The following Fedora 27 Security updates need testing: Age URL 136 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27 68 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8dc6395408 dpdk-17.08.2-1.fc27 54 https://bodhi.fedoraproject.org/updates/FEDORA-2018-775d96b54b blktrace-1.2.0-6.fc27 41 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a10c1d234e vim-syntastic-3.9.0-1.fc27 32 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3b33f65b01 nodejs-brace-expansion-1.1.11-1.fc27 24 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f7a1334c68 sox-14.4.2.0-22.fc27 23 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a748acc219 unrtf-0.21.9-8.fc27 18 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ae1ced8fb6 dcraw-9.28.0-1.fc27 18 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2d2179e7d0 python-XStatic-jquery-ui-1.12.0.1-2.fc27 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-69780fc4d7 gnupg-1.4.23-1.fc27 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9f02e5ed7b qemu-2.10.1-4.fc27 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e657c3c037 libvirt-3.7.0-5.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-94eb743dad libgit2-0.26.4-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2bdfc9dc67 php-symfony-2.8.42-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c8ddc44bbb php-symfony3-3.3.17-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4943b0505b ant-1.10.1-10.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0712169848 bind-9.11.3-6.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9296823b6c cantata-2.3.1-1.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1a467757ce xen-4.9.2-6.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7e8c49a451 git-annex-6.20180626-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c3838931e1 libsoup-2.60.3-2.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6c465c127c bibutils-6.5-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e92359c3b8 visualboyadvance-m-2.1.0-1.fc27
The following Fedora 27 Critical Path updates have yet to be approved: Age URL 52 https://bodhi.fedoraproject.org/updates/FEDORA-2018-25d5c86330 libidn-1.34-2.fc27 mcabber-1.1.0-1.fc27.1 pidgin-2.13.0-1.fc27.1 python-slixmpp-1.3.0-5.fc27.1 35 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2a57dc63c1 selinux-policy-3.13.1-283.35.fc27 30 https://bodhi.fedoraproject.org/updates/FEDORA-2018-33052e653e iproute-4.16.0-1.fc27 24 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bd7544b85b fwupd-1.0.8-1.fc27 24 https://bodhi.fedoraproject.org/updates/FEDORA-2018-05a68ea22e geoclue2-2.4.10-2.fc27 19 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f5989c8ede osinfo-db-20180612-1.fc27 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-69780fc4d7 gnupg-1.4.23-1.fc27 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-49b4b4638d python-productmd-1.15-1.fc27 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d70cf2c993 python-rpm-macros-3-25.fc27 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9f02e5ed7b qemu-2.10.1-4.fc27 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-200dba6b93 upower-0.99.8-1.fc27 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e657c3c037 libvirt-3.7.0-5.fc27 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7aa8911d0d samba-4.7.8-0.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-670f4fe2a4 exo-0.12.2-1.fc27 xfce4-settings-4.12.4-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d8e28f3fce glusterfs-3.12.11-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2900e03ce5 glib2-2.54.3-3.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-741164810b perl-File-Temp-0.230.600-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6559e94544 sssd-1.16.2-4.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4c2c1fdaf1 pcre2-10.31-5.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ad57645272 vim-8.1.119-1.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d3507ef90d pcre-8.42-2.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ca436df0dd emacs-25.3-4.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1a467757ce xen-4.9.2-6.fc27 5 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bd8549f05a bubblewrap-0.2.1-1.fc27 flatpak-0.99.2-1.fc27 flatpak-builder-0.99.2-1.fc27 ostree-2018.6-1.fc27 pipewire-0.1.9-1.fc27 xdg-desktop-portal-0.11-1.fc27 xdg-desktop-portal-gtk-0.11-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c3838931e1 libsoup-2.60.3-2.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-383ac28bf9 libguestfs-1.38.3-1.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d77b22df33 sudo-1.8.23-1.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d1abd8b555 libsolv-0.6.34-3.fc27
