The following Fedora 27 Security updates need testing: Age URL 100 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27 50 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c9395f9bec remctl-3.14-1.fc27 37 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a85044d389 ruby-2.4.4-88.fc27 32 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8dc6395408 dpdk-17.08.2-1.fc27 21 https://bodhi.fedoraproject.org/updates/FEDORA-2018-cf1dd2166b asterisk-14.7.6-2.fc27 18 https://bodhi.fedoraproject.org/updates/FEDORA-2018-775d96b54b blktrace-1.2.0-6.fc27 17 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6c01a593b0 ncurses-6.0-14.20170722.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ed35b82337 ca-certificates-2018.2.24-1.0.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a10c1d234e vim-syntastic-3.9.0-1.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6f962c5533 nodejs-base64-url-2.2.0-1.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9892225623 gifsicle-1.91-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aec846c0ef xen-4.9.2-4.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6e6f1003d6 xmlrpc-3.1.3-20.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d1cfa444d2 wireshark-2.6.1-1.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bab8cabe2a strongswan-5.6.2-6.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-812b5d5a71 chromium-66.0.3359.181-2.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-76c82b393e pdns-recursor-4.1.3-2.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9d0e4e40b5 kernel-4.16.12-200.fc27
The following Fedora 27 Critical Path updates have yet to be approved: Age URL 54 https://bodhi.fedoraproject.org/updates/FEDORA-2018-772fcd140c linux-firmware-20180402-83.git8c1e439c.fc27 17 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6c01a593b0 ncurses-6.0-14.20170722.fc27 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-25d5c86330 libidn-1.34-2.fc27 mcabber-1.1.0-1.fc27.1 pidgin-2.13.0-1.fc27.1 python-slixmpp-1.3.0-5.fc27.1 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d40d2a6711 osinfo-db-20180514-1.fc27 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6a754379dc evolution-data-server-3.26.6-2.fc27 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0666e6e061 libguestfs-1.38.2-1.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ed35b82337 ca-certificates-2018.2.24-1.0.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-400200f010 SDL2-2.0.7-3.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9081df8e37 vino-3.22.0-8.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-419559236b ntfs-3g-2017.3.23-6.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f2666b417c pungi-4.1.25-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aec846c0ef xen-4.9.2-4.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9d0e4e40b5 kernel-4.16.12-200.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6645ced5f8 xdg-utils-1.1.3-2.fc27
The following builds have been pushed to Fedora 27 updates-testing
cobbler-2.8.3-2.fc27 diorite-4.11.0-1.fc27 firefox-60.0.1-3.fc27 git-2.14.3-4.fc27 git-lfs-2.4.1-1.fc27 go-compilers-1-30.fc27 gpxsee-5.12-1.fc27 java-openjdk-10.0.1.10-4.fc27 latexmk-4.56-1.fc27 libtaskotron-0.7.0-1.fc27 libunistring-0.9.10-1.fc27 python-fedmsg-meta-fedora-infrastructure-0.25.0-1.fc27 selinux-policy-3.13.1-283.35.fc27 sssd-1.16.1-9.fc27 thunderbird-enigmail-2.0.6-1.fc27 units-2.14-6.fc27 vim-8.1.026-1.fc27
Details about builds:
================================================================================ cobbler-2.8.3-2.fc27 (FEDORA-2018-f96f72ce8f) Boot server configurator -------------------------------------------------------------------------------- Update Information:
Update to 2.8.3 - Fix security issue -------------------------------------------------------------------------------- ChangeLog:
* Mon May 28 2018 Nicolas Chauvet kwizart@gmail.com - 2.8.3-2 - Restore mergeability with epel7 * Mon May 28 2018 Nicolas Chauvet kwizart@gmail.com - 2.8.3-1 - Update to 2.8.3 - security bugfix * Wed Feb 21 2018 Orion Poplawski orion@nwra.com - 2.8.2-6 - Really fix django requires for Fedora 28+ * Tue Feb 20 2018 Orion Poplawski orion@nwra.com - 2.8.2-5 - Fix django requires for Fedora 28+ * Fri Feb 9 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 2.8.2-4 - Escape macros in %changelog * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 2.8.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Tue Feb 6 2018 Iryna Shcherbina ishcherb@redhat.com - 2.8.2-2 - Update Python 2 dependency declarations to new packaging standards (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1532470 - CVE-2017-1000469 cobbler: Command injection in the "add repo" component allows for remote code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1532470 --------------------------------------------------------------------------------
