8.0-openjdk-1.8.0.144-5.b01.fc26 (FEDORA-2017-868d30cef1) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information:
fixed few minor bugs (eg dangling symlinks), updated to u 144 (fixing zi[p regression) --------------------------------------------------------------------------------
================================================================================ jbuilder-1.0-0.3.beta12.fc26 (FEDORA-2017-2df5fe23b2) A composable build system for OCaml -------------------------------------------------------------------------------- Update Information:
A composable build system for OCaml -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1481912 - Review Request: jbuilder - A composable build system for OCaml https://bugzilla.redhat.com/show_bug.cgi?id=1481912 --------------------------------------------------------------------------------
================================================================================ k3d-0.8.0.6-8.fc26 (FEDORA-2017-8f27031c8f) A 3D Modeling, Animation and Rendering System -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ kdevelop-5.1.2-1.fc26 (FEDORA-2017-06ce679b27) Integrated Development Environment for C++/C -------------------------------------------------------------------------------- Update Information:
KDevelop 5.1.2 release. See https://www.kdevelop.org/news/kdevelop-512-released for more information. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486081 - None https://bugzilla.redhat.com/show_bug.cgi?id=1486081 --------------------------------------------------------------------------------
================================================================================ kdevelop-php-5.1.2-1.fc26 (FEDORA-2017-06ce679b27) Php language and documentation plugins for KDevelop -------------------------------------------------------------------------------- Update Information:
KDevelop 5.1.2 release. See https://www.kdevelop.org/news/kdevelop-512-released for more information. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486081 - None https://bugzilla.redhat.com/show_bug.cgi?id=1486081 --------------------------------------------------------------------------------
================================================================================ kdevelop-python-5.1.2-1.py3.fc26 (FEDORA-2017-06ce679b27) Python 3 Plugin for KDevelop -------------------------------------------------------------------------------- Update Information:
KDevelop 5.1.2 release. See https://www.kdevelop.org/news/kdevelop-512-released for more information. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486081 - None https://bugzilla.redhat.com/show_bug.cgi?id=1486081 --------------------------------------------------------------------------------
================================================================================ kdevplatform-5.1.2-1.fc26 (FEDORA-2017-06ce679b27) Libraries for use by KDE development tools -------------------------------------------------------------------------------- Update Information:
KDevelop 5.1.2 release. See https://www.kdevelop.org/news/kdevelop-512-released for more information. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486081 - None https://bugzilla.redhat.com/show_bug.cgi?id=1486081 --------------------------------------------------------------------------------
================================================================================ krita-3.2.1-1.fc26 (FEDORA-2017-e18d01d605) Krita is a sketching and painting program -------------------------------------------------------------------------------- Update Information:
New stable release, see also https://krita.org/en/item/krita-3-2-1-released/ https://krita.org/en/item/krita-3-2-0-released/ --------------------------------------------------------------------------------
================================================================================ kxstitch-1.2.0-9.fc26 (FEDORA-2017-8f27031c8f) Program to create cross stitch patterns -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ libarcus-2.7.0-1.fc26 (FEDORA-2017-590ac11b0f) Communication library between internal components for Ultimaker software -------------------------------------------------------------------------------- Update Information:
New release of Cura dependencies. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486731 - libsavitar-2.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1486731 [ 2 ] Bug #1486741 - python-uranium-2.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1486741 --------------------------------------------------------------------------------
================================================================================ libblockdev-2.12-1.fc26 (FEDORA-2017-e4a31c3222) A library for low-level manipulation with block devices -------------------------------------------------------------------------------- Update Information:
New upstream release with bugfixes and enhancements. --------------------------------------------------------------------------------
================================================================================ libidn2-2.0.4-1.fc26 (FEDORA-2017-2d4ead8da9) Library to support IDNA2008 internationalized domain names -------------------------------------------------------------------------------- Update Information:
Libidn2 2.0.4 (released 2017-08-30) =================================== * Fix integer overflow in bidi.c/_isBidi() * Fix integer overflow in puny_decode.c/decode_digit() * Improve docs * Fix idna_free() to idn_free() * Update fuzzer corpora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486882 - libidn2: in puny_decode.c/decode_digit https://bugzilla.redhat.com/show_bug.cgi?id=1486882 [ 2 ] Bug #1486881 - libidn2: integer overflow in bidi.c/_isBidi() https://bugzilla.redhat.com/show_bug.cgi?id=1486881 --------------------------------------------------------------------------------
================================================================================ libjson-rpc-cpp-1.0.0-1.fc26 (FEDORA-2017-fe82538a47) C++ framework for json-rpc (json remote procedure call) -------------------------------------------------------------------------------- Update Information:
## Fixed - Typo in ERROR_CLIENT_CONNECTOR exception - Integration testsuite when run without HTTP - Positional parameters with more than 10 items - C++11 deprecated dynamic excpetion specifiers have been removed - libmicrohttpd legacy detection for `EPOLL` ## Added - File descriptor client and server connector - Redis client and server connector - `StreamReader` and `StreamWriter` classes to handle the buffering ## Removed - Method `BatchResponse::getResult(Json::Value& id)` - Method `AbstractServerConnector::SendResponse()` ## Changed - Use libmicrohttpd's EPOLL where possible (lmhd >= 0.9.52) - Refactored all socket-based client and server connectors to reduce code duplication - Changed interfaces for `AbstractServerConnector` to avoid the ugly `void *` backpointer -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485748 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485748 --------------------------------------------------------------------------------
================================================================================ liblayout-0.2.10-14.fc26 (FEDORA-2017-e6fdd92816) CSS based layouting framework -------------------------------------------------------------------------------- Update Information:
- fix inaccessible docdir documentation -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485891 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485891 --------------------------------------------------------------------------------
================================================================================ libmseed-2.19.4-4.fc26 (FEDORA-2017-dfbc7d9850) A C library framework for manipulating and managing SEED data records -------------------------------------------------------------------------------- Update Information:
Initial package of libmseed, a framework for manipulating and managing SEED data records. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485566 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485566 --------------------------------------------------------------------------------
================================================================================ libqxp-0.0.0-1.fc26 (FEDORA-2017-02631438bd) Library for import of QuarkXPress documents -------------------------------------------------------------------------------- Update Information:
initial import --------------------------------------------------------------------------------