The following builds have been pushed to Fedora 27 updates-testing
RBTools-1.0-2.fc27 botan2-2.7.0-1.fc27 debbuild-18.6.1-1.fc27 dnsmasq-2.79-3.fc27 golang-github-cenkalti-backoff-2.0.0-2.fc27 golang-googlecode-net-0-0.46.20180614gitdb08ff0.fc27 grip-3.8.1-1.fc27 haproxy-1.7.11-2.fc27 hwdata-0.313-1.fc27 jetty-9.4.11-2.v20180605.fc27 lastpass-cli-1.3.1-1.fc27 librelp-1.2.16-1.fc27 lollypop-0.9.518-1.fc27 mailman-2.1.21-9.fc27 megatools-1.9.98-6.fc27 openblas-0.3.1-1.fc27 openslp-2.0.0-15.fc27 otter-browser-0.9.99-0.1.rc10git282b5b3.fc27 perl-Test-POE-Client-TCP-1.18-1.fc27 php-theseer-autoload-1.25.0-1.fc27 pulseaudio-12.0-2.fc27 python-Pympler-0.5-1.fc27 python-streamlink-0.14.2-1.fc27 rsyslog-8.36.0-1.fc27 stellarium-0.18.1-1.fc27 strace-4.23-1.fc27 zstd-1.3.5-1.fc27
Details about builds:
================================================================================ RBTools-1.0-2.fc27 (FEDORA-2018-a1ca7780af) Tools for use with ReviewBoard -------------------------------------------------------------------------------- Update Information:
## Fix package dependencies Several new dependencies were added for the RBTools 1.0 release, but these were not properly reflected in the RPM. This is now corrected. ---- https://www.reviewboard.org/docs/releasenotes/rbtools/1.0/ -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Stephen Gallagher sgallagh@redhat.com - 1.0-2 - Include missing python dependencies * Fri Jun 29 2018 Stephen Gallagher sgallagh@redhat.com - 1.0-1 - Update to RBTools 1.0 - https://www.reviewboard.org/docs/releasenotes/rbtools/1.0/ * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 0.7.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ botan2-2.7.0-1.fc27 (FEDORA-2018-98ab6b4e56) Crypto and TLS for C++11 -------------------------------------------------------------------------------- Update Information:
Update Botan2 to 2.7.0. Focus of this release is on performance and side channel hardening. - Address side channels in RSA key generation and ECDSA signing - Side channel hardening in many core algorithms (modular exponentiation, ECC scalar multiply, Karatsuba multiplication, Barrett reduction, etc) to reduce the risk of future exploitable side channels. - Many optimizations for ECC operations, RSA (including key gen), DSA, DH, and XMSS. Typical speedups vs 2.6.0 is 10 to 40% depending on operation and key size. - Add Scrypt password hashing. Also supported is using Scrypt to derive keys for private key encryption (format compatible with upcoming OpenSSL 1.1.1) - Add base32 encoding/decoding - Plus many bug fixes and smaller enhancements documented in the [release notes](https://botan.randombit.net/news.html#version-2-7-0-2018-07-02) -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Thomas Moschny thomas.moschny@gmx.de - 2.7.0-1 - Update to 2.7.0. * Tue Jun 19 2018 Miro Hron��ok mhroncok@redhat.com - 2.6.0-2 - Rebuilt for Python 3.7 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1591831 - CVE-2018-12435 botan: memory-cache side-channel attack on ECDSA signatures https://bugzilla.redhat.com/show_bug.cgi?id=1591831 [ 2 ] Bug #1591163 - CVE-2018-0495 openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries https://bugzilla.redhat.com/show_bug.cgi?id=1591163 --------------------------------------------------------------------------------
================================================================================ debbuild-18.6.1-1.fc27 (FEDORA-2018-01e36681c7) Build Debian-compatible .deb packages from RPM .spec files -------------------------------------------------------------------------------- Update Information:
Rebase to 18.6.1 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Neal Gompa ngompa13@gmail.com - 18.6.1-1 - Rebase to 18.6.1 * Sun Jul 1 2018 Jitka Plesnikova jplesnik@redhat.com - 18.6.0-2 - Perl 5.28 rebuild * Fri Jun 29 2018 Neal Gompa ngompa13@gmail.com - 18.6.0-1 - Rebase to 18.6.0 * Wed Jun 27 2018 Jitka Plesnikova jplesnik@redhat.com - 17.5.0-3 - Perl 5.28 rebuild * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 17.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1481697 - debbuild-18.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1481697 --------------------------------------------------------------------------------
================================================================================ dnsmasq-2.79-3.fc27 (FEDORA-2018-31974dc1e0) A lightweight DHCP/caching DNS server -------------------------------------------------------------------------------- Update Information:
- Fixed permissions on /var/lib/dnsmasq - Fixed validation on disabled dnssec, skip the cache if do bit is set -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Petr Men����k pemensik@redhat.com - 2.79-3 - Make dnsmasq leases writeable by root again (#1554390) * Mon Jul 2 2018 Petr Men����k pemensik@redhat.com - 2.79-2 - Fix passing of dnssec enabled queries (#1597309) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1554390 - SELinux is preventing dnsmasq from using the 'dac_override' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=1554390 [ 2 ] Bug #1597309 - dnsmasq does not pass DNSSEC data https://bugzilla.redhat.com/show_bug.cgi?id=1597309 --------------------------------------------------------------------------------
================================================================================ golang-github-cenkalti-backoff-2.0.0-2.fc27 (FEDORA-2018-c02a71e56b) The exponential backoff algorithm in Go -------------------------------------------------------------------------------- Update Information:
Update to v2.0.0 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Jan Chaloupka jchaloup@redhat.com - Regen glide files * Mon Jun 25 2018 Robert-Andr�� Mauchin zebob.m@gmail.com - 2.0.0-1 - Update to v2.0.0 * Sat Jun 9 2018 Jan Chaloupka jchaloup@redhat.com - 1.1.0-0.4.git61153c7 - Upload glide.lock and glide.yaml * Wed Feb 28 2018 Jan Chaloupka jchaloup@redhat.com - 1.1.0-0.3.20170711git61153c7 - Autogenerate some parts using the new macros * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 1.1.0-0.2.git61153c7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Mon Nov 27 2017 Jan Chaloupka jchaloup@redhat.com - 1.1.0-0.1.git61153c7 - Update to v1.1.0 resolves: #1517147 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1483771 - golang-github-cenkalti-backoff-v2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1483771 --------------------------------------------------------------------------------
================================================================================ golang-googlecode-net-0-0.46.20180614gitdb08ff0.fc27 (FEDORA-2018-732e8715dd) Supplementary Go networking libraries -------------------------------------------------------------------------------- Update Information:
Bump to db08ff08e8622530d9ed3a0e8ac279f6d4c02196 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Jan Chaloupka jchaloup@redhat.com - Upload glide files * Thu Jun 14 2018 Robert-Andr�� Mauchin zebob.m@gmail.com -0-0.45.20180614gitdb08ff0 - Bump to db08ff08e8622530d9ed3a0e8ac279f6d4c02196 * Tue Mar 13 2018 Jan Chaloupka jchaloup@redhat.com - 0-0.44.git66aacef - Upload handcrated glide.lock and glide.yaml files -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1326890 - FTBFS with gcc-go on s390x https://bugzilla.redhat.com/show_bug.cgi?id=1326890 [ 2 ] Bug #1555833 - golang-googlecode-net: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555833 --------------------------------------------------------------------------------
================================================================================ grip-3.8.1-1.fc27 (FEDORA-2018-599e7c9efe) Front-end for CD rippers and Ogg Vorbis encoders -------------------------------------------------------------------------------- Update Information:
Updated to 3.8.1 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Adrian Reber adrian@lisas.de - 1:3.8.1-1 - Updated to 3.8.1 - Removed upstreamed patches --------------------------------------------------------------------------------
================================================================================ haproxy-1.7.11-2.fc27 (FEDORA-2018-53c52ec1a0) HAProxy reverse proxy for high availability environments -------------------------------------------------------------------------------- Update Information:
Update to 1.7.11 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Ryan O'Hara rohara@redhat.com - 1.7.11-2 - Remove unused patches for halog and iprange utilities * Tue May 1 2018 Ryan O'Hara rohara@redhat.com - 1.7.11-1 - Update to 1.7.11 * Wed Jan 3 2018 Ryan O'Hara rohara@redhat.com - 1.7.10-1 - Update to 1.7.10 --------------------------------------------------------------------------------
================================================================================ hwdata-0.313-1.fc27 (FEDORA-2018-20d0222e17) Hardware identification and configuration data -------------------------------------------------------------------------------- Update Information:
Updated pci, usb and vendor ids. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Vitezslav Crhonek vcrhonek@redhat.com - 0.313-1 - Updated pci, usb and vendor ids. --------------------------------------------------------------------------------
