The following Fedora 28 Security updates need testing: Age URL 295 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d510cfd7eb jgraphx-3.6.0.0-6.fc28 244 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d7aeaa74da nodejs-brace-expansion-1.1.11-1.fc28 243 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc073fdc1a nodejs-atob-2.1.1-1.fc28 119 https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc4b7af297 xerces-c27-2.7.0-28.fc28 71 https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28 71 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aa3752ac3c nginx-1.14.1-1.fc28 51 https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86ef9e22 squid-4.4-1.fc28 47 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b18f9dd65b tomcat-8.5.35-1.fc28 20 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e0eb3d797e systemd-238-11.gita76ee90.fc28 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c1be924df gvfs-1.36.2-3.fc28 9 https://bodhi.fedoraproject.org/updates/FEDORA-2019-40f4af0687 poppler-0.62.0-14.fc28 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cf96757fe golang-1.10.8-1.fc28 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-333a7aa511 radvd-2.17-12.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-5146cd34e2 rdesktop-1.8.4-2.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cfd17b03d phpMyAdmin-4.8.5-1.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2019-aa99c99f24 firefox-65.0-1.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2019-96ac060af3 java-11-openjdk-11.0.2.7-0.fc28
The following Fedora 28 Critical Path updates have yet to be approved: Age URL 71 https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28 51 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9f541b469b nfs-utils-2.3.3-1.rc2.fc28 41 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4dddcb3e5e highlight-3.48-1.fc28 20 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e0eb3d797e systemd-238-11.gita76ee90.fc28 18 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e8a902b473 selinux-policy-3.14.1-51.fc28 15 https://bodhi.fedoraproject.org/updates/FEDORA-2019-78153d357c totem-pl-parser-3.26.2-1.fc28 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c1be924df gvfs-1.36.2-3.fc28 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2e1cc4fe99 pango-1.42.4-2.fc28 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-0956d60ffd krb5-1.16.1-25.fc28 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-7ad550b301 glusterfs-4.1.7-2.fc28 13 https://bodhi.fedoraproject.org/updates/FEDORA-2019-031b192323 gnome-online-accounts-3.28.1-1.fc28 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-69bc69ce0b appstream-data-28-12.fc28 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-ffb6dfc8a9 p11-kit-0.23.15-1.fc28 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-870e8d8234 osinfo-db-20190120-1.fc28 9 https://bodhi.fedoraproject.org/updates/FEDORA-2019-40f4af0687 poppler-0.62.0-14.fc28 9 https://bodhi.fedoraproject.org/updates/FEDORA-2019-83a19b396a mingw-libwebp-1.0.2-1.fc28 libwebp-1.0.2-1.fc28 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-e9c4843d39 volume_key-0.3.12-2.fc28 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8ae6a68d7b fwupd-1.2.3-1.fc28 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8a8196e1e1 vim-8.1.818-1.fc28 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-bb30467485 ostree-2019.1-2.fc28 rpm-ostree-2019.1-1.fc28 6 https://bodhi.fedoraproject.org/updates/FEDORA-2019-752f205a3a python-productmd-1.19-1.fc28 4 https://bodhi.fedoraproject.org/updates/FEDORA-2019-333a7aa511 radvd-2.17-12.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2019-8d89d06043 ibus-1.5.19-10.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2019-2735cb18d8 lorax-28.26-1.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2019-aa99c99f24 firefox-65.0-1.fc28
The following builds have been pushed to Fedora 28 updates-testing
389-ds-base-1.4.0.21-1.fc28 ansible-2.7.6-1.fc28 distribution-gpg-keys-1.28-1.fc28 dreamweb-1.1-9.fc28 ignition-0.30.0-2.git308d7a0.fc28 ipmctl-01.00.00.3402-1.fc28 kernel-4.20.6-100.fc28 kernel-headers-4.20.6-100.fc28 kronosnet-1.7-1.fc28 libwmf-0.2.11-1.fc28 mame-0.206-1.fc28 pdns-recursor-4.1.9-1.fc28 perl-Email-Address-List-0.06-1.fc28 perl-Ouch-0.0501-1.fc28 php-phpseclib-2.0.14-1.fc28 php-sebastian-environment4-4.0.2-1.fc28 python-certbot-dns-route53-0.30.2-2.fc28 python3-3.6.8-2.fc28 slurm-17.11.13-2.fc28
Details about builds:
================================================================================ 389-ds-base-1.4.0.21-1.fc28 (FEDORA-2019-201ffffa3e) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information:
Bump version to 1.4.0.21 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Mark Reynolds mreynolds@redhat.com - 1.4.0.21-1 - Bump version to 1.4.0.21 - Ticket 50041 - CLI and WebUI - Add memberOf plugin functionality - Ticket 50079 `Fix for ticket 50059: If an object is nsds5replica, it must be cn=replica` - Ticket 50125 - perl fix ups for tmpfiles - Ticket 50164 - Add test for dscreate - Ticket 50059: If an object is nsds5replica, it must be cn=replica - Ticket 50169 - lib389 changed hardcoded systemctl path - Ticket 50165 - Fix dscreate issues - Ticket 50152 - Replace os.getenv('HOME') with os.path.expanduser - Fix compiler warning in snmp main() - Fix compiler warning in init.c - Ticket 49540 - FIx compiler warning in ldif2ldbm - Ticket 50077 - Fix compiler warnings in automember rebuild task - Ticket 49972 - use-after-free in case of several parallel krb authentication - Ticket 50161 - Fixed some descriptions in "dsconf backend --help" - Ticket 50153 - Increase default max logs - Ticket 50123 - with_tmpfiles_d is associated to systemd - Ticket 49984 - python installer add option to create suffix entry - Ticket 50077 - RFE - improve automember plugin to work with modify ops - Ticket 50136 - Allow resetting passwords on the CLI - Ticket 49994 - Adjust dsconf backend usage - Ticket 50138 - db2bak.pl -P LDAPS does not work when nsslapd-securePort is missing - Ticket 50122 - Fix incorrect path spec - Ticket 50145 - Add a verbose option to the backup tools - Ticket 50056 - dsctl db2ldif throws an exception - Ticket 50078 - cannot add cenotaph in read only consumer - Ticket 50126 - Incorrect usage of sudo in test - Ticket 50130 - Building RPMs on RHEL8 fails - Ticket 50134 - fixup-memberof.pl does not respect protocol requested - Ticket 50122 - Selinux test for presence - Ticket 50101 - Port fourwaymmr Test TET suit to python3 - Ticket 50091 - shadowWarning is not generated if passwordWarning is lower than 86400 seconds (1 day). - Ticket 50128 - NS Stress fails without ipv6 - Ticket 49618 - Set nsslapd-cachememsize to custom value - Ticket 50117 - after certain failed import operation, impossible to replay an import operation - Ticket 49999 - rpm.mk dist-bz2 should clean cockpit_dist first - Ticket 48064 - Fix various issues in disk monitoring test suite - Ticket 49938 - lib389 - Clean up CLI logging - Ticket 49761 - Fix CI test suite issues - Ticket 50056 - Fix UI bugs (part 2) - Ticket 48064 - CI test - disk_monitoring - Ticket 50099 - extend error messages - Ticket 50099 - In FIPS mode, the server can select an unsupported password storage scheme - Ticket 50041 - Add basic plugin UI/CLI wrappers - Ticket 50082 - Port state test suite - Ticket 49574 - remove index subsystem - Ticket 49588 - Add py3 support for tickets : part-5 - Ticket 50095 - cleanup deprecated key.h includes --------------------------------------------------------------------------------
================================================================================ ansible-2.7.6-1.fc28 (FEDORA-2019-50713f12e6) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information:
Update to 2.7.6 bugfix release. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 17 2019 Kevin Fenzi kevin@scrye.com - 2.7.6-1 - Update to 2.7.6. --------------------------------------------------------------------------------
================================================================================ distribution-gpg-keys-1.28-1.fc28 (FEDORA-2019-0020a0ceec) GPG keys of various Linux distributions -------------------------------------------------------------------------------- Update Information:
- update copr keys - Add cuda 2019 - el8 - fedora 31 keys (rpmfusion) ---- updated Copr keys -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Miroslav Such�� msuchy@redhat.com 1.28-1 - update copr keys - Add cuda 2019 - el8 - fedora 31 keys (rpmfusion) * Wed Jan 2 2019 Miroslav Such�� msuchy@redhat.com 1.27-1 - update copr keys --------------------------------------------------------------------------------
================================================================================ dreamweb-1.1-9.fc28 (FEDORA-2019-77dc1be473) Click-and-point adventure with the look and feel of Ridley Scott's Blade Runner -------------------------------------------------------------------------------- Update Information:
- Modernize spec file -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Bj��rn Esser besser82@fedoraproject.org - 1.1-9 - Modenize spec file * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.1-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 1.1-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ ignition-0.30.0-2.git308d7a0.fc28 (FEDORA-2019-c9d23c7f21) First boot installer and configuration tool -------------------------------------------------------------------------------- Update Information:
Bump to ignition-dracut fa7131b - 7579b92 journal: add clarifying comment for context - a6551f1 Remount /sysroot rw (#38) - ignition-firstboot-complete.service: Remount /boot rw -------------------------------------------------------------------------------- ChangeLog:
* Mon Jan 28 2019 Dusty Mabe dusty@dustymabe.com - 0.30.0-2.git308d7a0 - Bump to ignition-dracut fa7131b - * 7579b92 journal: add clarifying comment for context * a6551f1 Remount /sysroot rw (#38) * ignition-firstboot-complete.service: Remount /boot rw * Sat Dec 15 2018 Benjamin Gilbert bgilbert@redhat.com - 0.30.0-1.git308d7a0 - New release 0.30.0 * Fri Dec 14 2018 Michael Nguyen mnguyen@redhat.com - 0.29.1-3.gitb1ab0b2 - define gopath for RHEL7 --------------------------------------------------------------------------------
================================================================================ ipmctl-01.00.00.3402-1.fc28 (FEDORA-2019-3b86b6237d) Utility for managing Intel Optane DC persistent memory modules -------------------------------------------------------------------------------- Update Information:
Release v01.00.00.3402 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 30 2019 Juston Li juston.li@intel.com - 01.00.00.3402-1 - Release 01.00.00.3402 --------------------------------------------------------------------------------
================================================================================ kernel-4.20.6-100.fc28 (FEDORA-2019-7d3500d712) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 4.20.6 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Justin M. Forbes jforbes@fedoraproject.org - 4.20.6-100 - Linux v4.20.6 --------------------------------------------------------------------------------
================================================================================ kernel-headers-4.20.6-100.fc28 (FEDORA-2019-7d3500d712) Header files for the Linux kernel for use by glibc -------------------------------------------------------------------------------- Update Information:
The 4.20.6 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Justin M. Forbes jforbes@fedoraproject.org - 4.20.6-100 - Linux v4.20.6 --------------------------------------------------------------------------------
================================================================================ kronosnet-1.7-1.fc28 (FEDORA-2019-50194f6eb4) Multipoint-to-Multipoint VPN daemon -------------------------------------------------------------------------------- Update Information:
Updated to upstream release v1.7. ---- Updated to upstream release v1.5. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Madison Kelly mkelly@alteeve.ca - 1.7-1 - Updated to upstream release v1.7. --------------------------------------------------------------------------------
================================================================================ libwmf-0.2.11-1.fc28 (FEDORA-2019-e9bc354ee8) Windows MetaFile Library -------------------------------------------------------------------------------- Update Information:
CVE-2019-6978: double free in the gdImage*Ptr in gd_jpeg.c, and gd_wbmp.c -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Caol��n McNamara caolanm@redhat.com - 0.2.11-1 - Resolves: rhbz#1671392 CVE-2019-6978 latest version * Fri Aug 10 2018 Caol��n McNamara caolanm@redhat.com - 0.2.10-1 - latest version * Fri Aug 10 2018 Caol��n McNamara caolanm@redhat.com - 0.2.9-5 - Related: rhbz#1602602 fix more clang warnings * Fri Aug 10 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 0.2.9-4 - Switch to %ldconfig_scriptlets * Fri Aug 10 2018 Caol��n McNamara caolanm@redhat.com - 0.2.9-3 - Related: rhbz#1602602 fix more clang warnings * Fri Aug 10 2018 Caol��n McNamara caolanm@redhat.com - 0.2.9-2 - Related: rhbz#1602602 fix clang warnings -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1671392 - CVE-2019-6978 libwmf: gd: double free in the gdImage*Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671392 --------------------------------------------------------------------------------
================================================================================ mame-0.206-1.fc28 (FEDORA-2019-0e25351a7e) Multiple Arcade Machine Emulator -------------------------------------------------------------------------------- Update Information:
An update to the latest mame release: * https://www.mamedev.org/?p=465 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 30 2019 Julian Sikorski belegdol@fedoraproject.org - 0.206-1 - Update to 0.206 --------------------------------------------------------------------------------
================================================================================ pdns-recursor-4.1.9-1.fc28 (FEDORA-2019-7696bb57ca) Modern, advanced and high performance recursing/non authoritative name server -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2019-386 and CVE-2019-3807 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 24 2019 Ruben Kerkhof ruben@rubenkerkhof.com - 4.1.9-1 - Update to new upstream - Fixes CVE-2019-3807 and CVE-2019-3806 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669423 - CVE-2019-3806 CVE-2019-3807 pdns-recursor: various flaws [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1669423 [ 2 ] Bug #1669422 - CVE-2019-3806 CVE-2019-3807 pdns-recursor: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1669422 --------------------------------------------------------------------------------
