The following Fedora 28 Security updates need testing: Age URL 233 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d510cfd7eb jgraphx-3.6.0.0-6.fc28 182 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d7aeaa74da nodejs-brace-expansion-1.1.11-1.fc28 181 https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc073fdc1a nodejs-atob-2.1.1-1.fc28 174 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9dd3f7c013 unrtf-0.21.9-8.fc28 142 https://bodhi.fedoraproject.org/updates/FEDORA-2018-28e9841baf docker-latest-1.13.1-37.git9cb56fd.fc28 57 https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc4b7af297 xerces-c27-2.7.0-28.fc28 34 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7d748596e9 drupal8-8.6.2-1.fc28 30 https://bodhi.fedoraproject.org/updates/FEDORA-2018-18023f40fa drupal7-7.60-2.fc28 30 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2d2739ebed php-Smarty2-2.6.31-2.fc28 17 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8f0d2429d3 bird-1.6.4-2.fc28 14 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aadd3c2790 mupdf-1.14.0-6.fc28 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aa3752ac3c nginx-1.14.1-1.fc28 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-96b48b34ae mingw-uriparser-0.9.0-1.fc28 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a3ef0a026f uriparser-0.9.0-1.fc28 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b9581d9624 python-notebook-5.5.0-6.fc28 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b74b9ac8d1 tmux-2.8-2.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1d2a79fe1c cobbler-2.8.4-5.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c2a93f8e1b samba-4.8.7-0.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-060302dc83 glibc-2.27-35.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c341b70641 pdns-recursor-4.1.8-1.fc28
The following Fedora 28 Critical Path updates have yet to be approved: Age URL 10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2f5e72a448 grilo-0.3.7-1.fc28 10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d169dbb09d osinfo-db-20181116-1.fc28 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-fdc6d449e5 pungi-4.1.31-1.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-63e2c74a11 python-productmd-1.18-1.fc28 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a171287251 libarchive-3.3.3-2.fc28 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-aa127b03bc vim-8.1.549-1.fc28 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3222e7c914 radvd-2.17-11.fc28 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-17f2d1f30c patch-2.7.6-8.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-060302dc83 glibc-2.27-35.fc28 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c2a93f8e1b samba-4.8.7-0.fc28 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1fc1f4dbad lorax-28.21-1.fc28
The following builds have been pushed to Fedora 28 updates-testing
ansible-2.7.3-1.fc28 appcenter-3.0.1-2.fc28 buku-4.0-2.fc28 freerdp-2.0.0-47.rc4.fc28 gdb-8.1.1-4.fc28 groonga-8.0.9-1.fc28 hadoop-2.7.7-1.fc28 java-1.8.0-openjdk-1.8.0.191.b12-11.fc28 kobo-0.8.0-1.fc28 libsolv-0.7.1-2.fc28 nagios-4.4.2-3.fc28 net-snmp-5.8-3.fc28 perl-5.26.3-415.fc28 perl-BSON-1.10.1-1.fc28 perl-CPAN-Perl-Releases-3.84-1.fc28 perl-threads-shared-1.59-1.fc28 phan-1.1.5-1.fc28 python-magic-wormhole-0.11.2-1.fc28 regindexer-0.4-1.fc28 rubygem-jekyll-toc-0.9.1-1.fc28 strawberry-0.4.2-1.fc28 switchboard-2.3.5-1.fc28 vinagre-3.22.0-12.fc28 zsh-5.5.1-4.fc28
Details about builds:
================================================================================ ansible-2.7.3-1.fc28 (FEDORA-2018-1af71bc3be) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information:
Update to 2.7.3 bugfix release. See https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7... for more details. -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 29 2018 Kevin Fenzi kevin@scrye.com - 2.7.3-1 - Update to 2.7.3 --------------------------------------------------------------------------------
================================================================================ appcenter-3.0.1-2.fc28 (FEDORA-2018-b4024a059d) Software Center from elementary -------------------------------------------------------------------------------- Update Information:
Drop elementaryOS blacklist in favor of the version shipped with appcenter. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Fabio Valentini decathorpe@gmail.com - 3.0.1-2 - Drop elementaryOS blacklist in favor of the version shipped with appcenter. --------------------------------------------------------------------------------
