The following Fedora 29 Security updates need testing: Age URL 115 https://bodhi.fedoraproject.org/updates/FEDORA-2018-51ce232320 xerces-c27-2.7.0-28.fc29 44 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b89746cb9b tomcat-9.0.13-1.fc29 9 https://bodhi.fedoraproject.org/updates/FEDORA-2019-376ecc221c nagios-4.4.3-1.fc29 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-a034423db8 docker-1.13.1-63.git1185cfd.fc29 7 https://bodhi.fedoraproject.org/updates/FEDORA-2019-f5b57646b7 docker-latest-1.13.1-40.git1185cfd.fc29 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-3c45bd2cc3 mingw-python-qt5-5.11.3-2.fc29 mingw-qt5-qt3d-5.11.3-1.fc29 mingw-qt5-qtactiveqt-5.11.3-1.fc29 mingw-qt5-qtbase-5.11.3-1.fc29 mingw-qt5-qtcharts-5.11.3-1.fc29 mingw-qt5-qtdeclarative-5.11.3-1.fc29 mingw-qt5-qtgraphicaleffects-5.11.3-1.fc29 mingw-qt5-qtimageformats-5.11.3-1.fc29 mingw-qt5-qtlocation-5.11.3-1.fc29 mingw-qt5-qtmultimedia-5.11.3-1.fc29 mingw-qt5-qtquickcontrols-5.11.3-1.fc29 mingw-qt5-qtscript-5.11.3-1.fc29 mingw-qt5-qtsensors-5.11.3-1.fc29 mingw-qt5-qtserialport-5.11.3-1.fc29 mingw-qt5-qtsvg-5.11.3-1.fc29 mingw-qt5-qttools-5.11.3-1.fc29 mingw-qt5-qttranslations-5.11.3-1.fc29 mingw-qt5-qtwebkit-5.9.4-0.8.gitbd0657f.fc29 mingw-qt5-qtwebsockets-5.11.3-1.fc29 mingw-qt5-qtwinextras-5.11.3-1.fc29 mingw-qt5-qtxmlpatterns-5.11.3-1.fc29 mingw-sip-4.19.13-2.fc29 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-d8ec88b21e moodle-3.5.4-1.fc29
The following Fedora 29 Critical Path updates have yet to be approved: Age URL 45 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3d43e7dd21 SLOF-0.1.git20180702-2.fc29 15 https://bodhi.fedoraproject.org/updates/FEDORA-2019-27778372a6 pungi-4.1.32-3.fc29 9 https://bodhi.fedoraproject.org/updates/FEDORA-2019-0ab485544f libguestfs-1.40.1-2.fc29 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-ca705d784a lorax-29.25-1.fc29 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-58052493a6 python-jsonschema-2.6.0-6.fc29 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-ea8a50f7eb exo-0.12.4-1.fc29 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-c042484003 kernel-4.20.4-200.fc29 kernel-headers-4.20.4-200.fc29 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6406ad278b hivex-1.3.17-1.fc29 2 https://bodhi.fedoraproject.org/updates/FEDORA-2019-640a4bb060 supermin-5.1.20-2.fc29 2 https://bodhi.fedoraproject.org/updates/FEDORA-2019-a23010d9e1 python-productmd-1.19-1.fc29
The following builds have been pushed to Fedora 29 updates-testing
Thunar-1.8.4-1.fc29 argbash-2.8.0-1.fc29 golang-1.11.5-1.fc29 gtk2-2.24.32-4.fc29 libiio-0.17-1.fc29 libmodulemd-2.1.0-1.fc29 numix-icon-theme-circle-0.1.0-19.20190124.gitda33f8b.fc29 numix-icon-theme-square-0.1.0-4.20190124.gitb37c7e4.fc29 openbabel-2.4.1-16.fc29 paprefs-1.1-1.fc29 pipenv-2018.11.26-5.fc29 python36-3.6.8-3.fc29 radvd-2.17-17.fc29
Details about builds:
================================================================================ Thunar-1.8.4-1.fc29 (FEDORA-2019-38fd1ced56) Thunar File Manager -------------------------------------------------------------------------------- Update Information:
update to version 1.8.4 ---- update to version 1.8.3 -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Mukundan Ragavan nonamedotc@fedoraproject.org - 1.8.4-1 - Update to 1.8.4 * Thu Jan 24 2019 Mukundan Ragavan nonamedotc@fedoraproject.org - 1.8.3-1 - Update to 1.8.3 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669165 - [abrt] Thunar: g_file_monitor_emit_event(): thunar killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1669165 [ 2 ] Bug #1641260 - [abrt] Thunar: thunar_file_get_display_name(): thunar killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1641260 [ 3 ] Bug #1659791 - [abrt] Thunar: thunar_shortcuts_model_set_busy(): thunar killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1659791 [ 4 ] Bug #1665577 - Thunar does not provide org.xfce.FileManager dbus service https://bugzilla.redhat.com/show_bug.cgi?id=1665577 --------------------------------------------------------------------------------
================================================================================ argbash-2.8.0-1.fc29 (FEDORA-2019-8971560906) Bash argument parsing code generator -------------------------------------------------------------------------------- Update Information:
Update to argbash 2.8.0 -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Stephen Gallagher sgallagh@redhat.com - 2.8.0-1 - Update to 2.8.0 - New features: * Allow argbash and argbash-init to be run from symbolic links. * Allow scripts generated by argbash-init with complete separation (-s -s) to be run from a symbolic link. * Implemented output to generate manpages using the rst2man utility * Introduced the ARG_VERSION_AUTO macro. - Bugfixes: * Double quotes in help messages are escaped (fixes #61). * Fixed regression that allowed duplicate short options (fixes #58). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669789 - argbash-2.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669789 --------------------------------------------------------------------------------
