The following Fedora 26 Security updates need testing: Age URL 266 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 98 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26 85 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef squid-4.0.23-1.fc26 60 https://bodhi.fedoraproject.org/updates/FEDORA-2018-db5041e661 bro-2.5.3-1.fc26 43 https://bodhi.fedoraproject.org/updates/FEDORA-2018-122ea355a7 memcached-1.4.39-2.fc26 26 https://bodhi.fedoraproject.org/updates/FEDORA-2018-010396b4a2 chromium-65.0.3325.181-1.fc26 21 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26 21 https://bodhi.fedoraproject.org/updates/FEDORA-2018-922cc2fbaa drupal8-8.3.9-1.fc26 18 https://bodhi.fedoraproject.org/updates/FEDORA-2018-22b25bab31 httpd-2.4.33-2.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-f6dc921a19 roundcubemail-1.3.6-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ac348a00ef opencv-3.2.0-15.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-58b0c6a60e anki-2.0.50-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3622f44a12 scummvm-2.0.0-1.fc26 scummvm-tools-2.0.0-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8b35c531db composer-1.6.4-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0050f7c0d1 perl-Module-CoreList-5.20180414-1.fc26 perl-5.24.4-397.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8ba4601398 dovecot-2.2.35-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-63de5f3f6b mod_http2-1.10.18-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a9615e2a1e gsoap-2.8.43-3.fc26
The following Fedora 26 Critical Path updates have yet to be approved: Age URL 63 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a iproute-4.14.1-5.fc26 21 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0787a0a775 python-productmd-1.11-2.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6804e5d47a ethtool-4.16-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-65aa477eb7 samba-4.6.15-0.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e6920f0a1f libcgroup-0.41-17.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-58d5da4dde osinfo-db-20180416-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0050f7c0d1 perl-Module-CoreList-5.20180414-1.fc26 perl-5.24.4-397.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-32e6a673f0 gnome-software-3.24.3-6.fc26
The following builds have been pushed to Fedora 26 updates-testing
ansible-2.5.1-1.fc26 boost-1.63.0-12.fc26 cups-filters-1.13.4-5.fc26 gpxsee-5.8-1.fc26 java-1.8.0-openjdk-1.8.0.171-3.b10.fc26 lollypop-0.9.506-1.fc26 qpdf-7.1.1-5.fc26 sane-backends-1.0.27-17.fc26
Details about builds:
================================================================================ ansible-2.5.1-1.fc26 (FEDORA-2018-b2058f774a) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information:
Update to 2.5.1 with bugfixes. See https://github.com/ansible/ansible/blob/stable-2.5/changelogs/CHANGELOG-v2.5... for full list of fixes. -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 18 2018 Kevin Fenzi kevin@scrye.com - 2.5.1-1 - Update to 2.5.1 with bugfixes. Fixes: #1569270 #1569153 #1566004 #1566001 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1563649 - Package ansible-doc-2.5.0-2.fc27.noarch.rpm too big https://bugzilla.redhat.com/show_bug.cgi?id=1563649 [ 2 ] Bug #1566004 - ansible-vault edit asks to change the vault password https://bugzilla.redhat.com/show_bug.cgi?id=1566004 [ 3 ] Bug #1569153 - Fact gathering fails if dmidecode is not present https://bugzilla.redhat.com/show_bug.cgi?id=1569153 [ 4 ] Bug #1566001 - ansible-vault edit asks to change the vault password https://bugzilla.redhat.com/show_bug.cgi?id=1566001 [ 5 ] Bug #1569270 - ansible-2.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1569270 --------------------------------------------------------------------------------
================================================================================ boost-1.63.0-12.fc26 (FEDORA-2018-b73bfea3af) The free peer-reviewed portable C++ source libraries -------------------------------------------------------------------------------- Update Information:
Updated Boost libraries are available that fix compatibility with CUDA 9.x compilers and fix a possible integer overflow in Boost.Regex. -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 18 2018 Jonathan Wakely jwakely@redhat.com - 1.63.0-12 - Add patch for Boost.Regex integer overflow (#1564252) - Add patch for CUDA version macro changes (#1530828) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1530828 - Cuda 9 fails to compile when using boost https://bugzilla.redhat.com/show_bug.cgi?id=1530828 [ 2 ] Bug #1564253 - boost: Integer overflow during calculation of max_state_count in regex library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1564253 --------------------------------------------------------------------------------