================================================================================ buku-4.0-2.fc28 (FEDORA-2018-c424a48119) Powerful command-line bookmark manager -------------------------------------------------------------------------------- Update Information:
Add missing Requires -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Robert-Andr�� Mauchin zebob.m@gmail.com - 4.0-2 - Add missing Requires -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1655021 - [abrt] buku: module(): buku:21:<module>:ModuleNotFoundError: No module named 'bs4' https://bugzilla.redhat.com/show_bug.cgi?id=1655021 --------------------------------------------------------------------------------
================================================================================ freerdp-2.0.0-47.rc4.fc28 (FEDORA-2018-ea25330452) Free implementation of the Remote Desktop Protocol (RDP) -------------------------------------------------------------------------------- Update Information:
FreeRDP update to the latest release candidate and fix of RDP support in Vinagre. -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 29 2018 Ondrej Holy oholy@redhat.com - 2:2.0.0-47.rc4 - Update to 2.0.0-rc4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1636560 - Black screen when using RDP in Remote Desktop viewer https://bugzilla.redhat.com/show_bug.cgi?id=1636560 --------------------------------------------------------------------------------
================================================================================ gdb-8.1.1-4.fc28 (FEDORA-2018-c86898e4a7) A stub package for GNU source-level debugger -------------------------------------------------------------------------------- Update Information:
Fix 'py-bt is broken, results in exception' (RHBZ 1639242). -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Sergio Durigan Junior sergiodj@redhat.com - 8.1.1-4.fc28 - Fix 'py-bt is broken, results in exception' (RHBZ 1639242). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1639242 - py-bt is broken, results in exception https://bugzilla.redhat.com/show_bug.cgi?id=1639242 --------------------------------------------------------------------------------
================================================================================ groonga-8.0.9-1.fc28 (FEDORA-2018-e9382628ae) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information:
new upstream release -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Kentaro Hayashi hayashi@clear-code.com 8.0.9-1 - new upstream release - fix E: specfile-error warning: Macro expanded in comment --------------------------------------------------------------------------------
================================================================================ hadoop-2.7.7-1.fc28 (FEDORA-2018-f1f44e4c6d) A software platform for processing vast amounts of data -------------------------------------------------------------------------------- Update Information:
Bug fix and upgrade to version 2.7.7 -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 29 2018 Mike Miller mmiller@apache.org - 2.7.7-1 - Upgrade to 2.7.7. Remove patch no longer needed for CVE-2018-8009 * Wed Nov 28 2018 Mike Miller mmiller@apache.org - 2.7.6-5 - Fix NoClassDefFoundError with cglib in Yarn and make top level hadoop package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1654240 - CVE-2018-11766 hadoop: Privilege escalation to root (Incomplete fix for CVE-2016-6811) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1654240 [ 2 ] Bug #1554525 - When starting Resource Manager - java.lang.NoClassDefFoundError: net/sf/cglib/core/CodeGenerationException https://bugzilla.redhat.com/show_bug.cgi?id=1554525 --------------------------------------------------------------------------------
================================================================================ java-1.8.0-openjdk-1.8.0.191.b12-11.fc28 (FEDORA-2018-959abbba13) OpenJDK Runtime Environment 8 -------------------------------------------------------------------------------- Update Information:
Some minor updates + TLSv1.2 support via the PKCS11 provider. -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 22 2018 Andrew John Hughes gnu.andrew@redhat.com - 1:1.8.0.191.b12-11 - Add backport of JDK-8029661 which adds TLSv1.2 support to the PKCS11 provider. * Tue Nov 13 2018 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.191.b12-10 - Revise Shenandoah PR3634 patch following upstream discussion. * Wed Nov 7 2018 Jiri Vanek jvanek@redhat.com - 1:1.8.0.191.b12-9 - headfull suggests of cups, replaced by Requires of cups-libs in headless * Wed Nov 7 2018 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.191.b12-9 - Note why PR1834/RH1022017 is not suitable to go upstream in its current form. * Mon Nov 5 2018 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.191.b12-9 - Document patch sections. * Mon Nov 5 2018 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.191.b12-9 - Fix patch organisation in the spec file: - * Move ECC patches back to upstreamable section - * Move system cacerts & crypto policy patches to upstreamable section - * Merge "Local fixes" and "RPM fixes" which amount to the same thing - * Move system libpng & lcms patches back to 8u upstreamable section --------------------------------------------------------------------------------
================================================================================ kobo-0.8.0-1.fc28 (FEDORA-2018-b7705eb407) Python modules for tools development -------------------------------------------------------------------------------- Update Information:
New upstream release 0.8.0. ### FEATURES & IMPROVEMENTS - Improved Python 3 compatibility - Improved Django 2.0 compatibility - Improved tests coverage - Header produced by kobo.shortcuts.run(show_cmd=True) is now limited to 79 characters length ### BUG FIXES - Fixed handling of string SERVER_PORT in wsgi requests - Fixed Worker.timeout_task wrongly setting subtasks to INTERRUPTED ([#72](https://github.com/release-engineering/kobo/issues/72)) - Fixed Worker.set_task_weight always crashing ([#75](https://github.com/release- engineering/kobo/issues/75)) - Fixed missing dependency on python-six https://bugzilla.redhat.com/show_bug.cgi?id=1654946 -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Rohan McGovern rmcgover@redhat.com - 0.8.0-1 - New upstream release 0.8.0 * Fri Nov 30 2018 Rohan McGovern rmcgover@redhat.com - 0.7.0-8 - Add missing dependencies on python-six (RHBZ#1654946) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1654946 - kobo packages are missing dependency on six https://bugzilla.redhat.com/show_bug.cgi?id=1654946 --------------------------------------------------------------------------------
================================================================================ libsolv-0.7.1-2.fc28 (FEDORA-2018-13fa00525c) Package dependency solver -------------------------------------------------------------------------------- Update Information:
Backport fixes for autouninstall -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org - 0.7.1-2 - Backport fixes for autouninstall -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1446068 - "dnf update --allowerasing" just removes packages instead of update https://bugzilla.redhat.com/show_bug.cgi?id=1446068 --------------------------------------------------------------------------------
================================================================================ nagios-4.4.2-3.fc28 (FEDORA-2018-70fe6a4d75) Host/service/network monitoring program -------------------------------------------------------------------------------- Update Information:
Updates to nagios-4.4.2 which is a major update. Fixes CVE's CVE-2018-13441 CVE-2016-8641 ---- Remove section which unset nagios Fix BZ#1568273 -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Stephen Smoogen smooge@fedoraproject.org - 4.4.2-3 - Remove systemd startup since built in works properly - Incorporate fixes from patch14 into patch9 * Thu Nov 29 2018 Stephen Smoogen smooge@fedoraproject.org - 4.4.2-2 - Fix init-type and initdir for systemd and sysv * Wed Nov 28 2018 Justin Paulsen petaris@gmail.com 4.4.2-1 - Bumped to version 4.4.2 - Updated patches 0001,0002,0003,0006,0009,0010,0011 to reflect upstream changes - Updates to nagios.spec (this file) to cleanup un-needed elements and adjust/fix as required - As a result of the cleanup I have added a patch nagios-0014-fix-resource.cfg-path.patch * Tue Jul 24 2018 Stephen Smoogen smooge@fedoraproject.org - 4.3.4-13 - Remove section which unset nagios Fix BZ#1568273 - Remove /etc/nagios/conf.d Fix BZ#1504306 - Change perms on dir Fix BZ#1579935 - Close BZ#1273154 - Hopefully Fix BZ#1201849 - Hopefully Fix BZ#1476238 - Hopefully Fix BZ#1494292 * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 4.3.4-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Thu Jun 28 2018 Jitka Plesnikova jplesnik@redhat.com - 4.3.4-11 - Perl 5.28 rebuild * Thu Apr 26 2018 Stephen Smoogen smooge@fedoraproject.org - 4.3.4-10 - Fix systemd failures due to old versioning. * Tue Feb 20 2018 Stephen Smoogen smooge@fedoraproject.org - 4.3.4-9 - Add buildrequires for gcc * Thu Feb 8 2018 Fedora Release Engineering releng@fedoraproject.org - 4.3.4-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1593048 - nagios-4.