================================================================================ golang-1.11.5-1.fc29 (FEDORA-2019-dbd82d0882) The Go Programming Language -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2019-6486 -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Jakub ��ajka jcajka@redhat.com - 1.11.5-1 - Rebase to go1.11.5 - Fix for CVE-2019-6486 - Resolves: BZ#1668973 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1668972 - CVE-2019-6486 golang: crypto/elliptic implementations of P-521 and P-384 elliptic curves allow for denial of service https://bugzilla.redhat.com/show_bug.cgi?id=1668972 --------------------------------------------------------------------------------
================================================================================ gtk2-2.24.32-4.fc29 (FEDORA-2019-ed591bb7c7) GTK+ graphical user interface library -------------------------------------------------------------------------------- Update Information:
This update backports two bug fixes from upstream, fixing: - calendar: Use the new "%OB" format if supported - Fix compiler warnings with GCC 8.1 in projects using gtk+ -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Kalev Lember klember@redhat.com - 2.24.32-4 - Backport two fixes from upstream (#1669768) - calendar: Use the new "%OB" format if supported - Fix compiler warnings with GCC 8.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669768 - Pull some upstream patches https://bugzilla.redhat.com/show_bug.cgi?id=1669768 --------------------------------------------------------------------------------
================================================================================ libiio-0.17-1.fc29 (FEDORA-2019-9982caa5d6) Library for Industrial IO -------------------------------------------------------------------------------- Update Information:
Update to 0.17, Enable IIOD USB/AIO backend -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Peter Robinson pbrobinson@fedoraproject.org 0.17-1 - Update to 0.17 - Enable IIOD USB/AIO backend --------------------------------------------------------------------------------
================================================================================ libmodulemd-2.1.0-1.fc29 (FEDORA-2019-03bc622a3a) Module metadata manipulation library -------------------------------------------------------------------------------- Update Information:
- Update to libmodulemd 2.1.0 and 1.8.2 - Drop upstreamed patches - Add new API ModuleStream.depends_on_stream() and ModuleStream.build_depends_on_stream() to help support auto-detection of when a module stream may need to be rebuilt when its dependencies change. - Don't fail merges when default streams differ, treat it as "no default for this module" - Fix error message - Copy modified value when copying Modulemd.Defaults objects - Fixes discovered by clang and coverity static analysis tools - Test improvements -------------------------------------------------------------------------------- ChangeLog:
* Sat Jan 26 2019 Stephen Gallagher sgallagh@redhat.com - 2.1.0-1 - Update to libmodulemd 2.1.0 and 1.8.2 - Drop upstreamed patches - Add new API ModuleStream.depends_on_stream() and ModuleStream.build_depends_on_stream() to help support auto-detection of when a module stream may need to be rebuilt when its dependencies change. - Don't fail merges when default streams differ, treat it as "no default for this module" - Fix error message - Copy modified value when copying Modulemd.Defaults objects - Fixes discovered by clang and coverity static analysis tools - Test improvements --------------------------------------------------------------------------------
================================================================================ numix-icon-theme-circle-0.1.0-19.20190124.gitda33f8b.fc29 (FEDORA-2019-919f37cdca) Numix Project circle icon theme -------------------------------------------------------------------------------- Update Information:
Update to release 19.01.24 ---- Update the release 18.12.01 -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Brendan Early mymindstorm1@gmail.com - 0.1.0-19.20190124.gitda33f8b - Update to release 19.01.24 * Fri Jan 18 2019 Brendan Early mymindstorm1@gmail.com - 0.1.0-18.20181201.git085899f - Update to release 18.12.01 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669279 - numix-icon-theme-circle-19.01.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669279 --------------------------------------------------------------------------------
