The following Fedora 27 Security updates need testing: Age URL 196 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27 128 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8dc6395408 dpdk-17.08.2-1.fc27 91 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3b33f65b01 nodejs-brace-expansion-1.1.11-1.fc27 82 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a748acc219 unrtf-0.21.9-8.fc27 59 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f6ccdeb750 mailman-2.1.21-9.fc27 59 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc864bb9e1 openslp-2.0.0-15.fc27 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-21ffebf41c tomcat-8.0.53-1.fc27 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e8533a3ef1 unixODBC-2.3.7-1.fc27 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7051d682fa ntp-4.2.8p12-1.fc27 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e914e7a9e2 chromium-68.0.3440.106-3.fc27 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fac5420dd1 obs-build-20180816-291.1.1.fc27 osc-0.163.0-237.1.1.fc27 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3a3c660bfa community-mysql-5.7.23-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-11ed8d95e2 libxkbcommon-0.8.2-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fe437a98d6 dolphin-emu-5.0-24.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f56ded11c4 openssh-7.6p1-6.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f0b7d1251 tcpflow-1.5.0-2.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7626df1731 yara-3.8.1-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6121f427e5 godot-3.0.6-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a42eb4ac61 python-pycryptodomex-3.6.6-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-236b486e01 capstone-3.0.5-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-28447b6f2e ghostscript-9.22-5.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a94668408d mod_perl-2.0.10-9.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c1ef35a4f9 glibc-2.26-30.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bb7f3f7ecf gd-2.2.5-6.fc27
The following Fedora 27 Critical Path updates have yet to be approved: Age URL 112 https://bodhi.fedoraproject.org/updates/FEDORA-2018-25d5c86330 libidn-1.34-2.fc27 mcabber-1.1.0-1.fc27.1 pidgin-2.13.0-1.fc27.1 python-slixmpp-1.3.0-5.fc27.1 72 https://bodhi.fedoraproject.org/updates/FEDORA-2018-200dba6b93 upower-0.99.8-1.fc27 36 https://bodhi.fedoraproject.org/updates/FEDORA-2018-05a68ea22e geoclue2-2.4.11-1.fc27 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-20c3deae24 iproute-4.17.0-1.fc27 14 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9320eeea0a pungi-4.1.27-1.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-344f454318 sssd-1.16.3-2.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6499677be6 firefox-61.0.2-3.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-90a16ffef6 ostree-2018.7-1.fc27 flatpak-builder-1.0.0-1.fc27 flatpak-1.0.0-1.fc27 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-91f97e9d4f glusterfs-3.12.13-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a39edb9f02 kernel-headers-4.17.19-1.fc27 kernel-tools-4.17.19-100.fc27 kernel-4.17.19-100.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-11ed8d95e2 libxkbcommon-0.8.2-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f56ded11c4 openssh-7.6p1-6.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-53d71963af vim-8.1.328-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7c8794e690 perl-PathTools-3.75-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c1ef35a4f9 glibc-2.26-30.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c223c11259 libldb-1.3.2-2.fc27.1.2.3 samba-4.7.10-0.fc27
The following builds have been pushed to Fedora 27 updates-testing
R-littler-0.3.4-1.fc27 buku-3.9-1.fc27 dmlite-1.10.4-2.fc27 dokuwiki-20180422a-2.fc27 fbreader-0.99.4-2.fc27 iniparser-4.0-7.20160821git.fc27 js-jsroot-5.5.1-1.fc27 keepassxc-2.3.4-1.fc27 libs3-4.1-0.1.20180821gita4d873f.fc27 pango-1.40.14-3.fc27 perl-Net-DNS-SEC-1.10-1.fc27 redhat-rpm-config-79-1.fc27 yum-utils-1.1.31-514.fc27
Details about builds:
================================================================================ R-littler-0.3.4-1.fc27 (FEDORA-2018-f4597d89ea) littler: R at the Command-Line via 'r' -------------------------------------------------------------------------------- Update Information:
littler 0.3.4 (mainly updates to examples). -------------------------------------------------------------------------------- ChangeLog:
* Fri Aug 31 2018 Mattias Ellert mattias.ellert@physics.uu.se - 0.3.4-1 - New upstream release 0.3.4 * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 0.3.3-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Tue Jul 10 2018 Pete Walter pwalter@fedoraproject.org - 0.3.3-5 - Rebuild for ICU 62 * Fri May 18 2018 Tom Callaway spot@fedoraproject.org - 0.3.3-4.1 - actually rebuild against R 3.5.0 --------------------------------------------------------------------------------
================================================================================ buku-3.9-1.fc27 (FEDORA-2018-ef60901785) Powerful command-line bookmark manager -------------------------------------------------------------------------------- Update Information:
Release 3.9 -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 30 2018 Robert-Andr�� Mauchin zebob.m@gmail.com - 3.9-1 - Release 3.9 --------------------------------------------------------------------------------