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1593048 [ 2 ] Bug #1647765 - Memory leak in nagios https://bugzilla.redhat.com/show_bug.cgi?id=1647765 [ 3 ] Bug #1482407 - nagios-4.3.2-8.el7 crash caused by (potential) result size issue in wproc https://bugzilla.redhat.com/show_bug.cgi?id=1482407 [ 4 ] Bug #1506423 - Nagios regularly crashes with SIGSEGV after couple of weeks of starting. https://bugzilla.redhat.com/show_bug.cgi?id=1506423 [ 5 ] Bug #1592594 - nagios spool files in wrong location by default, causing SELinux violations https://bugzilla.redhat.com/show_bug.cgi?id=1592594 --------------------------------------------------------------------------------
================================================================================ net-snmp-5.8-3.fc28 (FEDORA-2018-b60fdc1998) A collection of SNMP protocol tools and libraries -------------------------------------------------------------------------------- Update Information:
Update to net-snmp-5.8. -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 27 2018 Josef Ridky jridky@redhat.com - 1:5.8-3 - backport memory leak fixes from upstream - add fPIE to CFLAGS (#1543853) - use default LDFLAGS * Mon Jul 23 2018 Josef Ridky jridky@redhat.com - 1:5.8-2 - fix unresoved error with mysql functions - implement changes to announce soname changes * Wed Jul 18 2018 Josef Ridky jridky@redhat.com - 1:5.8-1 - New upstream release 5.8 - remove APSL downstream patch due this copyright is already coveret by part 8 in COPYING file * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 1:5.7.3-42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Sat Jul 7 2018 Miro Hron��ok mhroncok@redhat.com - 1:5.7.3-41 - Rebuilt for Python 3.7 * Wed Jun 27 2018 Jitka Plesnikova jplesnik@redhat.com - 1:5.7.3-40 - Perl 5.28 rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1637573 - CVE-2018-18065 CVE-2018-18066 net-snmp: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1637573 [ 2 ] Bug #1543853 - net-snmp: Fedora build flags only partially applied https://bugzilla.redhat.com/show_bug.cgi?id=1543853 [ 3 ] Bug #1531020 - net-snmp-5.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1531020 --------------------------------------------------------------------------------
================================================================================ perl-5.26.3-415.fc28 (FEDORA-2018-ca03363d57) Practical Extraction and Report Language -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314 -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Jitka Plesnikova jplesnik@redhat.com - 4:5.26.3-415 - 5.26.3 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1646751 - CVE-2018-18314 perl: Heap-based buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1646751 [ 2 ] Bug #1646738 - CVE-2018-18313 perl: Heap-buffer-overflow read in regcomp.c https://bugzilla.redhat.com/show_bug.cgi?id=1646738 [ 3 ] Bug #1646730 - CVE-2018-18311 perl: Integer overflow leading to buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1646730 [ 4 ] Bug #1646734 - CVE-2018-18312 perl: Heap-buffer-overflow write / reg_node overrun https://bugzilla.redhat.com/show_bug.cgi?id=1646734 --------------------------------------------------------------------------------
================================================================================ perl-BSON-1.10.1-1.fc28 (FEDORA-2018-673edd1ceb) BSON serialization and deserialization -------------------------------------------------------------------------------- Update Information:
This release adds BSON::Raw::get_first_key() method, implements ObjectID specification and limits BSON encoding and decoding to a maximal depth limit to provent from exhausting a resources. It also improves BSON error messages. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Petr Pisar ppisar@redhat.com - 1.10.1-1 - 1.10.1 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1655009 - Upgrade perl-BSON to 1.10.1 https://bugzilla.redhat.com/show_bug.cgi?id=1655009 --------------------------------------------------------------------------------
================================================================================ perl-CPAN-Perl-Releases-3.84-1.fc28 (FEDORA-2018-4a8cde0366) Mapping Perl releases on CPAN to the location of the tarballs -------------------------------------------------------------------------------- Update Information:
Updated to the latest version -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Jitka Plesnikova jplesnik@redhat.com - 3.84-1 - 3.84 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1655089 - Upgrade perl-CPAN-Perl-Releases to 3.84 https://bugzilla.redhat.com/show_bug.cgi?id=1655089 --------------------------------------------------------------------------------