================================================================================ jetty-9.4.11-2.v20180605.fc27 (FEDORA-2018-93a507fd0f) Java Webserver and Servlet Container -------------------------------------------------------------------------------- Update Information:
Update to upstream version 9.4.11. Fixes CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12538. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Michael Simacek msimacek@redhat.com - 9.4.11-2.v20180605 - Fix missing classes in start.jar * Fri Jun 8 2018 Michael Simacek msimacek@redhat.com - 9.4.11-1.v20180605 - Update to upstream version 9.4.11.v20180605 * Wed May 9 2018 Michael Simacek msimacek@redhat.com - 9.4.10-1.v20180503 - Update to upstream version 9.4.10.v20180503 * Mon Apr 30 2018 Michael Simacek msimacek@redhat.com - 9.4.10-0.1.RC1 - Update to upstream version 9.4.10.RC1 * Fri Mar 23 2018 Mat Booth mat.booth@redhat.com - 9.4.9-2.v20180320 - Make the requirement on "osgi.serviceloader.processor" optional * Wed Mar 21 2018 Alexander Kurtakov akurtako@redhat.com 9.4.9-1.v20180320 - Update to upstream 9.4.9 release. * Fri Feb 9 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 9.4.8-4.v20171121 - Escape macros in %changelog * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 9.4.8-3.v20171121 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Jan 25 2018 Michael Simacek msimacek@redhat.com - 9.4.8-2.v20171121 - Remove obsolete systemd conversion scriptlet * Mon Dec 4 2017 Michael Simacek msimacek@redhat.com - 9.4.8-1.v20171121 - Update to upstream version 9.4.8.v20171121 * Wed Sep 20 2017 Michael Simacek msimacek@redhat.com - 9.4.7-1.v20170914 - Update to upstream version 9.4.7.v20170914 * Wed Sep 13 2017 Michael Simacek msimacek@redhat.com - 9.4.7.RC0-1 - Update to upstream version 9.4.7.RC0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1595620 - CVE-2017-7657 jetty: HTTP request smuggling https://bugzilla.redhat.com/show_bug.cgi?id=1595620 [ 2 ] Bug #1595621 - CVE-2017-7658 jetty: Incorrect header handling https://bugzilla.redhat.com/show_bug.cgi?id=1595621 [ 3 ] Bug #1595639 - CVE-2017-7656 jetty: HTTP request smuggling using the range header https://bugzilla.redhat.com/show_bug.cgi?id=1595639 [ 4 ] Bug #1595453 - CVE-2018-12538 jetty: HttpSessions access/hijack in the FileSystem's storage for the FileSessionDataStore. https://bugzilla.redhat.com/show_bug.cgi?id=1595453 --------------------------------------------------------------------------------
================================================================================ lastpass-cli-1.3.1-1.fc27 (FEDORA-2018-0d3b3d2571) Command line interface to LastPass.com -------------------------------------------------------------------------------- Update Information:
Update to version 1.3.1 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Robert-Andr�� Mauchin zebob.m@gmail.com - 1.3.1-1 - Update to version 1.3.1 - Add fish and zsh completions - Fix #1583717, #1579473, #1459717 - Thanks to Ventz Petkov and Edward J. Huff for their contribution -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1583717 - Update to v1.3.1 https://bugzilla.redhat.com/show_bug.cgi?id=1583717 [ 2 ] Bug #1579473 - lastpass-cli needs an update https://bugzilla.redhat.com/show_bug.cgi?id=1579473 [ 3 ] Bug #1459717 - lastpass-cli-1.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1459717 [ 4 ] Bug #1519507 - Please update F27 to lastpass-cli 1.2.2 https://bugzilla.redhat.com/show_bug.cgi?id=1519507 --------------------------------------------------------------------------------
================================================================================ librelp-1.2.16-1.fc27 (FEDORA-2018-c136c9059a) The Reliable Event Logging Protocol library -------------------------------------------------------------------------------- Update Information:
Rebase to 8.36.0 -------------------------- - dropped stdlog dependency as it is now deprecated upstream and will be eventually removed - OpenSSL driver added as alternative to GnuTLS, will probably bacome default in future - varuous enhancements and bugfixes -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Radovan Sroka rsroka@redhat.com - 1.2.16-1 - rebase to 1.2.16 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1543992 - rsyslog appears to duplicate messages from journald when journald rotates its log files https://bugzilla.redhat.com/show_bug.cgi?id=1543992 [ 2 ] Bug #1587871 - rsyslog uses LimitNOFILE in Install section iso https://bugzilla.redhat.com/show_bug.cgi?id=1587871 [ 3 ] Bug #1580013 - rsyslog systemd service file has LimitNOFILE in the wrong section https://bugzilla.redhat.com/show_bug.cgi?id=1580013 [ 4 ] Bug #1595008 - rsyslog-8.36.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1595008 [ 5 ] Bug #1577903 - librelp-1.2.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1577903 --------------------------------------------------------------------------------