================================================================================ dmlite-1.10.4-2.fc27 (FEDORA-2018-1e57f29c7c) Lcgdm grid data management and storage framework -------------------------------------------------------------------------------- Update Information:
Bugfixes and improvements, in particular to service stability and space management. ---- Bugfixes and improvements, in particular to service stability and space management. ---- Fix for domeadapter configuration. -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 30 2018 Oliver Keeble oliver.keeble@cern.ch - 1.10.4-2 - Update dmlite-shell deps * Mon Aug 27 2018 Oliver Keeble oliver.keeble@cern.ch - 1.10.4-1 - New upstream release 1.10.4 * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 1.10.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Thu Jun 7 2018 Oliver Keeble oliver.keeble@cern.ch - 1.10.3-1 - New upstream release * Thu Apr 19 2018 Andrea Manzi amanzi@cern.ch - 1.10.2-1 - new upstream release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1603802 - dmlite: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603802 --------------------------------------------------------------------------------
================================================================================ dokuwiki-20180422a-2.fc27 (FEDORA-2018-a1bd27f59b) Standards compliant simple to use wiki -------------------------------------------------------------------------------- Update Information:
Fix Requires: ("python2-policycoreutils" is called "policycoreutils-python" in F27) ---- Update to upstream version 2018-04-22a -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 30 2018 Artur Iwicki fedora@svgames.pl - 20180422a-2 - Change dokuwiki-selinux Requires: ("python2-policycoreutils" is called "policycoreutils-python" in F27) * Sat Aug 25 2018 Artur Iwicki fedora@svgames.pl - 20180422a-1 - Change the versioning scheme * Mon Aug 20 2018 Artur Iwicki fedora@svgames.pl - 0-0.32.20180422a - Remove the "Group:" tag (no longer used in Fedora) - Replace the hand-written %releasetag with one generated from %releasenum * Fri Jul 13 2018 Peter 'Pessoft' Kol��nek fedora@pessoft.com - 0-0.31.20180422a - Update to the latest stable upstream 2018-04-22a "Greebo" (#1390291: CVE-2016-7964, CVE-2016-7965, CVE-2017-12583, CVE-2017-12979, CVE-2017-12980, CVE-2017-18123) - Fix missing vendor directory issue (#1372948) - Fix Apache config file for access to conf and bin - Replace more bundled code in vendor directory with Fedora packages (lesserphp, random_compat, phpseclib, simplepie) - Fix source to HTTPS * Fri Mar 30 2018 Iryna Shcherbina ishcherb@redhat.com - 0-0.30.20150810a - Update Python 2 dependency declarations to new packaging standards (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1390291 - CVE-2016-7964 CVE-2016-7965 CVE-2017-12583 CVE-2017-12979 CVE-2017-12980 CVE-2017-18123 dokuwiki: Various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1390291 [ 2 ] Bug #1372948 - Error 500 due to missing vendor directory /usr/share/dokuwiki/vendor https://bugzilla.redhat.com/show_bug.cgi?id=1372948 --------------------------------------------------------------------------------
================================================================================ fbreader-0.99.4-2.fc27 (FEDORA-2018-8d640a4e80) E-book reader -------------------------------------------------------------------------------- Update Information:
Updates to latest fbreader; simplify packaging now that only one GUI toolkit is supported -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 30 2018 Michel Alexandre Salim salimma@fedoraproject.org - 0.99.4-2 - Exclude building on armv7hl (bz #1624218) * Wed Aug 29 2018 Michel Alexandre Salim salimma@fedoraproject.org - 0.99.4-1 - Update to 0.99.4 - Obsolete zlibrary-ui-{gtk,qt} - only Qt4 is supported now * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 0.12.10-24 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 0.12.10-23 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Wed Aug 2 2017 Fedora Release Engineering releng@fedoraproject.org - 0.12.10-22 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild * Wed Jul 26 2017 Fedora Release Engineering releng@fedoraproject.org - 0.12.10-21 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild * Fri Feb 10 2017 Fedora Release Engineering releng@fedoraproject.org - 0.12.10-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild * Wed Feb 3 2016 Fedora Release Engineering releng@fedoraproject.org - 0.12.10-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1603949 - fbreader: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603949 --------------------------------------------------------------------------------
================================================================================ iniparser-4.0-7.20160821git.fc27 (FEDORA-2018-a2316e0baf) C library for parsing "INI-style" files -------------------------------------------------------------------------------- Update Information:
Security fix for BZ#1545825 -------------------------------------------------------------------------------- ChangeLog:
* Fri Aug 31 2018 Robin Lee cheeselee@fedoraproject.org - 4.0-7.20160821git - Backport fix for BZ#1545825 * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 4.0-6.20160821git - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 4.0-5.20160821git - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1545824 - iniparser: stack-buffer-underflow in iniparser_load in iniparser.c https://bugzilla.redhat.com/show_bug.cgi?id=1545824 --------------------------------------------------------------------------------