================================================================================ perl-threads-shared-1.59-1.fc28 (FEDORA-2018-d6a3723ac6) Perl extension for sharing data structures between threads -------------------------------------------------------------------------------- Update Information:
This release fixes loading its XS implementation on perls that do not support threads. This is not the case of Fedora. We deliver it only to provide an up-to- date version string. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Petr Pisar ppisar@redhat.com - 1.59-1 - 1.59 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1655011 - Upgrade perl-threads-shared to 1.59 https://bugzilla.redhat.com/show_bug.cgi?id=1655011 --------------------------------------------------------------------------------
================================================================================ phan-1.1.5-1.fc28 (FEDORA-2018-e5300b64f6) A static analyzer for PHP -------------------------------------------------------------------------------- Update Information:
29 Nov 2018, Phan 1.1.5 ----------------------- **Language Server:** + Fix a crash in the Language Server when pcntl is not installed or enabled (e.g. on Windows) (#2186) ---- 27 Nov 2018, Phan 1.1.4 ----------------------- **New features(Analysis):** + Preserve original descendent object types after type assertions, when original object types are all subtypes (e.g. infer `SubClass` for `$x = rand(0,1) ? new SubClass() : false; if ($x instanceof BaseClass) { ... }`) **Maintenance:** + Emit `UnusedPluginSuppression` on `@phan-suppress-next- line` and `@phan-file-suppress` on the same line as the comment declaring the suppression. (#2167, #1731) + Don't emit `PhanInvalidCommentForDeclarationType` (or attempt to parse) unknown tags that have known tags as prefixes (#2156) (e.g. `@param-some-unknown-tag`) **Bug fixes:** + Fix a crash when analyzing a nullable parameter of type `self` in traits (#2163) + Properly parse closures/generic arrays/array shapes when inner types also contain commas (#2141) + Support matching parentheses inside closure params, recursively. (e.g. `Closure(int[],Closure(int):bool):int[]`) + Don't warn about properties being read-only when they might be modified by reference (#1729) ---- 20 Nov 2018, Phan 1.1.3 ----------------------- **New features (CLI):** + Warn when calling method on union types that are definitely partially invalid. (#1885) New config setting: `--strict-method-checking` (enabled as part of `--strict-type- checking`) New issue type: `PhanPossiblyNonClassMethodCall` + Add a prototype tool `tool/phoogle`, which can be used to search for function/method signatures in user-declared and internal functions/methods. E.g. to look for functions that return a string, given a string and an array: `/path/phan/tool/phoogle 'string -> array -> string` **New features (Analysis):** + Add a heuristic check to detect potential infinite recursion in a functionlike calling itself (i.e. stack overflows) New issue types: `PhanInfiniteRecursion` + Infer literal integer values from expressions such as `2 | 1`, `2 + 2`, etc. + Infer more accurate array shapes for `preg_match_all` (based on existing inferences for `preg_match`) + Make Phan infer union types of variables from switch statements on variables (#1291) (including literal int and string types) + Analyze simple assertions on `get_class($var)` of various forms (#1977) Examples: - `assert(get_class($x) === 'someClass')` - `if (get_class($x) === someClass::class)` - `switch (get_class($x)) {case someClass::class: ...}` + Warn about invalid/possibly invalid callables in function calls. New issue types: `PhanTypeInvalidCallable`, `PhanTypePossiblyInvalidCallable` (the latter check requires `--strict-method-checking`) + Reduce false positives for a few functions (such as `substr`) in strict mode. + Make Phan infer that variables are not null/false from various comparison expressions, e.g. `assert($x > 0);` + Detect invalid arguments to `++`/`--` operators (#680). Improve the analysis of the side effects of `++`/`--` operators. New issue type: `PhanTypeInvalidUnaryOperandIncOrDec` **Plugins:** + Add `BeforeAnalyzeCapability`, which will be executed once before starting the analysis phase. (#2086) **Bug fixes:** + Fix false positives analyzing `define()` (#2128) + Support declaring instance properties as the union type `static` (#2145) New issue types: `PhanStaticPropIsStaticType` + Fix a crash seen when Phan attempted to emit `PhanTypeArrayOperator` for certain operations (#2153) -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Remi Collet remi@remirepo.net - 1.1.5-1 - update to 1.1.5 * Wed Nov 28 2018 Remi Collet remi@remirepo.net - 1.1.4-1 - update to 1.1.4 * Wed Nov 21 2018 Remi Collet remi@remirepo.net - 1.1.3-1 - update to 1.1.3 --------------------------------------------------------------------------------