================================================================================ libreoffice-5.3.6.1-1.fc26 (FEDORA-2017-5cef4ed26d) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information:
update to 5.3.6 rc1 --------------------------------------------------------------------------------
================================================================================ librep-0.92.7-1.fc26 (FEDORA-2017-c1e87928f6) A lightweight Lisp environment -------------------------------------------------------------------------------- Update Information:
Upstream update with reproducible build and other build fixes. --------------------------------------------------------------------------------
================================================================================ libsavitar-2.7.0-1.fc26 (FEDORA-2017-590ac11b0f) C++ implementation of 3mf loading with SIP Python bindings -------------------------------------------------------------------------------- Update Information:
New release of Cura dependencies. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486731 - libsavitar-2.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1486731 [ 2 ] Bug #1486741 - python-uranium-2.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1486741 --------------------------------------------------------------------------------
================================================================================ libx86emu-1.11-2.fc26 (FEDORA-2017-ae4b9c270c) x86 emulation library -------------------------------------------------------------------------------- Update Information:
New packages added. --------------------------------------------------------------------------------
================================================================================ logwatch-7.4.3-6.fc26 (FEDORA-2017-dbe77148ce) A log file analysis program -------------------------------------------------------------------------------- Update Information:
Refix for rhbz#1317620 - sshd log format changed -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1317620 - sshd log format changed, lots of excess unmatched output showing up in logwatch https://bugzilla.redhat.com/show_bug.cgi?id=1317620 --------------------------------------------------------------------------------
================================================================================ lshw-B.02.18-11.fc26 (FEDORA-2017-bd0f702f94) Hardware lister -------------------------------------------------------------------------------- Update Information:
Various changes to let lshw show up in GNOME Software. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1476498 - AppStream metadata for lshw gui package are missing https://bugzilla.redhat.com/show_bug.cgi?id=1476498 --------------------------------------------------------------------------------
================================================================================ mbedtls-2.6.0-1.fc26 (FEDORA-2017-382c240580) Light-weight cryptographic and SSL/TLS library -------------------------------------------------------------------------------- Update Information:
- Update to 2.6.0 Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.6.0-2.1.9-and-1.3.21-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2017-02 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1487120 - CVE-2017-14032 mbedtls: Bypass peer authentication https://bugzilla.redhat.com/show_bug.cgi?id=1487120 --------------------------------------------------------------------------------
================================================================================ mg-20170828-1.fc26 (FEDORA-2017-c22bf0bde6) Tiny Emacs-like editor -------------------------------------------------------------------------------- Update Information:
upgrade to 20170828 (RHBZ#1486083) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486083 - mg-20170828 is available https://bugzilla.redhat.com/show_bug.cgi?id=1486083 --------------------------------------------------------------------------------
================================================================================ mingw-libidn2-2.0.4-1.fc26 (FEDORA-2017-fe4f93fde4) MinGW Windows Internationalized Domain Name 2008 support library -------------------------------------------------------------------------------- Update Information:
Libidn2 2.0.4 (released 2017-08-30) =================================== * Fix integer overflow in bidi.c/_isBidi() * Fix integer overflow in puny_decode.c/decode_digit() * Improve docs * Fix idna_free() to idn_free() * Update fuzzer corpora -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486883 - mingw-libidn2: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1486883 --------------------------------------------------------------------------------
================================================================================ mingw-openjpeg2-2.2.0-2.fc26 (FEDORA-2017-06cace06ce) MinGW Windows openjpeg2 library -------------------------------------------------------------------------------- Update Information:
This update fixes CVE-2017-12982. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1487236 - CVE-2017-12982 openjpeg: Memory allocation failure in the opj_image_create function https://bugzilla.redhat.com/show_bug.cgi?id=1487236 --------------------------------------------------------------------------------
================================================================================ moarvm-0.2017.08.1-1.fc26 (FEDORA-2017-7e04095858) Meta-model On A Runtime Virtual Machine -------------------------------------------------------------------------------- Update Information:
update to 2017.08 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1478370 - None https://bugzilla.redhat.com/show_bug.cgi?id=1478370 [ 2 ] Bug #1478608 - None https://bugzilla.redhat.com/show_bug.cgi?id=1478608 --------------------------------------------------------------------------------
================================================================================ nfs-ganesha-2.5.2-1.fc26 (FEDORA-2017-34263423ec) NFS-Ganesha is a NFS Server running in user space -------------------------------------------------------------------------------- Update Information:
nfs-ganesha 2.5.2 GA --------------------------------------------------------------------------------
================================================================================ no-more-secrets-0.3.2-3.fc26 (FEDORA-2017-5d25c30400) A recreation of the "decrypting text" effect from the 1992 movie Sneakers -------------------------------------------------------------------------------- Update Information:
update for chnages suggested in RHBZ#1484222 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484222 - Review Request: no-more-secrets - A recreation of the "decrypting text" effect from the 1992 movie Sneakers https://bugzilla.redhat.com/show_bug.cgi?id=1484222 --------------------------------------------------------------------------------
================================================================================ nqp-0.0.2017.08-1.fc26 (FEDORA-2017-7e04095858) Not Quite Perl (6) -------------------------------------------------------------------------------- Update Information:
update to 2017.08 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1478370 - None https://bugzilla.redhat.com/show_bug.cgi?id=1478370 [ 2 ] Bug #1478608 - None https://bugzilla.redhat.com/show_bug.cgi?id=1478608 --------------------------------------------------------------------------------
================================================================================ ocaml-cudf-0.9-1.fc26 (FEDORA-2017-7d578e4fb3) Format for describing upgrade scenarios -------------------------------------------------------------------------------- Update Information:
Format for describing upgrade scenarios -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1480794 - Review Request: ocaml-cudf - Format for describing upgrade scenarios https://bugzilla.redhat.com/show_bug.cgi?id=1480794 --------------------------------------------------------------------------------
================================================================================ ocaml-fileutils-0.5.1-4.fc26 (FEDORA-2017-bb90a3afae) OCaml library for common file and filename operations -------------------------------------------------------------------------------- Update Information:
Bump and rebuild for broken unix.cmxa. --------------------------------------------------------------------------------
================================================================================ ocaml-gettext-0.3.5-10.fc26.1 (FEDORA-2017-726877bd6e) OCaml library for i18n -------------------------------------------------------------------------------- Update Information:
Subpackage ocaml-gettext-camomile-devel should depend on ocaml-gettext-camomile. --------------------------------------------------------------------------------
================================================================================ ocaml-opam-file-format-2.0.0-0.2.beta3.fc26 (FEDORA-2017-65947f753e) Parser and printer for the opam file syntax -------------------------------------------------------------------------------- Update Information:
Parser and printer for the opam file syntax -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1477362 - None https://bugzilla.redhat.com/show_bug.cgi?id=1477362 --------------------------------------------------------------------------------
================================================================================ openjpeg2-2.2.0-2.fc26 (FEDORA-2017-06cace06ce) C-Library for JPEG 2000 -------------------------------------------------------------------------------- Update Information:
This update fixes CVE-2017-12982. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1487236 - CVE-2017-12982 openjpeg: Memory allocation failure in the opj_image_create function https://bugzilla.redhat.com/show_bug.cgi?id=1487236 --------------------------------------------------------------------------------
================================================================================ openmsx-0.14.0-1.fc26 (FEDORA-2017-689b995122) An emulator for the MSX home computer system -------------------------------------------------------------------------------- Update Information:
New upstream release 0.14.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1478320 - Request for update to 0.14.0 https://bugzilla.redhat.com/show_bug.cgi?id=1478320 --------------------------------------------------------------------------------
================================================================================ pango-1.40.11-3.fc26 (FEDORA-2017-d0478b3eea) System for layout and rendering of internationalized text -------------------------------------------------------------------------------- Update Information:
Fix multilib issue -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485076 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485076 --------------------------------------------------------------------------------
================================================================================ pentaho-reporting-flow-engine-0.9.4-14.fc26 (FEDORA-2017-c820c5f688) Pentaho Flow Reporting Engine -------------------------------------------------------------------------------- Update Information:
- documentation was inaccessible -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485799 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485799 --------------------------------------------------------------------------------
================================================================================ perl-Exporter-Easy-0.18-2.fc26 (FEDORA-2017-9c5121c810) Takes the drudgery out of Exporting symbols -------------------------------------------------------------------------------- Update Information:
This package contains the perl module Exporter::Easy, which makes using Exporter easy. In its simplest case, it allows you to drop the boilerplate code that comes with using Exporter, so more complicated situations where you use tags to build lists and more tags become easy -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1478703 - None https://bugzilla.redhat.com/show_bug.cgi?id=1478703 --------------------------------------------------------------------------------
================================================================================ perl-Image-SubImageFind-0.03-13.fc26 (FEDORA-2017-8f27031c8f) Perl extension for locating a sub-image within an image -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ perl-Imager-1.006-1.fc26 (FEDORA-2017-27aac7d175) Perl extension for Generating 24 bit Images -------------------------------------------------------------------------------- Update Information:
Updated to the latest version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485626 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485626 --------------------------------------------------------------------------------
================================================================================ pfstools-2.0.6-3.fc26 (FEDORA-2017-8f27031c8f) Programs for handling high-dynamic range images -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ php-7.1.9-1.fc26 (FEDORA-2017-eb5736e109) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information:
**PHP version 7.1.9** (31 Aug 2017) **Core:** * Fixed bug php#74947 (Segfault in scanner on INF number). (Laruence) * Fixed bug php#74954 (null deref and segfault in zend_generator_resume()). (Bob) * Fixed bug php#74725 (html_errors=1 breaks unhandled exceptions). (Andrea) * Fixed bug php#75063 (Main CWD initialized with wrong codepage). (Anatol) **Date:** * Fixed bug��php#75002 (Null Pointer Dereference in timelib_time_clone). (Derick) **Intl:** * Fixed bug php#74993 (Wrong reflection on some locale_* functions). (Sara) **Mbstring:** * Fixed bug php#71606 (Segmentation fault mb_strcut with HTML- ENTITIES encoding). (cmb) * Fixed bug php#62934 (mb_convert_kana() does not convert iteration marks). (Nikita) * Fixed bug php#75001 (Wrong reflection on mb_eregi_replace). (Fabien Villepinte) **MySQLi:** * Fixed bug php#74968 (PHP crashes when calling mysqli_result::fetch_object with an abstract class). (Anatol) **Opcache:** * Fixed bug php#74980 (Narrowing occurred during type inference). (Laruence) **phar:** * Fixed bug php#74991 (include_path has a 4096 char limit in some cases). (bwbroersma) **Reflection:** * Fixed bug php#74949 (null pointer dereference in _function_string). (Laruence) **Session:** * Fixed bug php#74892 (Url Rewriting (trans_sid) not working on urls that start with "#"). (Andrew Nester) * Fixed bug php#74833 (SID constant created with wrong module number). (Anatol) **SimpleXML:** * Fixed bug php#74950 (nullpointer deref in simplexml_element_getDocNamespaces). (Laruence) **SPL:** * Fixed bug php#75049 (spl_autoload_unregister can't handle spl_autoload_functions results). (Laruence) * Fixed bug php#74669 (Unserialize ArrayIterator broken). (Andrew Nester) * Fixed bug php#74977 (Appending AppendIterator leads to segfault). (Andrew Nester) * Fixed bug php#75015 (Crash in recursive iterator destructors). (Julien) **Standard:** * Fixed bug php#75075 (unpack with X* causes infinity loop). (Laruence) * Fixed bug php#74103 (heap-use-after-free when unserializing invalid array size). (Nikita) * Fixed bug php#75054 (A Denial of Service Vulnerability was found when performing deserialization). (Nikita) **WDDX:** * Fixed bug php#73793 (WDDX uses wrong decimal seperator). (cmb) **XMLRPC:** * Fixed bug php#74975 (Incorrect xmlrpc serialization for classes with declared properties). (blar) --------------------------------------------------------------------------------
================================================================================ php-PHPMailer-5.2.25-1.fc26 (FEDORA-2017-d07f9514ae) PHP email transport class with a lot of features -------------------------------------------------------------------------------- Update Information:
**Version 5.2.25** (August 28th 2017) * Make obtaining SMTP transaction ID more reliable * Add Bosnian translation * This is the last official release in the legacy PHPMailer 5.2 series; there may be future security patches (which will be found in the [5.2-stable branch](https://github.com/PHPMailer/PHPMailer/tree/5.2-stable)), but no further non-security PRs or issues will be accepted. Migrate to PHPMailer 6.0. --------------------------------------------------------------------------------
================================================================================ php-behat-gherkin-4.4.5-1.fc26 (FEDORA-2017-cfc19d34ae) Gherkin DSL parser for PHP -------------------------------------------------------------------------------- Update Information:
Gherkin DSL parser for PHP. Autoloader: `/usr/share/php/Behat/Gherkin/autoload.php` -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483372 - None https://bugzilla.redhat.com/show_bug.cgi?id=1483372 --------------------------------------------------------------------------------
================================================================================ php-codeception-verify-0.4.0-1.fc26 (FEDORA-2017-c01260e7e6) BDD assertion library for PHPUnit -------------------------------------------------------------------------------- Update Information:
BDD Assertions for PHPUnit and Codeception This is very tiny wrapper for PHPUnit assertions, that are aimed to make tests a bit more readable. With BDD assertions influenced by Chai, Jasmine, and RSpec your assertions would be a bit closer to natural language. Autoloader: `/usr/share/php/Codeception/autoload- verify.php` -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483374 - None https://bugzilla.redhat.com/show_bug.cgi?id=1483374 --------------------------------------------------------------------------------
================================================================================ php-consolidation-annotated-command-2.4.13-1.fc26 (FEDORA-2017-03a4f30818) Initialize Symfony Console commands from annotated command class methods -------------------------------------------------------------------------------- Update Information:
### 2.4.13 - Add a followLinks() method. ### 2.4.12 - BUGFIX: Allow annotated commands to directly use InputInterface and OutputInterface (#106) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485331 - php-consolidation-annotated-command-2.4.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1485331 --------------------------------------------------------------------------------
================================================================================ php-consolidation-log-1.0.3-2.fc26 (FEDORA-2017-0e97376cb0) Improved Psr-3 / Psr\Log logger based on Symfony Console components -------------------------------------------------------------------------------- Update Information:
Consolidation\Log provides a Psr-3 compatible logger that provides styled log output to the standard error (stderr) stream. By default, styling is provided by the SymfonyStyle class from the Symfony Console component; however, alternative stylers may be provided if desired. Autoloader: `/usr/share/php/Consolidation/Log/autoload.php` -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483375 - None https://bugzilla.redhat.com/show_bug.cgi?id=1483375 --------------------------------------------------------------------------------
================================================================================ php-consolidation-output-formatters-3.1.11-1.fc26 (FEDORA-2017-e0d4f224df) Format text by applying transformations provided by plug-in formatters -------------------------------------------------------------------------------- Update Information:
## 3.1.11 Provide a ListDataFromKeys data type. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1482728 - php-consolidation-output-formatters-3.1.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1482728 --------------------------------------------------------------------------------
================================================================================ php-dflydev-dot-access-data-1.1.0-2.fc26 (FEDORA-2017-cf76248773) Given a deep data structure, access data by dot notation -------------------------------------------------------------------------------- Update Information:
Given a deep data structure, access data by dot notation. Autoloader: `/usr/share/php/Dflydev/DotAccessData/autoload.php` -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483376 - None https://bugzilla.redhat.com/show_bug.cgi?id=1483376 --------------------------------------------------------------------------------
================================================================================ php-flow-jsonpath-0.3.4-1.fc26 (FEDORA-2017-4f6843fc34) JSONPath implementation for parsing, searching and flattening arrays -------------------------------------------------------------------------------- Update Information:
This is a JSONPath [1] implementation for PHP based on Stefan Goessner's JSONPath script. JSONPath is an XPath-like expression language for filtering, flattening and extracting data. I believe that is improves on the original script (which was last updated in 2007) by doing a few things: * Object- oriented code (should be easier to manage or extend in future) * Expressions are parsed into tokens using some code cribbed from Doctrine Lexer and cached * There is no eval() in use * Performance is pretty much the same * Any combination of objects/arrays/ArrayAccess-objects can be used as the data input which is great if you're de-serializing JSON in to objects or if you want to process your own data structures. Autoloader: `/usr/share/php/Flow/JSONPath/autoload.php` [1] http://goessner.net/articles/JsonPath/ -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483381 - None https://bugzilla.redhat.com/show_bug.cgi?id=1483381 --------------------------------------------------------------------------------
================================================================================ php-henrikbjorn-lurker-1.2.0-1.fc26 (FEDORA-2017-b6ab3039fc) Resource watcher -------------------------------------------------------------------------------- Update Information:
Resource tracking for PHP. Watch files and/or directories. Autoloader: `/usr/share/php/Lurker/autoload.php` -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483382 - None https://bugzilla.redhat.com/show_bug.cgi?id=1483382 --------------------------------------------------------------------------------
================================================================================ php-horde-Horde-Compress-2.2.1-1.fc26 (FEDORA-2017-90e7b08ef3) Horde Compression API -------------------------------------------------------------------------------- Update Information:
**Horde_Compress 2.2.1** * [jan] Fix RAR compressed file names with unicode characters. --------------------------------------------------------------------------------
================================================================================ php-horde-Horde-Core-2.30.2-1.fc26 (FEDORA-2017-6ec6794d88) Horde Core Framework libraries -------------------------------------------------------------------------------- Update Information:
**Horde_Core 2.30.2** * [jan] Fix double line breaks in task description tooltips (Bug #14684). ---- **Horde_Core 2.30.1** * [mjr] Fix issue that could break ActiveSync sync if object not found. --------------------------------------------------------------------------------
================================================================================ php-horde-Horde-Date-2.4.1-1.fc26 (FEDORA-2017-3cd2423f1a) Horde Date package -------------------------------------------------------------------------------- Update Information:
**Horde_Date 2.4.1** * [jan] Fix translating the string representation of a recurrence rule. --------------------------------------------------------------------------------
================================================================================ php-horde-Horde-Imap-Client-2.29.15-1.fc26 (FEDORA-2017-13fbc03bed) Horde IMAP abstraction interface -------------------------------------------------------------------------------- Update Information:
**Horde_Imap_Client 2.29.15** * [jan] Fix expunging cache entries of a certain lifetime from the DB backend. --------------------------------------------------------------------------------
================================================================================ php-horde-Horde-Mime-Viewer-2.2.2-1.fc26 (FEDORA-2017-be6f223e9c) Horde MIME Viewer Library -------------------------------------------------------------------------------- Update Information:
**Horde_Mime_Viewer 2.2.2** * [jan] Fix bottom table line length of RAR archive summaries. --------------------------------------------------------------------------------
================================================================================ php-jakubledl-dissect-1.0.1-1.fc26 (FEDORA-2017-3a9a51ff88) Lexing and parsing in pure PHP -------------------------------------------------------------------------------- Update Information:
Dissect is a set of tools for lexical and syntactical analysis written in pure PHP. Autoloader: `/usr/share/php/Dissect/autoload.php` -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483383 - None https://bugzilla.redhat.com/show_bug.cgi?id=1483383 --------------------------------------------------------------------------------
================================================================================ php-latte-2.4.6-1.fc26 (FEDORA-2017-253ed46235) Latte: the amazing template engine for PHP -------------------------------------------------------------------------------- Update Information:
**Released version 2.4.6** * Engine: better error message when is unable to create file * Engine: throws exception when is unable to create directory * Parser: expands <script /> to <script></script> #164 * added |webalize (requires nette/utils) * added |reverse --------------------------------------------------------------------------------
================================================================================ php-league-container-2.4.1-1.fc26 (FEDORA-2017-7dbf3d3817) A fast and intuitive dependency injection container -------------------------------------------------------------------------------- Update Information:
A small but powerful dependency injection container that allows you to decouple components in your application in order to write clean and testable code. Autoloader: `/usr/share/php/League/Container/autoload.php` -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483384 - None https://bugzilla.redhat.com/show_bug.cgi?id=1483384 --------------------------------------------------------------------------------
================================================================================ php-nette-application-2.4.9-1.fc26 (FEDORA-2017-17ebcd1d8f) Nette Application MVC Component -------------------------------------------------------------------------------- Update Information:
**Released version 2.4.9** * Route: converts all scalar params to strings #185 * Route: fixed handling of required parameters with default value * ComponentReflection: 'sinces' are stored only for presenters, refactoring * Control: enhanced code completion for $template (#184) * Component::saveState() fixed compatibility with PHP 7.2 --------------------------------------------------------------------------------
================================================================================ php-nette-bootstrap-2.4.5-1.fc26 (FEDORA-2017-75d5233a9c) Nette Bootstrap -------------------------------------------------------------------------------- Update Information:
**Released version 2.4.5** * detectDebugMode() check for Forwarded header existence (#55) * Configurator:getCacheDirectory() throws exception when is unable to create directory --------------------------------------------------------------------------------
================================================================================ php-nette-caching-2.5.5-1.fc26 (FEDORA-2017-a10ad913db) Nette Caching Component -------------------------------------------------------------------------------- Update Information:
**Released version 2.5.5** * added Cache::NAMESPACES and support for cleaning namespace in FileStorage #52 * CacheExtension: throws exception when is unable to create directory --------------------------------------------------------------------------------
================================================================================ php-nette-forms-2.4.6-1.fc26 (FEDORA-2017-deb8686c45) Nette Forms: greatly facilitates web forms -------------------------------------------------------------------------------- Update Information:
**Released version 2.4.6** * addError() by default translates messages (BC break) * Revert "DefaultFormRenderer: added error message translation (#145)" #162 (introduced in v2.4.4) * FormMacros: fix edcompatibility between n:class macro and n:name form macro. (#159) * added Form::reset() --------------------------------------------------------------------------------
================================================================================ php-nette-http-2.4.7-1.fc26 (FEDORA-2017-8d9a313371) Nette HTTP Component -------------------------------------------------------------------------------- Update Information:
**Released version 2.4.7** * FileUpload: uses FileSystem * silenced each() deprecation notice in PHP 7.2 --------------------------------------------------------------------------------
================================================================================ php-nette-utils-2.4.8-1.fc26 (FEDORA-2017-60e2d0edf3) Nette Utility Classes -------------------------------------------------------------------------------- Update Information:
**Released version 2.4.8** * Html: accepts IHtmlString nette/forms#160 * Html::addText() accepts Html as setText() does * Reflection: added support for PHP 7.2 type 'object' * ArrayList: triggers notice when indexes are not integers * travis: compatible with PHP 7.2 --------------------------------------------------------------------------------
================================================================================ php-pear-crypt-gpg-1.6.1-1.fc26 (FEDORA-2017-db539fee31) GNU Privacy Guard (GnuPG) -------------------------------------------------------------------------------- Update Information:
**Version 1.6.1** * Fix Bug pear#21237: Use --skip-verify in decrypt() method * Update list of hash algorithm names * Add option to ignore signature verification errors on decrypt. --------------------------------------------------------------------------------
================================================================================ php-pecl-imagick-3.4.3-2.fc26 (FEDORA-2017-8f27031c8f) Provides a wrapper to the ImageMagick library -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ php-simplesamlphp-saml2_3-3.0.2-3.fc26 (FEDORA-2017-5e97020e4c) SAML2 PHP library from SimpleSAMLphp (version 3) -------------------------------------------------------------------------------- Update Information:
A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp [1], used by OpenConext [2]. This library started as a collaboration between UNINETT [3] and SURFnet [4] but everyone is invited to contribute. Autoloader: `/usr/share/php/SAML2_3/autoload.php` [1] https://www.simplesamlphp.org/ [2] https://www.openconext.org/ [3] https://www.uninett.no/ [4] https://www.surfnet.nl/ -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1470448 - None https://bugzilla.redhat.com/show_bug.cgi?id=1470448 --------------------------------------------------------------------------------
================================================================================ php-symfony-polyfill-1.5.0-1.fc26 (FEDORA-2017-6e6566b30e) Symfony polyfills backporting features to lower PHP versions -------------------------------------------------------------------------------- Update Information:
## v1.5.0 * added polyfill for spl_object_id() * fixed apcu function when apc ones are polyfilled with Zend Server's Data Cache * added `PHP_OS_FAMILY` polyfill -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1482156 - php-symfony-polyfill-1.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1482156 --------------------------------------------------------------------------------
================================================================================ php-zetacomponents-document-1.3.1-1.fc26 (FEDORA-2017-5863c2c0fa) Provides a general conversion framework for different documents -------------------------------------------------------------------------------- Update Information:
The document component offers transformations between different semantic markup languages, like: * ReStructured text [1] * XHTML [2] * Docbook [3] * eZ Publish XML markup [4] * Wiki markup languages, like: Creole [5], Dokuwiki [6] and Confluence [7] * Open Document Text [8] as used by OpenOffice.org [9] and other office suites Each format supports conversions from and to docbook as a central intermediate format and may implement additional shortcuts for conversions from and to other formats. Not each format can express the same semantics, so there may be some information lost. Autoloader: `/usr/share/php/ezc/Document/autoload.php` [1] http://docutils.sourceforge.net/rst.html [2] http://www.w3.org/TR/xhtml1/ [3] http://www.docbook.org/ [4] http://doc.ez.no/eZ-Publish/Technical- manual/4.x/Reference/XML-tags [5] http://www.wikicreole.org/ [6] http://www.dokuwiki.org/dokuwiki [7] http://confluence.atlassian.com/renderer/notationhelp.action?section=all [8] http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=office [9] http://www.openoffice.org/ -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1470355 - None https://bugzilla.redhat.com/show_bug.cgi?id=1470355 --------------------------------------------------------------------------------
================================================================================ pioneer-20170827-2.fc26 (FEDORA-2017-c855d31065) A game of lonely space adventure -------------------------------------------------------------------------------- Update Information:
- Exclude stripping of PNG files (bz#1486399) ---- - Update to 20170827 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486399 - None https://bugzilla.redhat.com/show_bug.cgi?id=1486399 --------------------------------------------------------------------------------
