The following Fedora 28 Security updates need testing: Age URL 296 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d510cfd7eb jgraphx-3.6.0.0-6.fc28 245 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d7aeaa74da nodejs-brace-expansion-1.1.11-1.fc28 244 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc073fdc1a nodejs-atob-2.1.1-1.fc28 120 https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc4b7af297 xerces-c27-2.7.0-28.fc28 72 https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28 72 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aa3752ac3c nginx-1.14.1-1.fc28 52 https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86ef9e22 squid-4.4-1.fc28 49 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b18f9dd65b tomcat-8.5.35-1.fc28 21 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e0eb3d797e systemd-238-11.gita76ee90.fc28 14 https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c1be924df gvfs-1.36.2-3.fc28 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-40f4af0687 poppler-0.62.0-14.fc28 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cf96757fe golang-1.10.8-1.fc28 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-333a7aa511 radvd-2.17-12.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-5146cd34e2 rdesktop-1.8.4-2.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cfd17b03d phpMyAdmin-4.8.5-1.fc28 2 https://bodhi.fedoraproject.org/updates/FEDORA-2019-96ac060af3 java-11-openjdk-11.0.2.7-0.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-7696bb57ca pdns-recursor-4.1.9-1.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6fafd84f5d python3-3.6.8-2.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-ef5551fcff perl-Email-Address-List-0.06-1.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-f1626b52e9 slurm-17.11.13-2.fc28
The following Fedora 28 Critical Path updates have yet to be approved: Age URL 72 https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28 52 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9f541b469b nfs-utils-2.3.3-1.rc2.fc28 42 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4dddcb3e5e highlight-3.48-1.fc28 21 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e0eb3d797e systemd-238-11.gita76ee90.fc28 19 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e8a902b473 selinux-policy-3.14.1-51.fc28 16 https://bodhi.fedoraproject.org/updates/FEDORA-2019-78153d357c totem-pl-parser-3.26.2-1.fc28 14 https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c1be924df gvfs-1.36.2-3.fc28 14 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2e1cc4fe99 pango-1.42.4-2.fc28 12 https://bodhi.fedoraproject.org/updates/FEDORA-2019-870e8d8234 osinfo-db-20190120-1.fc28 11 https://bodhi.fedoraproject.org/updates/FEDORA-2019-69bc69ce0b appstream-data-28-12.fc28 11 https://bodhi.fedoraproject.org/updates/FEDORA-2019-ffb6dfc8a9 p11-kit-0.23.15-1.fc28 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-40f4af0687 poppler-0.62.0-14.fc28 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-83a19b396a mingw-libwebp-1.0.2-1.fc28 libwebp-1.0.2-1.fc28 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-bb30467485 ostree-2019.1-2.fc28 rpm-ostree-2019.1-1.fc28 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-752f205a3a python-productmd-1.19-1.fc28 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e9c4843d39 volume_key-0.3.12-2.fc28 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8ae6a68d7b fwupd-1.2.3-1.fc28 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8a8196e1e1 vim-8.1.818-1.fc28 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-333a7aa511 radvd-2.17-12.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8d89d06043 ibus-1.5.19-10.fc28 2 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2735cb18d8 lorax-28.26-1.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-7d3500d712 kernel-headers-4.20.6-100.fc28 kernel-4.20.6-100.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6fafd84f5d python3-3.6.8-2.fc28
The following builds have been pushed to Fedora 28 updates-testing
R-littler-0.3.6-1.fc28 console-login-helper-messages-0.13-4.fc28 cups-filters-1.20.0-13.fc28 egl-wayland-1.1.2-1.fc28 gajim-1.1.2-3.fc28 hplip-3.18.12-3.fc28 indent-2.2.11-25.fc28 iproute-4.20.0-1.fc28 libwmf-0.2.12-1.fc28 oci-umount-2.5-1.gitc3cda1f.fc28 perl-Inline-Struct-0.27-1.fc28 php-sebastian-environment4-4.1.0-1.fc28 phpunit6-6.5.14-1.fc28 phpunit7-7.5.3-1.fc28 python-caja-1.20.2-2.fc28 python-nbxmpp-0.6.9-1.fc28 python-precis_i18n-1.0-2.fc28
Details about builds:
================================================================================ R-littler-0.3.6-1.fc28 (FEDORA-2019-d5932a59a1) littler: R at the Command-Line via 'r' -------------------------------------------------------------------------------- Update Information:
New version. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Mattias Ellert mattias.ellert@physics.uu.se - 0.3.6-1 - New upstream release 0.3.6 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 0.3.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ console-login-helper-messages-0.13-4.fc28 (FEDORA-2019-1d33b2e78e) Combines motd, issue, profile features to show system information to the user before/on login -------------------------------------------------------------------------------- Update Information:
Adds a new package to updates-testing: console-login-helper-messages - Shows helper information in terminal before/after login (approved: https://bugzilla.redhat.com/show_bug.cgi?id=1667174) - upstream: https://github.com/rfairley/console-login-helper-messages - steps to check functionality: https://github.com/rfairley/console-login-helper- messages/blob/master/reviewers.md --------------------------------------------------------------------------------