================================================================================ js-jsroot-5.5.1-1.fc27 (FEDORA-2018-c523cabd5b) JavaScript ROOT - Interactive numerical data analysis graphics -------------------------------------------------------------------------------- Update Information:
https://github.com/root-project/jsroot/blob/5.5.1/changes.md -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 30 2018 Mattias Ellert mattias.ellert@physics.uu.se - 5.5.1-1 - Update to version 5.5.1 --------------------------------------------------------------------------------
================================================================================ keepassxc-2.3.4-1.fc27 (FEDORA-2018-93e6e9b389) Cross-platform password manager -------------------------------------------------------------------------------- Update Information:
2.3.4 release -------------------------------------------------------------------------------- ChangeLog:
* Wed Aug 29 2018 Mukundan Ragavan nonamedotc@fedoraproject.org - 2.3.4-1 - Update to 2.3.4 * Thu Jul 19 2018 Mukundan Ragavan nonamedotc@fedoraproject.org - 2.3.3-3 - Fix FTBFS * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 2.3.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1623294 - KeePassXC 2.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1623294 --------------------------------------------------------------------------------
================================================================================ libs3-4.1-0.1.20180821gita4d873f.fc27 (FEDORA-2018-7359f568e2) C Library and Tools for Amazon S3 Access -------------------------------------------------------------------------------- Update Information:
libs3 4.1. -------------------------------------------------------------------------------- ChangeLog:
* Fri Aug 31 2018 Mattias Ellert mattias.ellert@physics.uu.se - 4.1-0.1.20180821gita4d873f - New github snapshot * Mon Jul 16 2018 Mattias Ellert mattias.ellert@physics.uu.se - 4.0-0.6.20170206git208bcba - Add BuildRequires on gcc - Packaging updates - Remove Group and BuildRoot tags - Don't clear the buildroot in the install section - Remove the clean section - Install license in licensedir - Use new ldconfig scriptlets macro * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 4.0-0.5.20170206git208bcba - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 4.0-0.4.20170206git208bcba - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ pango-1.40.14-3.fc27 (FEDORA-2018-83116f8692) System for layout and rendering of internationalized text -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2018-15120 -------------------------------------------------------------------------------- ChangeLog:
* Fri Aug 31 2018 Peng Wu pwu@redhat.com - 1.40.14-3 - Security fix for CVE-2018-15120 * Fri Aug 31 2018 Peng Wu pwu@redhat.com - 1.40.14-2 - Fixes crash with invalid Unicode sequences -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1613550 - CVE-2018-15120 pango: application crash triggered by unicode chars in pango-emoji.c https://bugzilla.redhat.com/show_bug.cgi?id=1613550 --------------------------------------------------------------------------------
================================================================================ perl-Net-DNS-SEC-1.10-1.fc27 (FEDORA-2018-f632ec12b9) DNSSEC modules for Perl -------------------------------------------------------------------------------- Update Information:
Update to 1.10 -------------------------------------------------------------------------------- ChangeLog:
* Fri Aug 31 2018 Paul Wouters pwouters@redhat.com - 1.10-1 - Update to 1.10 * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 1.09-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Fri Jun 29 2018 Jitka Plesnikova jplesnik@redhat.com - 1.09-2 - Perl 5.28 rebuild * Thu Jun 21 2018 Jitka Plesnikova jplesnik@redhat.com - 1.09-1 - 1.09 bump * Wed May 30 2018 Jitka Plesnikova jplesnik@redhat.com - 1.08-1 - 1.08 bump * Tue Mar 20 2018 Wes Hardaker wjhns174@hardakers.net - 1.05-1 - 1.05 bump * Fri Feb 16 2018 Jitka Plesnikova jplesnik@redhat.com - 1.04-1 - 1.04 bump --------------------------------------------------------------------------------
================================================================================ redhat-rpm-config-79-1.fc27 (FEDORA-2018-ec50f052bf) Red Hat specific rpm configuration files -------------------------------------------------------------------------------- Update Information:
Allow overriding the date in forge's dist macro. -------------------------------------------------------------------------------- ChangeLog:
* Fri Aug 31 2018 Fabio Valentini decathorpe@gmail.com - 79-1 - Allow overriding the date in forge's dist macro. --------------------------------------------------------------------------------
================================================================================ yum-utils-1.1.31-514.fc27 (FEDORA-2018-3aafb854a9) Utilities based around the yum package manager -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2018-10897 -------------------------------------------------------------------------------- ChangeLog:
* Fri Aug 31 2018 Michal Domonkos mdomonko@redhat.com - 1.1.31-514 - reposync: prevent path traversal (CVE-2018-10897) - Resolves: bug#1600454 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1600221 - CVE-2018-10897 yum-utils: reposync: improper path validation may lead to directory traversal https://bugzilla.redhat.com/show_bug.cgi?id=1600221 --------------------------------------------------------------------------------