The following Fedora 28 Security updates need testing: Age URL 22 https://bodhi.fedoraproject.org/updates/FEDORA-2018-99eed1942f remctl-3.14-1.fc28 18 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d510cfd7eb jgraphx-3.6.0.0-6.fc28 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9a85d5af21 scummvm-tools-2.0.0-1.fc28 scummvm-2.0.0-1.fc28 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-00e90783d2 community-mysql-5.7.22-1.fc28 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-389bc4e911 knot-resolver-2.3.0-1.fc28 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3564527be4 haproxy-1.8.8-1.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2c965abb15 dpdk-17.11.2-1.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ee6707d519 php-7.2.5-1.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-43c64deada drupal7-7.59-1.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8fd924a53d drupal8-8.4.8-1.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d1ba58394e perl-5.26.2-410.fc28 perl-Module-CoreList-5.20180414-1.fc28
The following Fedora 28 Critical Path updates have yet to be approved: Age URL 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fd7715891e perl-Carp-1.42-396.fc28 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0b2f8b762b git-2.17.0-3.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b67990d1d1 libldm-0.2.4-1.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-34a22a587d libepoxy-1.5.1-1.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-888ca9b69e libnfs-1.11.0-1.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-def1aa61c2 flatpak-0.11.4-1.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a9d6bb6a8e kernel-4.16.5-300.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e0cc897425 kexec-tools-2.0.17-2.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e0662375ce sssd-1.16.1-3.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-10cdebf0ce redhat-rpm-config-107-1.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d1ba58394e perl-5.26.2-410.fc28 perl-Module-CoreList-5.20180414-1.fc28
The following builds have been pushed to Fedora 28 updates-testing
dehydrated-0.6.2-1.fc28 extremetuxracer-0.7.5-1.fc28 foxtrotgps-1.2.1-1.fc28 gap-pkg-digraphs-0.12.1-1.fc28 gnushogi-1.5-0.4.git5bb0b5b.fc28 hamlib-3.2-1.fc28 libfm-1.3.0.2-1.fc28 magic-8.2.60-1.fc28 pcmanfm-1.3.0-1.fc28 pekwm-0.1.17-11.fc28 perl-Dancer2-0.206000-1.fc28 selinux-policy-3.14.1-24.fc28 v4l-utils-1.14.2-2.fc28 xviewer-1.8.0-2.fc28 yamllint-1.11.1-1.fc28
Details about builds:
================================================================================ dehydrated-0.6.2-1.fc28 (FEDORA-2018-2dc3119c49) A client for signing certificates with an ACME server -------------------------------------------------------------------------------- Update Information:
dehyrated 0.6.2 (2018-04-25) ============================ Added ----- - New deploy_ocsp hook - Allow account registration with custom key Changed ------- - Don't walk certificate chain for ACMEv2 (certificate contains chain by default) - Improved documentation on wildcards Fixes ----- - Added workaround for compatibility with filesystem ACLs - Close unwanted external file- descriptors - Fixed JSON parsing on force-renewal - Fixed cleanup of challenge files/dns-entries on validation errors - A few more minor fixes -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 29 2018 Robert Scheck robert@fedoraproject.org - 0.6.2-1 - Resolves: rhbz#1572609 Updated to 0.6.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1572609 - dehydrated-0.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1572609 --------------------------------------------------------------------------------
================================================================================ extremetuxracer-0.7.5-1.fc28 (FEDORA-2018-3724a7bf28) High speed arctic racing game -------------------------------------------------------------------------------- Update Information:
0.7.5 -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 29 2018 Gwyn Ciesla limburgher@gmail.com - 0.7.5-1 - 0.7.5 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1572816 - extremetuxracer-0.7.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1572816 --------------------------------------------------------------------------------
================================================================================ foxtrotgps-1.2.1-1.fc28 (FEDORA-2018-7d10075f74) GTK+ mapping and GPS application -------------------------------------------------------------------------------- Update Information:
Update to 1.2.1 -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 29 2018 Peter Robinson pbrobinson@fedoraproject.org 1.2.1-1 - Update to 1.2.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1564871 - foxtrotgps-1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1564871 --------------------------------------------------------------------------------
================================================================================ gap-pkg-digraphs-0.12.1-1.fc28 (FEDORA-2018-f3d0098628) GAP package for digraphs and multidigraphs -------------------------------------------------------------------------------- Update Information:
Version 0.12.1 is a minor release, which contains several bugfixes. The following problems were resolved by [James D. Mitchell](http://goo.gl/ZtViV6): * `HomomorphismDigraphFinder` sometimes failed to find a homomorphism when one existsed [[Issue #111](https://github.com/gap-packages/Digraphs/issues/111), reported by Gordon Royle]; * the documentation for `HomomorphismDigraphFinder` was incomplete [[Issue #112](https://github.com/gap- packages/Digraphs/issues/112)]; and * a segmentation fault could be caused when using Digraphs with NautyTracesInterface, in certain cases [[Issue #114](https://github.com/gap-packages/Digraphs/issues/114)]. -------------------------------------------------------------------------------- ChangeLog:
* Sat Apr 28 2018 Jerry James loganjerry@gmail.com - 0.12.1-1 - New upstream version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1572400 - gap-pkg-digraphs-v0.12.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1572400 --------------------------------------------------------------------------------
================================================================================ gnushogi-1.5-0.4.git5bb0b5b.fc28 (FEDORA-2018-4cf89ccb28) Shogi, the Japanese version of chess -------------------------------------------------------------------------------- Update Information:
Initial release for f28. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1119197 - Review Request: gnushogi - Shogi (Japanese Chess) AI engine https://bugzilla.redhat.com/show_bug.cgi?id=1119197 --------------------------------------------------------------------------------
================================================================================ hamlib-3.2-1.fc28 (FEDORA-2018-6dc29deb59) Run-time library to control radio transceivers and receivers -------------------------------------------------------------------------------- Update Information:
Update to hamlib 3.2. -------------------------------------------------------------------------------- ChangeLog:
* Tue Apr 3 2018 Richard Shaw hobbes1069@gmail.com - 3.2-1 - Update to 3.2. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1562559 - hamlib-3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1562559 --------------------------------------------------------------------------------
================================================================================ libfm-1.3.0.2-1.fc28 (FEDORA-2018-b13b66b089) GIO-based library for file manager-like programs -------------------------------------------------------------------------------- Update Information:
libfm 1.3.0.2 / pcmanfm 1.3.0 is released. -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 29 2018 Mamoru TASAKA mtasaka@fedoraproject.org - 1.3.0.2-1 - 1.3.0.2 release --------------------------------------------------------------------------------
================================================================================ magic-8.2.60-1.fc28 (FEDORA-2018-b633042eff) A very capable VLSI layout tool -------------------------------------------------------------------------------- Update Information:
New version 8.2.60 is released. -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 29 2018 Mamoru TASAKA mtasaka@fedoraproject.org - 8.2.60-1 - 8.2.60 --------------------------------------------------------------------------------
================================================================================ pcmanfm-1.3.0-1.fc28 (FEDORA-2018-b13b66b089) Extremly fast and lightweight file manager -------------------------------------------------------------------------------- Update Information:
libfm 1.3.0.2 / pcmanfm 1.3.0 is released. -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 29 2018 Mamoru TASAKA mtasaka@fedoraproject.org - 1.3.0-1 - 1.3.0 release --------------------------------------------------------------------------------
================================================================================ pekwm-0.1.17-11.fc28 (FEDORA-2018-297c2e68c4) A small and flexible window manager -------------------------------------------------------------------------------- Update Information:
Fix Upstream / pekwm 0.1.18rc1 not available -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 29 2019 Luis Bazan lbazan@fedoraproject.org - 0.1.17-11 - Fix Upstream * Thu Feb 8 2018 Fedora Release Engineering releng@fedoraproject.org - 0.1.18rc1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Wed Nov 22 2017 Luis Bazan lbazan@fedoraproject.org - 0.1.18rc1-1 - New upstream version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1449447 - pekwm 0.1.18.rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1449447 --------------------------------------------------------------------------------
================================================================================ perl-Dancer2-0.206000-1.fc28 (FEDORA-2018-ded377a782) Lightweight yet powerful web application framework -------------------------------------------------------------------------------- Update Information:
Dancer2 0.206000 addresses several potential security issues. There is a potential RCE with regards to Storable. Dancer2 adds session ID validation to the session engine so that session backends based on Storable can reject malformed session IDs that may lead to exploitation of the RCE. Parsing requests now uses HTTP::Entity::Parser which reduces the amount of code needed and does not require re-parsing the request body. -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 22 2018 Emmanuel Seyman emmanuel@seyman.fr - 0.206000-1 - Update to 0.206000 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1569981 - perl-Dancer2-0.206000 is available https://bugzilla.redhat.com/show_bug.cgi?id=1569981 --------------------------------------------------------------------------------
================================================================================ selinux-policy-3.14.1-24.fc28 (FEDORA-2018-9f58fabee4) SELinux policy configuration -------------------------------------------------------------------------------- Update Information:
More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1077456 -------------------------------------------------------------------------------- ChangeLog:
* Sat Apr 28 2018 Lukas Vrabec lvrabec@redhat.com - 3.14.1-24 - Allow unconfined_domain_type to create libs filetrans named content BZ(1513806) * Fri Apr 27 2018 Lukas Vrabec lvrabec@redhat.com - 3.14.1-23 - Allow dnssec_trigger_t domain to read system network state BZ(1570205) - Add dac_override capability to mailman_mail_t domain - Add dac_override capability to radvd_t domain - Update openvswitch policy - Add dac_override capability to oddjob_homedir_t domain - Allow slapd_t domain to mmap slapd_var_run_t files - Rename tang policy to tangd - Allow virtd_t domain to relabel virt_var_lib_t files - Allow logrotate_t domain to stop services via systemd - Add tang policy - Allow mozilla_plugin_t to create mozilla.pdf file in user homedir with label mozilla_home_t - Allow snapperd_t daemon to create unlabeled dirs. - Make httpd_var_run_t mountpoint - Allow hsqldb_t domain to mmap own temp files - We have inconsistency in cgi templates with upstream, we use _content_t, but refpolicy use httpd__content_t. Created aliasses to make it consistence - Allow Openvswitch adding netdev bridge ovs 2.7.2.10 FDP - Add new Boolean tomcat_use_execmem - Allow nfsd_t domain to read/write sysctl fs files - Allow conman to read system state - Allow brltty_t domain to be dbusd system client - Allow zebra_t domain to bind on babel udp port - Allow freeipmi domain to read sysfs_t files - Allow targetd_t domain mmap lvm config files - Allow abrt_t domain to manage kdump crash files - gnome_data_filetrans macro should be in optional block - Allow netutils_t domain to create bluetooth sockets - Allow traceroute to bind on generic sctp node - Allow traceroute to search network sysctls - Allow systemd to use virtio console - Label /dev/op_panel and /dev/opal-prd as opal_device_t - Label /run/ebtables.lock as iptables_var_run_t - Allow udev_t domain to manage udev_rules_t char files. - Assign babel_port_t label to udp port 6696 - Add new interface lvm_map_config - Merge pull request #212 from stlaz/patch-1 - Allow local_login_t reads of udev_var_run_t context * Wed Apr 18 2018 Lukas Vrabec lvrabec@redhat.com - 3.14.1-22 - Allow networkmanager domain to write to ecryptfs_t files BZ(1566706) - Allow l2tpd domain to stream connect to sssd BZ(1568160) - Dontaudit abrt_t to write to lib_t dirs BZ(1566784) - Allow NetworkManager_ssh_t domain transition to insmod_t BZ(1567630) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1572954 - Cannot start radvd https://bugzilla.redhat.com/show_bug.cgi?id=1572954 [ 2 ] Bug #1567631 - SELinux is preventing sh from 'getattr' accesses on the file /usr/bin/kmod. https://bugzilla.redhat.com/show_bug.cgi?id=1567631 [ 3 ] Bug #1568509 - SELinux is preventing amavisd from using the dac_override capability https://bugzilla.redhat.com/show_bug.cgi?id=1568509 [ 4 ] Bug #1570205 - SELinux is preventing dnssec-trigger- from 'read' accesses on the file unix. https://bugzilla.redhat.com/show_bug.cgi?id=1570205 [ 5 ] Bug #1569313 - SELinux is preventing sosreport from associate access on the filesystem fips_enabled. https://bugzilla.redhat.com/show_bug.cgi?id=1569313 [ 6 ] Bug #1567630 - SELinux is preventing sh from 'execute' accesses on the file /usr/bin/kmod. https://bugzilla.redhat.com/show_bug.cgi?id=1567630 [ 7 ] Bug #1572945 - SELinux is preventing gssproxy from 'getattr' accesses on the directory /proc/<pid>. https://bugzilla.redhat.com/show_bug.cgi?id=1572945 --------------------------------------------------------------------------------
================================================================================ v4l-utils-1.14.2-2.fc28 (FEDORA-2018-4c0aca9519) Utilities for video4linux and DVB devices -------------------------------------------------------------------------------- Update Information:
New upstream 1.14.2 release from new 1.14 series -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 29 2018 Peter Robinson pbrobinson@fedoraproject.org 1.14.2-2 - Add sys/sysmacros.h include fix patch * Sun Apr 29 2018 Peter Robinson pbrobinson@fedoraproject.org 1.14.2-1 - New upstream release 1.14.2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1541463 - RFE: Update v4l-utils package https://bugzilla.redhat.com/show_bug.cgi?id=1541463 --------------------------------------------------------------------------------
================================================================================ xviewer-1.8.0-2.fc28 (FEDORA-2018-648fc77e22) Fast and functional graphics viewer -------------------------------------------------------------------------------- Update Information:
....... -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 29 2018 Leigh Scott leigh123linux@googlemail.com - 1.8.0-2 - Remove .la file * Sun Apr 29 2018 Leigh Scott leigh123linux@googlemail.com - 1.8.0-1 - New upstream release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1572413 - xviewer-1.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1572413 --------------------------------------------------------------------------------
================================================================================ yamllint-1.11.1-1.fc28 (FEDORA-2018-68c5ef4790) A linter for YAML files -------------------------------------------------------------------------------- Update Information:
Update to latest upstream version -------------------------------------------------------------------------------- ChangeLog:
* Sun Apr 29 2018 Adrien Verg�� adrienverge@gmail.com - 1.11.1-1 - Update to latest upstream version -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1564488 - yamllint-1.11.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1564488 --------------------------------------------------------------------------------