================================================================================ cups-filters-1.20.0-13.fc28 (FEDORA-2019-e377866325) OpenPrinting CUPS filters and backends -------------------------------------------------------------------------------- Update Information:
cups-brf needs to be run as root -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Zdenek Dohnal zdohnal@redhat.com - 1.20.0-13 - cups-brf needs to be run as root --------------------------------------------------------------------------------
================================================================================ egl-wayland-1.1.2-1.fc28 (FEDORA-2019-087d42c74c) Wayland EGL External Platform library -------------------------------------------------------------------------------- Update Information:
- Update to latest release. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Leigh Scott leigh123linux@googlemail.com - 1.1.2-1 - Update to 1.1.2 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.1.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ gajim-1.1.2-3.fc28 (FEDORA-2019-7cba5ed82b) Jabber client written in PyGTK -------------------------------------------------------------------------------- Update Information:
For the list of changes see: https://dev.gajim.org/gajim/gajim/blob/gajim-1.1.2/ChangeLog -------------------------------------------------------------------------------- ChangeLog:
* Tue Jan 29 2019 Michal Schmidt mschmidt@redhat.com - 1.1.2-3 - Drop python3-crypto dependency. - Enable python dependency generator. * Mon Jan 28 2019 Michal Schmidt mschmidt@redhat.com - 1.1.2-2 - Require python-precis_i18n now that it's available. * Thu Jan 24 2019 Michal Schmidt mschmidt@redhat.com - 1.1.2-1 - Upstream release 1.1.2. * Fri Jan 4 2019 Michal Schmidt mschmidt@redhat.com - 1.1.1-1 - Upstream release 1.1.1. - Make precis-i18n dep optional until it's available in Fedora. * Wed Nov 14 2018 Michal Schmidt mschmidt@redhat.com - 1.1.0-2 - Update runtime requirements according to upstream README. * Wed Nov 14 2018 Michal Schmidt mschmidt@redhat.com - 1.1.0-1 - Upstream release 1.1.0. --------------------------------------------------------------------------------
================================================================================ hplip-3.18.12-3.fc28 (FEDORA-2019-e7040e9d05) HP Linux Imaging and Printing Project -------------------------------------------------------------------------------- Update Information:
hp-setup crashes when user specifies path to PPD -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Zdenek Dohnal zdohnal@redhat.com - 3.18.12-3 - m277-m281 printer support got some fixes, so try to do not use our downstream patch - hpcups-update-ppds can freeze sometimes, add timeout for to be sure - fixed hp-setup crash when user wants to define path to PPD file * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 3.18.12-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ indent-2.2.11-25.fc28 (FEDORA-2019-ee46877ad3) A GNU program for formatting C code -------------------------------------------------------------------------------- Update Information:
This release adds support for binary literals (e.g. 0b01) that are recognized by a GCC compiler. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Petr Pisar ppisar@redhat.com - 2.2.11-25 - Recognize binary integer literals (bug #1655319) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1655319 - missing binary number format token https://bugzilla.redhat.com/show_bug.cgi?id=1655319 --------------------------------------------------------------------------------
================================================================================ iproute-4.20.0-1.fc28 (FEDORA-2019-cb4a3023ef) Advanced IP routing and network device configuration tools -------------------------------------------------------------------------------- Update Information:
New version 4.20.0 to match kernel version -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Phil Sutter psutter@redhat.com - 4.20.0-1 - New version 4.20.0 - Add upstream-suggested backports - Upstream dropped cbq script, remove it along with related configs - Add libcap support --------------------------------------------------------------------------------
================================================================================ libwmf-0.2.12-1.fc28 (FEDORA-2019-e9bc354ee8) Windows MetaFile Library -------------------------------------------------------------------------------- Update Information:
CVE-2019-6978: double free in the gdImage*Ptr in gd_jpeg.c, and gd_wbmp.c -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Caol��n McNamara caolanm@redhat.com - 0.2.12-1 - Related: rhbz#1671392/rhbz#1671621 unwanted soname bump * Fri Feb 1 2019 Rex Dieter rdieter@fedoraproject.org - 0.2.11-2 - track library sonames so bumps aren't a surprise - use %make_build %make_install macros * Thu Jan 31 2019 Caol��n McNamara caolanm@redhat.com - 0.2.11-1 - Resolves: rhbz#1671392 CVE-2019-6978 latest version * Fri Aug 10 2018 Caol��n McNamara caolanm@redhat.com - 0.2.10-1 - latest version * Fri Aug 10 2018 Caol��n McNamara caolanm@redhat.com - 0.2.9-5 - Related: rhbz#1602602 fix more clang warnings * Fri Aug 10 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 0.2.9-4 - Switch to %ldconfig_scriptlets * Fri Aug 10 2018 Caol��n McNamara caolanm@redhat.com - 0.2.9-3 - Related: rhbz#1602602 fix more clang warnings * Fri Aug 10 2018 Caol��n McNamara caolanm@redhat.com - 0.2.9-2 - Related: rhbz#1602602 fix clang warnings -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1671392 - CVE-2019-6978 libwmf: gd: double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671392 [ 2 ] Bug #1671621 - gimp-2.10.8-5.fc29 requires libwmf-0.2.so.7 and libwmflite-0.2.so.7, but libwmf-0.2.11-1.fc29 provides libwmf-0.2.so.8 and libwmf-lite-0.2.11-1.fc29 provides libwmflite-0.2.so.8 https://bugzilla.redhat.com/show_bug.cgi?id=1671621 --------------------------------------------------------------------------------