================================================================================ diorite-4.11.0-1.fc27 (FEDORA-2018-cf014465b2) Utility and widget library for Nuvola Player -------------------------------------------------------------------------------- Update Information:
Update to 4.11.0 -------------------------------------------------------------------------------- ChangeLog:
* Wed May 9 2018 Martin Gansser martinkg@fedoraproject.org - 4.11.0-1 - Update to stable 4.11.0 - Dropped %{name}-4.10.0.patch * Thu Mar 15 2018 Martin Gansser martinkg@fedoraproject.org - 4.10.0-1 - Update to stable 4.10.0 * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 4.9.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ firefox-60.0.1-3.fc27 (FEDORA-2018-a62434cca8) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information:
- Added fix for rhbz#1577277 which should fix Firefox IPC crashes. - Enabled optional Wayland backend -------------------------------------------------------------------------------- ChangeLog:
* Fri May 25 2018 Martin Stransky stransky@redhat.com - 60.0.1-3 - Added fix for mozbz#1436242 (rhbz#1577277) - Firefox IPC crashes. - Added fix for mozbz#1462640 - Sandbox disables eglGetDisplay() call on Wayland/EGL backend. * Fri May 25 2018 Martin Stransky stransky@redhat.com - 60.0.1-2 - Enable Wayland backend. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1577277 - Firefox 60 crashes when opening new window/tab https://bugzilla.redhat.com/show_bug.cgi?id=1577277 --------------------------------------------------------------------------------
================================================================================ git-2.14.3-4.fc27 (FEDORA-2018-080a3d7866) Fast Version Control System -------------------------------------------------------------------------------- Update Information:
Fix a segfault in rev-parse with invalid input (#1581678) and install contrib /diff-highlight (#1550251). -------------------------------------------------------------------------------- ChangeLog:
* Thu May 24 2018 Todd Zullinger tmz@pobox.com - 2.14.3-4 - Fix segfault in rev-parse with invalid input (#1581678) - Install contrib/diff-highlight (#1550251) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1550251 - diff-highlight needs building as part of the git package build https://bugzilla.redhat.com/show_bug.cgi?id=1550251 [ 2 ] Bug #1581678 - git: Null pointer dereference in git rev-parse with unknown hash https://bugzilla.redhat.com/show_bug.cgi?id=1581678 --------------------------------------------------------------------------------
================================================================================ git-lfs-2.4.1-1.fc27 (FEDORA-2018-ae678e91c6) Git extension for versioning large files -------------------------------------------------------------------------------- Update Information:
This release fixes a handful of bugs found and fixed since v2.4.0. In particular, Git LFS no longer panic()'s after invalid API responses, can correctly run 'fetch' on SHAs instead of references, migrates symbolic links correctly, and avoids writing to $HOME/.gitconfig more than is necessary. # Bugs * lfsapi: canonicalize extra HTTP headers #3010 (ttaylorr) * commands/lock: follow symlinks before locking #2996 (ttaylorr) * lfs/attribute.go: remove default value from upgradeables #2994 (ttaylorr) * git: include SHA1 in ref-less revisions #2982 (ttaylorr) * Do not migrate the symlinks to LFS objects. #2983 (patrickmarlier) * commands/uninstall: do not log about global hooks with --local #2976 (ttaylorr) * commands/run.go: exit 127 on unknown sub-command #2969 (ttaylorr) * commands/{un,}track: perform "prefix-agnostic" comparisons #2955 (ttaylorr) * commands/migrate: escape paths before .gitattributes #2933 (ttaylorr) * commands/ls-files: do not accept '--all' after '--' #2932 (ttaylorr) * tq: prevent uint64 underflow with invalid API response #2902 (ttaylorr) # Misc * test/test-env: skip comparing GIT_EXEC_PATH #3015 (ttaylorr) * remove reference to CLA from contributor's guide #2997 (zackse) * .gitattributes link is broken #2985 (zanglang) * commands: make --version a synonym for 'version' #2968, #3017 (ttaylorr) * test: ensure that git-mergetool(1) works with large files #2939 (ttaylorr) * README.md: note the correct PackageCloud URL #2960 (ttaylorr) * README.md: mention note about git lfs track retroactively #2948 (ttaylorr) * README.md: reorganize into Core Team, Alumni #2941 (ttaylorr) * README.md: nail_care #2942 (ttaylorr) * circle.yml: upgrade to 'version: 2' syntax #2928 (ttaylorr) * Use unique repo name for tests that require credentials. #2901 (QuLogic) -------------------------------------------------------------------------------- ChangeLog:
* Wed May 23 2018 Elliott Sales de Andrade quantum.analyst@gmail.com - 2.4.1-1 - Update to latest release * Mon May 21 2018 Carl George carl@george.computer - 2.4.0-3 - Fix %preun to correctly remove the lfs filter on uninstall (rhbz#1580357) * Mon Mar 12 2018 Carl George carl@george.computer - 2.4.0-2 - Add %go_arches fallback to work around Koji issues -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1581239 - git-lfs-2.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1581239 --------------------------------------------------------------------------------
================================================================================ go-compilers-1-30.fc27 (FEDORA-2018-86914538cc) Go language compilers for various architectures -------------------------------------------------------------------------------- Update Information:
- Bump to 4d469a3d37c21353fbd6bb306ce707dc4151fd1e - Extend .goipath with commit - Nits and improvements -------------------------------------------------------------------------------- ChangeLog:
* Mon May 28 2018 Jan Chaloupka jchaloup@redhat.com - 1-30 - Bump to 4d469a3d37c21353fbd6bb306ce707dc4151fd1e Extend .goipath with commit Nits and improvements --------------------------------------------------------------------------------
================================================================================ gpxsee-5.12-1.fc27 (FEDORA-2018-475580cbc7) GPS log file viewer and analyzer -------------------------------------------------------------------------------- Update Information:
News in version **5.12**: - Added support for Garmin JNX maps - Added support for GPX Garmin route extension - Several performance improvements -------------------------------------------------------------------------------- ChangeLog:
* Mon May 28 2018 Nikola Forr�� nforro@redhat.com - 5.12-1 - Update to version 5.12 resolves: #1582680 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1582680 - gpxsee-5.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1582680 --------------------------------------------------------------------------------
================================================================================ java-openjdk-10.0.1.10-4.fc27 (FEDORA-2018-588eea706a) OpenJDK Runtime Environment 10 -------------------------------------------------------------------------------- Update Information:
Fixes a NPE when building with multi-release jar in classpath. See RHBZ#1557375. -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 30 2018 Severin Gehwolf sgehwolf@redhat.com - 1:10.0.1.10-4 - Add JDK-8193802-npe-jar-getVersionMap.patch so as to fix RHBZ#1557375. --------------------------------------------------------------------------------
================================================================================ latexmk-4.56-1.fc27 (FEDORA-2018-29fa5ebb84) A make-like utility for LaTeX files -------------------------------------------------------------------------------- Update Information:
Changes in version 4.56: - Update example latexmrc file for pythontex. - Better error message when .bib file(s) not found. - Better handling and diagnostics when names of expected and actual names of .log disagree. - In particular, some automatic reconfiguration when .log file is not in expected place (e.g., because $aux_dir is different to $out_dir, but TeXLive is used, so -aux-directory option for TeX engines isn't supported). - Fix problem of .bib files sometimes not being found by bibtex when latexmk runs under msys and -outputdirectory is specified. - Add use of environment variable LATEXMKRCSYS to specify system rc file. -------------------------------------------------------------------------------- ChangeLog:
* Mon May 28 2018 Jerry James loganjerry@gmail.com - 4.56-1 - Update to 4.56 --------------------------------------------------------------------------------
================================================================================ libtaskotron-0.7.0-1.fc27 (FEDORA-2018-a811684769) Taskotron Support Library -------------------------------------------------------------------------------- Update Information:
- koji_utils: consider debugsource packages as debuginfo - fix: reintroduce --no-destroy - executor: fix running as root - fix: docs variables handling - Minion env matching extended with taskotron_match_* vars - Python 3 support for tests - create file indicating that results were reported -------------------------------------------------------------------------------- ChangeLog:
* Mon May 28 2018 Frantisek Zatloukal fzatlouk@redhat.com - 0.7.0-1 - koji_utils: consider debugsource packages as debuginfo - fix: reintroduce --no-destroy - executor: fix running as root - fix: docs variables handling - Minion env matching extended with taskotron_match_* vars - Python 3 support for tests - create file indicating that results were reported --------------------------------------------------------------------------------
================================================================================ libunistring-0.9.10-1.fc27 (FEDORA-2018-51102af7af) GNU Unicode string library -------------------------------------------------------------------------------- Update Information:
- Update to upstream 0.9.10 release -------------------------------------------------------------------------------- ChangeLog:
* Mon May 28 2018 Daiki Ueno dueno@redhat.com - 0.9.10-1 - Update to upstream 0.9.10 release --------------------------------------------------------------------------------
================================================================================ python-fedmsg-meta-fedora-infrastructure-0.25.0-1.fc27 (FEDORA-2018-cd698abd50) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information:
Update to 0.25.0 Changelog at: https://github.com/fedora- infra/fedmsg_meta_fedora_infrastructure/blob/develop/CHANGELOG.rst#0250 -------------------------------------------------------------------------------- ChangeLog:
* Fri May 25 2018 Pierre-Yves Chibon pingou@pingoured.fr - 0.25.0-1 - Update to 0.25.0 --------------------------------------------------------------------------------
================================================================================ selinux-policy-3.13.1-283.35.fc27 (FEDORA-2018-2a57dc63c1) SELinux policy configuration -------------------------------------------------------------------------------- Update Information:
More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1085680 -------------------------------------------------------------------------------- ChangeLog:
* Sun May 27 2018 Lukas Vrabec lvrabec@redhat.com - 3.13.1-283.35 - Allow sssd_t to kill sssd_selinux_manager_t - Allow brltty_t domain to be dbusd system client - Allow gpg_agent_t to send msgs to syslog/journal - Allow hypervvssd_t domain to read fixed disk devices - Allow userdom_use_user_ttys for loadkeys_t domain - Allow fsdaemon_t to create own fsdaemon_var_lib_t dirs BZ(1569724) - Append map permission to apache_read_modules() interface - Allow geoclue start with nnp systemd security feature with proper SELinux Domain transition BZ(1575212) - Allow xdm_t domain to listen ofor unix dgram sockets BZ(1581495) - Associate sysctl_vm_overcommit_t with fs_t -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1575628 - SELinux is preventing modprobe from 'map' accesses on the file /usr/lib/modules/4.16.0/kernel/net/nsh/nsh.ko. https://bugzilla.redhat.com/show_bug.cgi?id=1575628 [ 2 ] Bug #1571373 - SELinux is preventing nvidia-modprobe from create access on the chr_file nvidiactl. https://bugzilla.redhat.com/show_bug.cgi?id=1571373 [ 3 ] Bug #1569856 - SELinux prevents NMB (Samba) from starting. https://bugzilla.redhat.com/show_bug.cgi?id=1569856 [ 4 ] Bug #1579134 - SELinux is preventing lightdm-gtk-gre from 'map' accesses on the file /var/log/lightdm/.cache/mesa_shader_cache/index. https://bugzilla.redhat.com/show_bug.cgi?id=1579134 [ 5 ] Bug #1570996 - selinux AVC denial, nvidia-modprobe, after changing from Nouveau Drivers to Nvidia Linux Drivers. https://bugzilla.redhat.com/show_bug.cgi?id=1570996 [ 6 ] Bug #1581674 - AVC when brltty is started https://bugzilla.redhat.com/show_bug.cgi?id=1581674 [ 7 ] Bug #1553164 - SELinux is preventing sosreport from 'associate' accesses on the filesystem overcommit_memory. https://bugzilla.redhat.com/show_bug.cgi?id=1553164 [ 8 ] Bug #1572369 - SELinux is preventing httpd from 'map' accesses on public_content_t https://bugzilla.redhat.com/show_bug.cgi?id=1572369 [ 9 ] Bug #1529068 - sudo systemctl enable tangd.socket --now failed https://bugzilla.redhat.com/show_bug.cgi?id=1529068 [ 10 ] Bug #1577833 - SELinux is preventing nscd from 'write' accesses on the sock_file system_bus_socket. https://bugzilla.redhat.com/show_bug.cgi?id=1577833 --------------------------------------------------------------------------------
================================================================================ sssd-1.16.1-9.fc27 (FEDORA-2018-82213f4d94) System Security Services Daemon -------------------------------------------------------------------------------- Update Information:
Related: upstream#3742 - Change of: User may not run sudo --> a password is required -------------------------------------------------------------------------------- ChangeLog:
* Thu May 24 2018 Fabiano Fid��ncio fidencio@fedoraproject.org - 1.16.1-9 - Related: upstream#3742 - Change of: User may not run sudo --> a password is required * Thu May 17 2018 Fabiano Fid��ncio fidencio@fedoraproject.org - 1.16.1-8 - Revert 589d1a48 as the builders are back to f27 * Wed May 16 2018 Fabiano Fid��ncio fidencio@fedoraproject.org - 1.16.1-7 - Related: upstream#3436 - Certificates used in unit tests have limited lifetime - Add: "ExcludeArch: armv7hl" * Mon May 14 2018 Fabiano Fid��ncio fidencio@fedoraproject.org - 1.16.1-6 - Related: upstream#3436 - Add openssl, openssh and nss-tools as BuildRequires * Mon May 14 2018 Fabiano Fid��ncio fidencio@fedoraproject.org - 1.16.1-5 - Related: upstream#3436 - Certificates used in unit tests have limited lifetime - Resolves: upstream#3725 - sssd not honoring dyndns_server if the DNS update process is terminated with a signal - Resolves: upstream#3726 - SSSD with ID provider 'ad' should give a warning in case the ldap schema is manually changed to something different than 'ad'. - Related: upstream#2653 - Group renaming issue when "id_provider = ldap" is set. - Resolves: upstream#3719 - The SSSD IPA provider allocates information about external groups on a long lived memory context, causing memory growth of the sssd_be process - Resolves: upstream#3728 - Request by ID outside the min_id/max_id limit of a first domain does not reach the second domain - Resolves: upstream#3731 - nss_clear_netgroup_hash_table(): only remove entries from the hash table, do not free them - Resolves: upstream#3595 - ID override GID from Default Trust View is not properly resolved in case domain resolution order is set --------------------------------------------------------------------------------
================================================================================ thunderbird-enigmail-2.0.6-1.fc27 (FEDORA-2018-1f651350de) Authentication and encryption extension for Mozilla Thunderbird -------------------------------------------------------------------------------- Update Information:
Some more efail fixes, https://enigmail.net/index.php/en/download/changelog -------------------------------------------------------------------------------- ChangeLog:
* Mon May 28 2018 Christian Dersch lupinix@fedoraproject.org - 2.0.6-1 - new version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1583073 - enigmail: Multiple information leaks in responses to partially encrypted messages https://bugzilla.redhat.com/show_bug.cgi?id=1583073 --------------------------------------------------------------------------------
================================================================================ units-2.14-6.fc27 (FEDORA-2018-d787458160) A utility for converting amounts from one unit to another -------------------------------------------------------------------------------- Update Information:
- make units_cur work again (#1574835) -------------------------------------------------------------------------------- ChangeLog:
* Fri May 25 2018 Kamil Dudka kdudka@redhat.com - 2.14-6 - make units_cur work again (#1574835) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1574835 - units_cur broken (again) https://bugzilla.redhat.com/show_bug.cgi?id=1574835 --------------------------------------------------------------------------------
================================================================================ vim-8.1.026-1.fc27 (FEDORA-2018-4bb40591fe) The VIM editor -------------------------------------------------------------------------------- Update Information:
The newest upstream commit -------------------------------------------------------------------------------- ChangeLog:
* Mon May 28 2018 Karsten Hopp karsten@redhat.com 8.1.026-1 - patchlevel 026 * Thu May 24 2018 Karsten Hopp karsten@redhat.com 8.1.022-1 - patchlevel 022 * Wed May 23 2018 Karsten Hopp karsten@redhat.com 8.1.020-1 - patchlevel 020 * Tue May 22 2018 Karsten Hopp karsten@redhat.com 8.1.016-1 - patchlevel 016 * Mon May 21 2018 Karsten Hopp karsten@redhat.com 8.1.010-1 - patchlevel 010 * Fri May 18 2018 Karsten Hopp karsten@redhat.com 8.1.001-1 - patchlevel 001 * Fri May 18 2018 Zdenek Dohnal zdohnal@redhat.com - 8.0.1848-2 - vim-update.sh - update vimdir and baseversion(for major rebases) - vim-update.sh - enhance debugging of vim-update script * Thu May 17 2018 Karsten Hopp karsten@redhat.com 8.0.1848-1 - patchlevel 1848 --------------------------------------------------------------------------------