================================================================================ perl-Email-Address-List-0.06-1.fc28 (FEDORA-2019-ef5551fcff) RFC close address list parsing -------------------------------------------------------------------------------- Update Information:
Upstream bugfix. CVE-2018-18898 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Ralf Cors��pius corsepiu@fedoraproject.org - 0.06-1 - Update to 0.06. - Modernize spec. - Reflect Source0-URL having changed. --------------------------------------------------------------------------------
================================================================================ perl-Ouch-0.0501-1.fc28 (FEDORA-2019-d6085904b0) Exceptions that don't hurt -------------------------------------------------------------------------------- Update Information:
This release improves tests and documentation. We deliver it only to provide an up-to-date version string. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Petr Pisar ppisar@redhat.com - 0.0501-1 - 0.0501 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1670644 - perl-Ouch-0.0501 is available https://bugzilla.redhat.com/show_bug.cgi?id=1670644 --------------------------------------------------------------------------------
================================================================================ php-phpseclib-2.0.14-1.fc28 (FEDORA-2019-e330469125) PHP Secure Communications Library -------------------------------------------------------------------------------- Update Information:
**Version 2.0.14** - 2019-01-27 - SSH2: ssh-rsa is sometimes incorrectly used instead of rsa-sha2-256 (#1331) - SSH2: more strictly adhere to RFC8332 for rsa- sha2-256/512 (#1332) -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Remi Collet remi@remirepo.net - 2.0.14-1 - update to 2.0.14 --------------------------------------------------------------------------------
================================================================================ php-sebastian-environment4-4.0.2-1.fc28 (FEDORA-2019-c631645ae4) Handle HHVM/PHP environments -------------------------------------------------------------------------------- Update Information:
**Version 4.0.2** - 2019-01-28 **Fixed** * Fixed [#33](https://github.com/sebastianbergmann/environment/issues/33): `Runtime::discardsComments()` returns true too eagerly **Removed** * Removed support for Zend Optimizer+ in `Runtime::discardsComments()` -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 30 2019 Remi Collet remi@remirepo.net - 4.0.2-1 - update to 4.0.2 --------------------------------------------------------------------------------
================================================================================ python-certbot-dns-route53-0.30.2-2.fc28 (FEDORA-2019-94732fb929) Route53 DNS Authenticator plugin for Certbot -------------------------------------------------------------------------------- Update Information:
- Update to 0.30.2 - Fix boto3 dependency -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Eli Young elyscape@gmail.com - 0.30.2-2 - Fix boto3 dependency * Mon Jan 28 2019 Eli Young elyscape@gmail.com - 0.30.2-1 - Update to 0.30.2 (#1669327) * Thu Dec 27 2018 Eli Young elyscape@gmail.com - 0.29.1-2 - Fix dependency issues in EPEL7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669327 - python-certbot-dns-route53-0.30.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669327 --------------------------------------------------------------------------------
================================================================================ python3-3.6.8-2.fc28 (FEDORA-2019-6fafd84f5d) Interpreter of the Python programming language -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2019-5010 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 30 2019 Patrik Kopkan - 3.6.8-2 - Security fix for CVE-2019-5010 (#1666519, #1666522) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1666519 - CVE-2019-5010 python: NULL pointer dereference using a specially crafted X509 certificate https://bugzilla.redhat.com/show_bug.cgi?id=1666519 --------------------------------------------------------------------------------
================================================================================ slurm-17.11.13-2.fc28 (FEDORA-2019-f1626b52e9) Simple Linux Utility for Resource Management -------------------------------------------------------------------------------- Update Information:
Closes CVE-2019-6438 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Philip Kovacs pkdevel@yahoo.com - 17.11.13-2 - Fix build issue on 32-bit architectures * Wed Jan 30 2019 Philip Kovacs pkdevel@yahoo.com - 17.11.13-1 - Release of 17.11.13 - Closes security issue CVE-2019-6438 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1671205 - CVE-2019-6438 slurm https://bugzilla.redhat.com/show_bug.cgi?id=1671205 --------------------------------------------------------------------------------