================================================================================ oci-umount-2.5-1.gitc3cda1f.fc28 (FEDORA-2019-f5eb6bc542) OCI umount hook for docker -------------------------------------------------------------------------------- Update Information:
Coverity fixes and man pages. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Dan Walsh dwalsh@redhat.com - 2:2.5-1.git - Add Man page - Fix converity issues. * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 2:2.3.4-2.git87f9237 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1612205 - Man page scan results for oci-umount https://bugzilla.redhat.com/show_bug.cgi?id=1612205 --------------------------------------------------------------------------------
================================================================================ perl-Inline-Struct-0.27-1.fc28 (FEDORA-2019-368b440898) Manipulate C structures directly from Perl -------------------------------------------------------------------------------- Update Information:
This release adds support for pointers to functions. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 28 2019 Petr Pisar ppisar@redhat.com - 0.27-1 - 0.27 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669888 - perl-Inline-Struct-0.27 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669888 --------------------------------------------------------------------------------
================================================================================ php-sebastian-environment4-4.1.0-1.fc28 (FEDORA-2019-e335d05b6b) Handle HHVM/PHP environments -------------------------------------------------------------------------------- Update Information:
**Version 4.1.0** - 2019-02-01 **Added** * Implemented `Runtime::getNameWithVersionAndCodeCoverageDriver()` method * Implemented [#34](https://github.com/sebastianbergmann/environment/pull/34): Support for PCOV extension ---- **Version 4.0.2** - 2019-01-28 **Fixed** * Fixed [#33](https://github.com/sebastianbergmann/environment/issues/33): `Runtime::discardsComments()` returns true too eagerly **Removed** * Removed support for Zend Optimizer+ in `Runtime::discardsComments()` -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Remi Collet remi@remirepo.net - 4.1.0-1 - update to 4.1.0 * Wed Jan 30 2019 Remi Collet remi@remirepo.net - 4.0.2-1 - update to 4.0.2 --------------------------------------------------------------------------------
================================================================================ phpunit6-6.5.14-1.fc28 (FEDORA-2019-66a167ad26) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information:
**Version 6.5.14** - 2019-02-01 **Fixed** * Fixed [#3459](https://github.com/sebastianbergmann/phpunit/issues/3459): `@requires` function swallows digits at the end of function name -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Remi Collet remi@remirepo.net - 6.5.14-1 - update to 6.5.14 --------------------------------------------------------------------------------
================================================================================ phpunit7-7.5.3-1.fc28 (FEDORA-2019-fa2730b5f8) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information:
**Version 7.5.3** - 2019-02-01 **Fixed** * Fixed [#3490](https://github.com/sebastianbergmann/phpunit/pull/3490): Exceptions in `tearDownAfterClass()` kill PHPUnit **Deprecated** * The method `assertArraySubset()` is now deprecated. There is no behavioral change in this version of PHPUnit. Using this method will trigger a deprecation warning in PHPUnit 8 and in PHPUnit 9 this method will be removed. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Remi Collet remi@remirepo.net - 7.5.3-1 - update to 7.5.3 --------------------------------------------------------------------------------
================================================================================ python-caja-1.20.2-2.fc28 (FEDORA-2019-305db4d8db) Python bindings for Caja -------------------------------------------------------------------------------- Update Information:
- add upstream python2/3 support improvements from master branch -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Wolfgang Ulbrich fedora@raveit.de - 1:1.20.2-2 - add upstream python2/3 support improvements from master branch --------------------------------------------------------------------------------
================================================================================ python-nbxmpp-0.6.9-1.fc28 (FEDORA-2019-7cba5ed82b) Python library for non-blocking use of Jabber/XMPP -------------------------------------------------------------------------------- Update Information:
For the list of changes see: https://dev.gajim.org/gajim/gajim/blob/gajim-1.1.2/ChangeLog -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 24 2019 Michal Schmidt mschmidt@redhat.com - 0.6.9-1 - Upstream release 0.6.9. * Wed Nov 14 2018 Michal Schmidt mschmidt@redhat.com - 0.6.8-1 - Upstream release 0.6.8. --------------------------------------------------------------------------------
================================================================================ python-precis_i18n-1.0-2.fc28 (FEDORA-2019-7cba5ed82b) Python library for internationalized usernames and passwords -------------------------------------------------------------------------------- Update Information:
For the list of changes see: https://dev.gajim.org/gajim/gajim/blob/gajim-1.1.2/ChangeLog --------------------------------------------------------------------------------