================================================================================ poedit-2.0.3-3.fc26 (FEDORA-2017-5948915201) GUI editor for GNU gettext .po files -------------------------------------------------------------------------------- Update Information:
- Add ExcludeArch: ppc64 s390x (because cld2 isn't available there) - Use cld2-devel for language detection - Add BuildRequires: gcc-c++ -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1428348 - None https://bugzilla.redhat.com/show_bug.cgi?id=1428348 --------------------------------------------------------------------------------
================================================================================ prename-1.9-4.fc26 (FEDORA-2017-1b44d15632) Perl script to rename multiple files -------------------------------------------------------------------------------- Update Information:
Added LICENSE from upstream -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1482997 - None https://bugzilla.redhat.com/show_bug.cgi?id=1482997 --------------------------------------------------------------------------------
================================================================================ psiconv-0.9.8-22.fc26 (FEDORA-2017-8f27031c8f) A conversion utility for Psion files -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ purple-discord-0-11.20170829git9115bd2.fc26 (FEDORA-2017-0fe1973bb6) Discord plugin for libpurple -------------------------------------------------------------------------------- Update Information:
Updated to latest snapshot. ---- Updated to latest snapshot. --------------------------------------------------------------------------------
================================================================================ purple-facebook-0.9.5-1.9ff9acf9fa14.fc26 (FEDORA-2017-859b740fd4) Facebook protocol plugin for purple2 -------------------------------------------------------------------------------- Update Information:
- New upstream release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1487200 - purple-facebook-0.9.5-9ff9acf9fa14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1487200 --------------------------------------------------------------------------------
================================================================================ pyp2rpm-3.2.3-1.fc26 (FEDORA-2017-70922f37a1) Convert Python packages to RPM SPECFILES -------------------------------------------------------------------------------- Update Information:
Update to 3.2.3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1420148 - pyp2rpm-3.2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1420148 --------------------------------------------------------------------------------
================================================================================ python-CDDB-1.4-22.fc26 (FEDORA-2017-0d5ed684e2) CDDB and FreeDB audio CD track info access in Python -------------------------------------------------------------------------------- Update Information:
- Python 2 binary package renamed to python2-cddb - Properly rename the package - Update to recent macros and guidelines - Drop obsolete stuff --------------------------------------------------------------------------------
================================================================================ python-ansible-tower-cli-3.1.7-1.fc26 (FEDORA-2017-8c475c5b40) A CLI tool for Ansible Tower -------------------------------------------------------------------------------- Update Information:
bugfix -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1470429 - python-ansible-tower-cli-v3.1.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1470429 --------------------------------------------------------------------------------
================================================================================ python-incremental-17.5.0-1.fc26 (FEDORA-2017-54dcb97085) It versions your Python projects -------------------------------------------------------------------------------- Update Information:
Initial package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484331 - None https://bugzilla.redhat.com/show_bug.cgi?id=1484331 --------------------------------------------------------------------------------
================================================================================ python-keyring-10.4.0-2.fc26 (FEDORA-2017-5dda04873f) Store and access your passwords safely -------------------------------------------------------------------------------- Update Information:
Update to python-keyring 10.4.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1464676 - None https://bugzilla.redhat.com/show_bug.cgi?id=1464676 --------------------------------------------------------------------------------
================================================================================ python-markdown-2.6.9-2.fc26 (FEDORA-2017-d77be4cb9e) Markdown implementation in Python -------------------------------------------------------------------------------- Update Information:
Update Python-Markdown to 2.6.9, a bug-fix release. --------------------------------------------------------------------------------
================================================================================ python-polib-1.0.7-9.fc26 (FEDORA-2017-f1f541fc40) A library to parse and manage gettext catalogs -------------------------------------------------------------------------------- Update Information:
- Several improvements for Fedora and EPEL - Package must be noarch --------------------------------------------------------------------------------
================================================================================ python-semver-2.7.8-1.fc26 (FEDORA-2017-eefac9d558) Python helper for Semantic Versioning -------------------------------------------------------------------------------- Update Information:
Support custom default names for pre and build -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485333 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485333 --------------------------------------------------------------------------------
================================================================================ python-treq-17.8.0-2.fc26 (FEDORA-2017-16b7dc8bfc) A requests-like API built on top of twisted.web's Agent -------------------------------------------------------------------------------- Update Information:
Enabled Doc build, Fix BR Issues and some nit picks -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484350 - Review Request: python-treq - A requests-like API built on top of twisted.web's Agent https://bugzilla.redhat.com/show_bug.cgi?id=1484350 --------------------------------------------------------------------------------
================================================================================ python-uranium-2.7.0-2.fc26 (FEDORA-2017-590ac11b0f) A Python framework for building desktop applications -------------------------------------------------------------------------------- Update Information:
New release of Cura dependencies. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486731 - libsavitar-2.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1486731 [ 2 ] Bug #1486741 - python-uranium-2.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1486741 --------------------------------------------------------------------------------
================================================================================ q-7.11-29.fc26 (FEDORA-2017-8f27031c8f) Equational programming language -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ rakudo-0.2017.08-1.fc26 (FEDORA-2017-7e04095858) Perl 6 compiler implementation that runs on MoarVM -------------------------------------------------------------------------------- Update Information:
update to 2017.08 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1478370 - None https://bugzilla.redhat.com/show_bug.cgi?id=1478370 [ 2 ] Bug #1478608 - None https://bugzilla.redhat.com/show_bug.cgi?id=1478608 --------------------------------------------------------------------------------
================================================================================ rebase-helper-0.10.1-1.fc26 (FEDORA-2017-9fb749366f) The tool that helps you to rebase your package to the latest version -------------------------------------------------------------------------------- Update Information:
News in **rebase-helper 0.10.1**: - Added `--version` argument - **Anitya** versioneer now primarily searches for projects using Fedora mapping - Python dependencies moved from `requirements.txt` to `setup.py` - Made `CustomManPagesBuilder` work with Sphinx >= 1.6 - *%prep* section parser is now able to handle backslash-split lines ---- News in **rebase-helper 0.10.0**: - Implemented extensible SPEC hooks and versioneers - Added **PyPI** SPEC hook for automatic fixing of Source URL of Python packages - Added **Anitya** and **PyPI** versioneers for determining latest upstream version of a package - Added possibility to download old version build of a package from Koji - Added support for test suite to be run in Docker containers - Implemented functional tests for automatic testing of whole rebase process - Diff against original source files is now generated as *changes.patch* - Introduced plugin system for extending build tools, checkers and output tools - Updated for **Koji 1.13** which finally brings Python 3 support - Improved output information and reports - Added colorized output - Improved project documentation - Pre-configured git username and e-mail address is now used if available - Fixed several issues in **rpmdiff** and especially **abipkgdiff** checkers - Fixed several test suite related issues --------------------------------------------------------------------------------
================================================================================ ripright-0.11-5.fc26 (FEDORA-2017-8f27031c8f) Minimal CD to FLAC ripper -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ rss-glx-0.9.1.p-29.fc26.1 (FEDORA-2017-8f27031c8f) Really Slick Screensavers -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ rubygem-byebug-9.1.0-1.fc26 (FEDORA-2017-3c6a321cd9) Ruby 2.0 fast debugger - base + CLI -------------------------------------------------------------------------------- Update Information:
New version 9.1.0 is released. --------------------------------------------------------------------------------
================================================================================ rubygem-pkg-config-1.2.7-1.fc26 (FEDORA-2017-5e66ab906f) A pkg-config implementation by Ruby -------------------------------------------------------------------------------- Update Information:
New version 1.2.7 is released. --------------------------------------------------------------------------------
================================================================================ rubygem-rack-attack-5.0.1-1.fc26 (FEDORA-2017-883608478a) Block & throttle abusive requests -------------------------------------------------------------------------------- Update Information:
A rack middleware for throttling and blocking abusive requests. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485907 - Review Request: rubygem-rack-attack - Block & throttle abusive requests https://bugzilla.redhat.com/show_bug.cgi?id=1485907 --------------------------------------------------------------------------------
================================================================================ rubygem-rmagick-2.16.0-4.fc26.2 (FEDORA-2017-8f27031c8f) Ruby binding to ImageMagick -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ rubygem-yell-2.0.7-2.fc26 (FEDORA-2017-4c2ec42376) Yell - Your Extensible Logging Library -------------------------------------------------------------------------------- Update Information:
Yell - Your Extensible Logging Library. Define multiple adapters, various log level combinations or message formatting options like you've never done before. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1450144 - Review Request: rubygem-yell - Yell - Your Extensible Logging Library https://bugzilla.redhat.com/show_bug.cgi?id=1450144 --------------------------------------------------------------------------------
================================================================================ sasutils-0.3.9-1.fc26 (FEDORA-2017-362e8db3c7) Serial Attached SCSI (SAS) utilities -------------------------------------------------------------------------------- Update Information:
First release of sasutils package in Fedora (#1452958). --------------------------------------------------------------------------------
================================================================================ scap-security-guide-0.1.35-1.fc26 (FEDORA-2017-9f4fba8dd9) Security guidance and baselines in SCAP formats -------------------------------------------------------------------------------- Update Information:
Update to latest upstream SCAP-Security-Guide-0.1.35 release: --------------------------------------------------------------------------------
================================================================================ sqlite-3.20.1-1.fc26 (FEDORA-2017-40a1119767) Library that implements an embeddable SQL database engine -------------------------------------------------------------------------------- Update Information:
Updated to version 3.20.1 (https://sqlite.org/releaselog/3_20_1.html) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485093 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485093 --------------------------------------------------------------------------------
================================================================================ synfig-1.2.0-9.fc26.1 (FEDORA-2017-8f27031c8f) Vector-based 2D animation rendering backend -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ synfigstudio-1.2.0-5.fc26 (FEDORA-2017-8f27031c8f) Vector-based 2D animation studio -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ techne-0.2.3-20.fc26 (FEDORA-2017-8f27031c8f) A general purpose, programmable physical simulator and renderer -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ tintin-2.01.3-1.fc26 (FEDORA-2017-692692d413) TinTin++, aka tt++, is a free MUD client -------------------------------------------------------------------------------- Update Information:
A new version of TinTin++ is available. See http://tintin.sourceforge.net/board/viewtopic.php?t=2486 for the summary of changes in this release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1485914 - None https://bugzilla.redhat.com/show_bug.cgi?id=1485914 --------------------------------------------------------------------------------
================================================================================ ugene-1.27.0-1.fc26 (FEDORA-2017-cb9fba339f) Integrated bioinformatics toolkit -------------------------------------------------------------------------------- Update Information:
Changes in the release include: Sanger Reads Editor: - Reads mapping to a reference sequence - Browsing of the result alignment with trace chromatograms - Editing of reads - Exporting of the results See this introductory video for the quick start - https://youtu.be/lDovNM1oZEw. --------------------------------------------------------------------------------
================================================================================ urh-1.8.5-1.fc26 (FEDORA-2017-680abcfb9a) Universal Radio Hacker: investigate wireless protocols like a boss -------------------------------------------------------------------------------- Update Information:
This is new version of urh. ---- This is new version of urh. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1486742 - urh-1.8.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1486742 [ 2 ] Bug #1485094 - urh-1.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1485094 --------------------------------------------------------------------------------
================================================================================ vdr-scraper2vdr-1.0.5-4.20170611git254122b.fc26 (FEDORA-2017-8f27031c8f) A client plugin which provides scraped metadata from EPGD to other plugins -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ vips-8.5.7-2.fc26 (FEDORA-2017-8f27031c8f) C/C++ library for processing large images -------------------------------------------------------------------------------- Update Information:
Many security fixes, bug fixes, and other changes from the previous version 6.9.3.0. See the [6.9 branch ChangeLog](https://github.com/ImageMagick/ImageMagi ck/blob/3fd358e2ac34977fda38a2cf4d88a1cb4dd2d7c7/ChangeLog). Dependent packages are mostly straight rebuilds, a couple also include bugfix version updates. ---- Rebuild to fix linking issue. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1471837 - CVE-2017-11352 ImageMagick: Improper EOF handling in coders/rle.c can trigger crash (Incomplete fix for CVE-2017-9144) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471837 [ 2 ] Bug #1471122 - CVE-2017-10995 ImageMagick: Out-of-bounds heap read in mng_get_long function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1471122 [ 3 ] Bug #1470670 - CVE-2017-11170 ImageMagick: Memory leak in ReadTGAImage function when processing TGA or VST file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1470670 [ 4 ] Bug #1465064 - CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8352 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1465064 [ 5 ] Bug #1455602 - CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1455602 [ 6 ] Bug #1453125 - CVE-2017-9098 ImageMagick: use of uninitialized memory in RLE decoder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453125 [ 7 ] Bug #1413898 - CVE-2016-9556 CVE-2016-9559 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1413898 [ 8 ] Bug #1408404 - CVE-2016-8707 ImageMagick: OOB write in convert utility when deflating TIFF files [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408404 [ 9 ] Bug #1483575 - CVE-2017-12587 ImageMagick: Resource exhaustion in ReadPWPImage function in coders\pwp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483575 [ 10 ] Bug #1299275 - ImageMagick-7.0.6-9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1299275 [ 11 ] Bug #1483132 - CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483132 [ 12 ] Bug #1483117 - CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12666 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1483117 [ 13 ] Bug #1482655 - CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12432 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482655 [ 14 ] Bug #1482626 - CVE-2017-12418 ImageMagick: Memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482626 [ 15 ] Bug #1350462 - CVE-2016-5841 CVE-2016-5842 imagemagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1350462 [ 16 ] Bug #1361494 - CVE-2016-6491 ImageMagick: Out-of-bounds read in CopyMagickMemory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361494 [ 17 ] Bug #1378790 - CVE-2014-9907 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 ... ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378790 [ 18 ] Bug #1361578 - CVE-2016-5010 ImageMagick: Out-of-bounds read when processing crafted tiff file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1361578 [ 19 ] Bug #1477566 - CVE-2017-12140 ImageMagick: integer signedness error in ReadDCMImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477566 [ 20 ] Bug #1477070 - CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-11753 CVE-2017-11754 CVE-2017-11755 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477070 [ 21 ] Bug #1475486 - CVE-2017-11644 ImageMagick: Memory-Leak in ReadMATImage() coders/mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475486 [ 22 ] Bug #1475471 - CVE-2017-11639 ImageMagick: heap-based buffer over-read in the WriteCIPImage() function in coders/cip.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475471 [ 23 ] Bug #1475464 - CVE-2017-11640 ImageMagick: NULL pointer dereference in WritePTIFImage() in coders/tiff.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475464 [ 24 ] Bug #1474846 - CVE-2017-11523 ImageMagick: Endless loop in ReadTXTImage function in coders/txt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474846 [ 25 ] Bug #1474420 - CVE-2017-11446 CVE-2017-11478 ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474420 [ 26 ] Bug #1473848 - CVE-2017-11360 ImageMagick: Resource exhaustion in ReadRLEImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473848 [ 27 ] Bug #1473825 - CVE-2017-11188 ImageMagick: Resource exhaustion in ReadDPXImage function in coders\dpx.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473825 [ 28 ] Bug #1473802 - CVE-2017-11448 ImageMagick: Info leak from from uninitialized memory in ReadJPEGImage function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473802 [ 29 ] Bug #1473799 - CVE-2017-11447 ImageMagick: Memory leak in ReadSCREENSHOTImage function in coders/screenshot.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473799 [ 30 ] Bug #1473797 - CVE-2017-11449 ImageMagick: coders/mpc.c don't validade blob sizes of stdin image input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473797 [ 31 ] Bug #1473775 - CVE-2017-11450 ImageMagick: Too short JPEG data causes denial of service in coders/jpeg.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473775 [ 32 ] Bug #1473758 - CVE-2017-11141 ImageMagick: Memory exhaustion in ReadMATImage function in coders\mat.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473758 [ 33 ] Bug #1473719 - CVE-2017-10928 ImageMagick: heap-based buffer over-read in the GetNextToken function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1473719 [ 34 ] Bug #1410515 - ImageMagick: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1410515 [ 35 ] Bug #1479313 - synfigstudio doesn't start https://bugzilla.redhat.com/show_bug.cgi?id=1479313 --------------------------------------------------------------------------------
================================================================================ vips-8.5.8-1.fc26 (FEDORA-2017-e1f35b90f3) C/C++ library for processing large images -------------------------------------------------------------------------------- Update Information:
- Fix transparency detection in merge - Fix WebP thumbnail upscale - Add `VIPS_WARNING` environment variable to hide warning messages - Shut down dzsave output earlier to help mark-sweep bindings --------------------------------------------------------------------------------
================================================================================ waf-1.9.13-1.fc26 (FEDORA-2017-8b5a622b8e) A Python-based build system -------------------------------------------------------------------------------- Update Information:
#### Waf 1.9.13 #### * Fix a regression introduced by #1974 on Python2 with unicode characters in config.log * Protobuf example update #2000 * Better detection for old msvc compilers #2002 * Better detection for old gcc compilers #2003 --------------------------------------------------------------------------------
================================================================================ wings-2.1.5-1.fc26 (FEDORA-2017-b5e23b9056) 3D Subdivision Modeler -------------------------------------------------------------------------------- Update Information:
* Ver. 2.1.5 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1424543 - None https://bugzilla.redhat.com/show_bug.cgi?id=1424543 [ 2 ] Bug #1403384 - None https://bugzilla.redhat.com/show_bug.cgi?id=1403384 [ 3 ] Bug #1379050 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379050 [ 4 ] Bug #1348753 - None https://bugzilla.redhat.com/show_bug.cgi?id=1348753 --------------------------------------------------------------------------------
================================================================================ wxGTK3-3.0.3-5.fc26 (FEDORA-2017-a6f10feeda) GTK port of the wxWidgets GUI library -------------------------------------------------------------------------------- Update Information:
Add upstream patch for avoiding destruction of TLWs that were never created -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1484955 - None https://bugzilla.redhat.com/show_bug.cgi?id=1484955 --------------------------------------------------------------------------------
================================================================================ xen-4.8.1-8.fc26 (FEDORA-2017-b7f1197c23) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information:
Qemu: usb: ohci: infinite loop due to incorrect return value [CVE-2017-9330] (#1457698) Qemu: nbd: segmentation fault due to client non-negotiation [CVE-2017-9524] (#1460173) Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort [CVE-2017-10664] (#1466466) Qemu: exec: oob access during dma operation [CVE-2017-11334] (#1471640) revised full fix for XSA-226 (regressed 32-bit Dom0 or backend domains) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1457697 - CVE-2017-9330 Qemu: usb: ohci: infinite loop due to incorrect return value https://bugzilla.redhat.com/show_bug.cgi?id=1457697 [ 2 ] Bug #1460170 - CVE-2017-9524 Qemu: nbd: segmentation fault due to client non-negotiation https://bugzilla.redhat.com/show_bug.cgi?id=1460170 [ 3 ] Bug #1466190 - CVE-2017-10664 Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort https://bugzilla.redhat.com/show_bug.cgi?id=1466190 [ 4 ] Bug #1471638 - CVE-2017-11334 Qemu: exec: oob access during dma operation https://bugzilla.redhat.com/show_bug.cgi?id=1471638 --------------------------------------------------------------------------------
================================================================================ xrootd-4.7.0-1.fc26 (FEDORA-2017-7154504612) Extended ROOT file server -------------------------------------------------------------------------------- Update Information:
XRootD 4.7.0. * Bindings for python 3 added (Fedora) * https://github.com/xrootd/xrootd/blob/v4.7.0/docs/ReleaseNotes.txt --------------------------------------------------------------------------------