================================================================================ python-magic-wormhole-0.11.2-1.fc28 (FEDORA-2018-91b552ba80) Securely transfer data between computers -------------------------------------------------------------------------------- Update Information:
Initial packaging for fedora. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1653806 - Review Request: python-magic-wormhole - Securely transfer data between computers https://bugzilla.redhat.com/show_bug.cgi?id=1653806 --------------------------------------------------------------------------------
================================================================================ regindexer-0.4-1.fc28 (FEDORA-2018-91249bf1c5) Tool for creating an index of a container registry -------------------------------------------------------------------------------- Update Information:
Update to version 0.4 - fixes a problem where only the first 100 repositories in a registry would be indexed. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 fedora-toolbox otaylor@redhat.com - 0.4-1 - Version 0.4 (fixes problem with > 100 repositories) * Wed Aug 29 2018 Owen Taylor otaylor@redhat.com - 0.3-1 - Version 0.3 --------------------------------------------------------------------------------
================================================================================ rubygem-jekyll-toc-0.9.1-1.fc28 (FEDORA-2018-7ee82f9703) Jekyll Table of Contents plugin -------------------------------------------------------------------------------- Update Information:
Update to version 0.9.1. Release notes: https://github.com/toshimaru/jekyll- toc/releases/tag/v0.9.1 -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Fabio Valentini decathorpe@gmail.com - 0.9.1-1 - Update to version 0.9.1. --------------------------------------------------------------------------------
================================================================================ strawberry-0.4.2-1.fc28 (FEDORA-2018-bc8108e8ef) An audio player and music collection organizer -------------------------------------------------------------------------------- Update Information:
Release 0.4.2 -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Robert-Andr�� Mauchin zebob.m@gmail.com - 0.4.2-1 - Release 0.4.2 --------------------------------------------------------------------------------
================================================================================ switchboard-2.3.5-1.fc28 (FEDORA-2018-b650b892df) Modular Desktop Settings Hub -------------------------------------------------------------------------------- Update Information:
Update to version 2.3.5. Release notes: https://github.com/elementary/switchboard/releases/tag/2.3.5 -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Fabio Valentini decathorpe@gmail.com - 2.3.5-1 - Update to version 2.3.5. --------------------------------------------------------------------------------
================================================================================ vinagre-3.22.0-12.fc28 (FEDORA-2018-ea25330452) VNC client for GNOME -------------------------------------------------------------------------------- Update Information:
FreeRDP update to the latest release candidate and fix of RDP support in Vinagre. -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Ondrej Holy oholy@redhat.com - 3.22.0-12 - Fix build with recent FreeRDP versions -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1636560 - Black screen when using RDP in Remote Desktop viewer https://bugzilla.redhat.com/show_bug.cgi?id=1636560 --------------------------------------------------------------------------------
================================================================================ zsh-5.5.1-4.fc28 (FEDORA-2018-5a3a9e6e46) Powerful interactive shell -------------------------------------------------------------------------------- Update Information:
- return non-zero exit status on nested parse error (#1654989) -------------------------------------------------------------------------------- ChangeLog:
* Fri Nov 30 2018 Kamil Dudka kdudka@redhat.com - 5.5.1-4 - return non-zero exit status on nested parse error (#1654989) --------------------------------------------------------------------------------