================================================================================ lollypop-0.9.518-1.fc27 (FEDORA-2018-99a19753fb) Music player for GNOME -------------------------------------------------------------------------------- Update Information:
Update to 0.9.518 ---- Update to 0.9.517 ---- Update to 0.9.516 ---- Update to 0.9.515 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.518-1 - Update to 0.9.518 * Sat Jun 30 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.517-1 - Update to 0.9.517 * Mon Jun 25 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.516-1 - Update to 0.9.516 * Thu Jun 21 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.515-1 - Update to 0.9.515 * Tue Jun 19 2018 Miro Hron��ok mhroncok@redhat.com - 0.9.514-2 - Rebuilt for Python 3.7 --------------------------------------------------------------------------------
================================================================================ mailman-2.1.21-9.fc27 (FEDORA-2018-f6ccdeb750) Mailing list manager with built in Web access -------------------------------------------------------------------------------- Update Information:
Add fix for CVE-2018-0618 (#1596460) -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Pavel Zhukov pzhukov@redhat.com - 3:2.1.21-9 - Add fix for CVE-2018-0618 (#1596460) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1596458 - CVE-2018-0618 mailmain: Cross-site scripting vulnerability allows malicious listowners to inject scripts into listinfo pages https://bugzilla.redhat.com/show_bug.cgi?id=1596458 --------------------------------------------------------------------------------
================================================================================ megatools-1.9.98-6.fc27 (FEDORA-2018-dfbbd742ba) Command line client for MEGA -------------------------------------------------------------------------------- Update Information:
Updated SPEC file, enabled RHEL 7 build. -------------------------------------------------------------------------------- ChangeLog:
* Fri Jun 29 2018 Simone Caronni negativo17@gmail.com - 1.9.98-6 - Clean up SPEC file. * Thu Feb 8 2018 Fedora Release Engineering releng@fedoraproject.org - 1.9.98-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ openblas-0.3.1-1.fc27 (FEDORA-2018-2647d0ade2) An optimized BLAS library based on GotoBLAS2 -------------------------------------------------------------------------------- Update Information:
Update to 0.3.1, see full changelog at https://github.com/xianyi/OpenBLAS/releases -------------------------------------------------------------------------------- ChangeLog:
* Sun Jul 1 2018 Susi Lehtola jussilehtola@fedoraproject.org - 0.3.1-1 - Update to 0.3.1. * Mon Jun 11 2018 Susi Lehtola jussilehtola@fedoraproject.org - 0.3.0-2 - Split sequential libraries from core package to openblas-serial. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1597010 - openblas-0.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1597010 --------------------------------------------------------------------------------
================================================================================ openslp-2.0.0-15.fc27 (FEDORA-2018-bc864bb9e1) Open implementation of Service Location Protocol V2 -------------------------------------------------------------------------------- Update Information:
Fix heap memory corruption, CVE-2017-17833 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Vitezslav Crhonek vcrhonek@redhat.com - 2.0.0-15 - Fix heap memory corruption, CVE-2017-17833 Resolves: #1572167 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1572166 - CVE-2017-17833 openslp: Heap memory corruption in slpd/slpd_process.c allows denial of service or potentially code execution https://bugzilla.redhat.com/show_bug.cgi?id=1572166 --------------------------------------------------------------------------------
================================================================================ otter-browser-0.9.99-0.1.rc10git282b5b3.fc27 (FEDORA-2018-d2b6901c50) Web browser controlled by the user, not vice-versa -------------------------------------------------------------------------------- Update Information:
Update to 0.9.99-0.1.rc10git282b5b3 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.99-0.1.rc10git282b5b3 - Update to 0.9.99-0.1.rc10git282b5b3 --------------------------------------------------------------------------------