================================================================================ numix-icon-theme-square-0.1.0-4.20190124.gitb37c7e4.fc29 (FEDORA-2019-0f5c617110) Numix Project square icon theme -------------------------------------------------------------------------------- Update Information:
Update to release 19.01.24 ---- Update the release 18.12.01 -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Brendan Early mymindstorm1@gmail.com - 0.1.0-4.20190124.gitb37c7e4 - Update to release 19.01.24 * Fri Jan 18 2019 Brendan Early mymindstorm1@gmail.com - 0.1.0-3.20181201.git70711c2 - Update to release 18.12.01 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669280 - numix-icon-theme-square-19.01.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669280 --------------------------------------------------------------------------------
================================================================================ openbabel-2.4.1-16.fc29 (FEDORA-2019-beefbbb99d) Chemistry software file format converter -------------------------------------------------------------------------------- Update Information:
Fix library path in pkg-config file in the devel package. -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Dominik Mierzejewski rpm@greysector.net - 2.4.1-16 - Fix path to libdir in .pc (#1669664) - Use https for URL: - Exclude obgui from the main openbabel package - Disable failing test on s390x/F29+ -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669664 - Wrong pkgconfig file https://bugzilla.redhat.com/show_bug.cgi?id=1669664 --------------------------------------------------------------------------------
================================================================================ paprefs-1.1-1.fc29 (FEDORA-2019-e147e44a21) Management tool for PulseAudio -------------------------------------------------------------------------------- Update Information:
An update to the latest upstream release: * https://freedesktop.org/software/pulseaudio/paprefs/#news -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Julian Sikorski belegdol@fedoraproject.org - 1.1-1 - Update to 1.1 - Drop upstreamed patch - Drop dbus-glib BuildRequires -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669432 - paprefs-1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669432 --------------------------------------------------------------------------------
================================================================================ pipenv-2018.11.26-5.fc29 (FEDORA-2019-ef440e9861) The higher level Python packaging tool -------------------------------------------------------------------------------- Update Information:
Fix unbundling. Removes warnings and tracebacks from `pipenv shell` and `pipenv uninstall`. -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 24 2019 Miro Hron��ok mhroncok@redhat.com - 2018.11.26-5 - Fix a fix of unbundling of packaging (sorry) * Tue Jan 22 2019 Miro Hron��ok mhroncok@redhat.com - 2018.11.26-4 - Fix unbundling of packaging - Fixes https://github.com/pypa/pipenv/issues/3469 * Wed Jan 9 2019 Owen Taylor otaylor@redhat.com - 2018.11.26-3 - Fix pexpect import for compatibility mode of pipenv shell -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1668447 - [abrt] pipenv: do_uninstall(): core.py:2012:do_uninstall:ModuleNotFoundError: No module named 'pipenv.vendor.packaging' https://bugzilla.redhat.com/show_bug.cgi?id=1668447 --------------------------------------------------------------------------------
================================================================================ python36-3.6.8-3.fc29 (FEDORA-2019-7eb6d3b8ea) Version 3.6 of the Python interpreter -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2019-5010 -------------------------------------------------------------------------------- ChangeLog:
* Wed Jan 23 2019 Patrik Kopkan pkopkan@redhat.com - 3.6.8-3 - fix for CVE-2019-5010 (#1666519, #1666520) * Mon Jan 14 2019 Bj��rn Esser besser82@fedoraproject.org - 3.6.8-2 - Rebuilt for libcrypt.so.2 (#1666033) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1666519 - CVE-2019-5010 python: NULL pointer dereference using a specially crafted X509 certificate https://bugzilla.redhat.com/show_bug.cgi?id=1666519 --------------------------------------------------------------------------------
================================================================================ radvd-2.17-17.fc29 (FEDORA-2019-9790f1867a) A Router Advertisement daemon -------------------------------------------------------------------------------- Update Information:
Fix double-free in InterfaceList -------------------------------------------------------------------------------- ChangeLog:
* Sun Jan 27 2019 Pavel Zhukov pzhukov@redhat.com - 2.17-17 - Fix double-free in InterfaceList -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669297 - radvd: Use After Free in case of misconfiguration https://bugzilla.redhat.com/show_bug.cgi?id=1669297 --------------------------------------------------------------------------------