================================================================================ perl-Test-POE-Client-TCP-1.18-1.fc27 (FEDORA-2018-cfed123e21) POE Component providing TCP client services for test cases -------------------------------------------------------------------------------- Update Information:
This release adds support for TLS encryption. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Petr Pisar ppisar@redhat.com - 1.18-1 - 1.18 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1597276 - perl-Test-POE-Client-TCP-1.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1597276 --------------------------------------------------------------------------------
================================================================================ php-theseer-autoload-1.25.0-1.fc27 (FEDORA-2018-81789d9d8e) A tool and library to generate autoload code -------------------------------------------------------------------------------- Update Information:
**Release 1.25.0** * Add support for generating static files to use for opcache warming (-w, optionally with --reset) * Minor internal cleanup -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Remi Collet remi@remirepo.net - 1.25.0-1 - update to 1.25.0 - use range dependencies --------------------------------------------------------------------------------
================================================================================ pulseaudio-12.0-2.fc27 (FEDORA-2018-55824401dc) Improved Linux Sound Server -------------------------------------------------------------------------------- Update Information:
Latest pulseaudio-12.0 release. See also https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/12.0/ -------------------------------------------------------------------------------- ChangeLog:
* Sun Jul 1 2018 Rex Dieter rdieter@fedoraproject.org - 12.0-2 - switch-on-port-available-ignore-bluetooth-cards.patch (#1594596, fdo#107044) - use upstreamed exit-idle-time.patch * Thu Jun 21 2018 Rex Dieter rdieter@fedoraproject.org - 12.0-1 - pulseaudio-12.0 is available (#1593489) - -libs: use %license * Sun May 13 2018 Rex Dieter rdieter@fedoraproject.org - 11.99.1-1 - 11.99.1 (#1577603) - use %ldconfig_scriptlets - new pulseaudio--module-gsettings subpkg * Tue May 8 2018 Rex Dieter rdieter@fedoraproject.org - 11.1-21 - drop unused getaffinity,memfd patches - include experimental bluetooth patches only on rawhide * Mon Apr 23 2018 Hans de Goede hdegoede@redhat.com - 11.1-20 - Fix Intel LPE HDMI problems: - Update to upstream gitsnapshot which contains a fix for the crash caused by patch93 (and contains patch93 fixing the Intel LPE HDMI pa crash) - Fix-realtime-scheduling-on-byt-cht.patch, Fix-Intel-HDMI-LPE-problems.patch: drop both, both fixes are included in the git snapshot * Fri Mar 23 2018 Iryna Shcherbina ishcherb@redhat.com - 11.1-19 - Update Python 2 dependency declarations to new packaging standards (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) * Wed Mar 21 2018 Rex Dieter rdieter@fedoraproject.org - 11.1-18 - manually package sockets.target.wants/pulseaudio.socket to help handle socket activation on upgrades * Tue Mar 20 2018 Rex Dieter rdieter@fedoraproject.org - 11.1-17 - omit -gdm-hooks, moved to gdm (f28+) * Tue Mar 13 2018 Rex Dieter rdieter@fedoraproject.org - 11.1-16 - skip patch93, seems to cause crashes w/headphone jacks (#1544507,#1551270,#1554035) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1257863 - bluetooth headphones skips often https://bugzilla.redhat.com/show_bug.cgi?id=1257863 --------------------------------------------------------------------------------
================================================================================ python-Pympler-0.5-1.fc27 (FEDORA-2018-359cf837ed) Measure, monitor and analyze the memory behavior of Python objects -------------------------------------------------------------------------------- Update Information:
Changes since 0.4.3: * fixed [asizeof does not properly size namedtuples](https://github.com/pympler/pympler/issues/35) * dropped support for Python 2.5, 2.6 and 3.2 * fixed [asizeof does not properly size numpy arrays](https://github.com/pympler/pympler/issues/36) * switched to much faster hash join instead of quadratic list join * fixed [pympler incompatible with tensorflow](https://github.com/pympler/pympler/issues/41) * fixed [KeyError: <class 'django.template.base.Template'>](https://github.com/pympler/pympler/issues/55) * fixed [AttributeError: 'module' object has no attribute '__name__'](https://github.com/pympler/pympler/issues/62) -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Dominik Mierzejewski rpm@greysector.net 0.5-1 - update to 0.5 - drop obsolete patches - use pythonX_version macros in files list -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1597162 - python-Pympler-0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1597162 --------------------------------------------------------------------------------
================================================================================ python-streamlink-0.14.2-1.fc27 (FEDORA-2018-3f39e56edd) Python library for extracting streams from various websites -------------------------------------------------------------------------------- Update Information:
## streamlink 0.14.2 (2018-06-28) Just a few small fixes in this release. - Fixed Twitch OAuth request flow - Fix the tv3cat and vk plugins - VOD supported added to atresplayer plugin - Removed tv8cati and nineanime plugins - Added mjunoon.tv plugin ## streamlink 0.14.0 (2018-06-26) Here are the changes to this months release! - Multiple plugin fixes - Bug fixes for DASH streams - Updated API call for api.utils hours_minutes_seconds - Updated documentation - Dict structures fix - Reformated help menu - Logger fix -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Mohamed El Morabity melmorabity@fedoraproject.org - 0.14.2-1 - Update to 0.14.2 --------------------------------------------------------------------------------
================================================================================ rsyslog-8.36.0-1.fc27 (FEDORA-2018-c136c9059a) Enhanced system logging and kernel message trapping daemon -------------------------------------------------------------------------------- Update Information:
Rebase to 8.36.0 -------------------------- - dropped stdlog dependency as it is now deprecated upstream and will be eventually removed - OpenSSL driver added as alternative to GnuTLS, will probably bacome default in future - varuous enhancements and bugfixes -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Jiri Vymazal jvymazal@redhat.com - 8.36.0-1 - rebase to 8.36.0 - removed stdlog dependency as upstream is going to drop it - following upstream naming of pidfile - removed needless conditionals * Fri Jun 8 2018 Remi Collet remi@remirepo.net - 8.35.0-4 - rebuild with libbson and libmongc 1.10.2 (soname back to 0) * Mon May 28 2018 Remi Collet remi@remirepo.net - 8.35.0-3 - rebuild with libbson and libmongc 1.10.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1543992 - rsyslog appears to duplicate messages from journald when journald rotates its log files https://bugzilla.redhat.com/show_bug.cgi?id=1543992 [ 2 ] Bug #1587871 - rsyslog uses LimitNOFILE in Install section iso https://bugzilla.redhat.com/show_bug.cgi?id=1587871 [ 3 ] Bug #1580013 - rsyslog systemd service file has LimitNOFILE in the wrong section https://bugzilla.redhat.com/show_bug.cgi?id=1580013 [ 4 ] Bug #1595008 - rsyslog-8.36.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1595008 [ 5 ] Bug #1577903 - librelp-1.2.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1577903 --------------------------------------------------------------------------------
================================================================================ stellarium-0.18.1-1.fc27 (FEDORA-2018-3336a34bd9) Photo-realistic nightsky renderer -------------------------------------------------------------------------------- Update Information:
0.18.1 -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 Gwyn Ciesla limburgher@gmail.com - 0.18.1-1 - 0.18.1 --------------------------------------------------------------------------------
================================================================================ strace-4.23-1.fc27 (FEDORA-2018-5ebb3b7cfb) Tracks and displays system calls associated with a running process -------------------------------------------------------------------------------- Update Information:
v4.22 -> v4.23. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jun 14 2018 Dmitry V. Levin ldv@altlinux.org - 4.23-1 - v4.22 -> v4.23. - Enabled libdw backend for -k option (#1568647). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1568647 - backporting libdw based unwind feature https://bugzilla.redhat.com/show_bug.cgi?id=1568647 --------------------------------------------------------------------------------
================================================================================ zstd-1.3.5-1.fc27 (FEDORA-2018-7ab0a14f0b) Zstd compression library -------------------------------------------------------------------------------- Update Information:
Latest upstream -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 2 2018 P��draig Brady P@draigBrady.com - 1.3.5.1 - Latest upstream --------------------------------------------------------------------------------