================================================================================ cups-filters-1.13.4-5.fc26 (FEDORA-2018-d7ea552cde) OpenPrinting CUPS filters and backends -------------------------------------------------------------------------------- Update Information:
Rebase to qpdf-7.1.1 because of CVEs -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 18 2018 Zdenek Dohnal zdohnal@redhat.com - 1.13.4-5 - rebuilt for qpdf-7.1.1 --------------------------------------------------------------------------------
================================================================================ gpxsee-5.8-1.fc26 (FEDORA-2018-a3e27dd046) GPS log file viewer and analyzer -------------------------------------------------------------------------------- Update Information:
News in version **5.8**: - Fixed the irritating map zoom changes on OSM maps switching and the 1px map center offset bug - Added Polish translation News in version **5.7**: - Added OziExplorer data files (plt, rte, wpt) support - OS X file icons update (including missing GPX icon) -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 19 2018 Nikola Forr�� nforro@redhat.com - 5.8-1 - Update to version 5.8 resolves: #1568190 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1568190 - gpxsee-5.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1568190 --------------------------------------------------------------------------------
================================================================================ java-1.8.0-openjdk-1.8.0.171-3.b10.fc26 (FEDORA-2018-9aa8064e12) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information:
Updated to securityupdate u171 -------------------------------------------------------------------------------- ChangeLog:
* Wed Apr 18 2018 Jiri Vanek jvanek@redhat.com - 1:1.8.0.171-1.b10 - Update to aarch64-jdk8u171-b10 and aarch64-shenandoah-jdk8u171-b10. - Fix jconsole.desktop.in subcategory, replacing "Monitor" with "Profiling" (PR3550) (gnu_andrew) - Fix invalid license 'LGPL+' (should be LGPLv2+ for ECC code) and add misisng ones (gnu_andrew) * Wed Apr 18 2018 Jiri Vanek jvanek@redhat.com - 1:1.8.0.162-7.b12 - added ownership of policy dir and subdirs - removed ignored attributes for classes.jsa * Tue Apr 10 2018 Severin Gehwolf sgehwolf@redhat.com - 1:1.8.0.162-6.b12 - Use correct patch for RHBZ#1538767 (JDK-8196516) * Mon Apr 2 2018 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.162-5.b12 - Cleanup from previous commit. - Remove unused upstream patch 8167200.hotspotAarch64.patch. --------------------------------------------------------------------------------
================================================================================ lollypop-0.9.506-1.fc26 (FEDORA-2018-651ff3cbf7) Music player for GNOME -------------------------------------------------------------------------------- Update Information:
Update to 0.9.506 ---- Update to 0.9.504 ---- Update to 0.9.502 ---- Update to 0.9.500 ---- Changed RR from pyplast to python2-pylast ---- Add art_album.py.diff (BZ #1562595) ---- Update to 0.9.403 ---- - Update lollypop-portal to 0.9.7 ---- Update to 0.9.402 ---- Update to 0.9.401 ---- Update to 0.9.400 ---- Update to 0.9.501 -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 19 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.506-1 - Update to 0.9.506 * Sat Apr 14 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.504-1 - Update to 0.9.504 * Fri Apr 13 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.502-1 - Update to 0.9.502 * Thu Apr 12 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.501-1 - Update to 0.9.501 * Thu Apr 12 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.500-1 - Update to 0.9.500 * Tue Apr 10 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.403-3 - Changed RR from pyplast to python2-pylast * Thu Apr 5 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.403-2 - Add art_album.py.diff (BZ #1562595) - Add bytecompile with Python 3 %global __python %{__python3} * Thu Mar 29 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.403-1 - Update to 0.9.403 * Wed Mar 28 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.402-2 - Update lollypop-portal to 0.9.7 * Tue Mar 20 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.402-1 - Update to 0.9.402 * Wed Mar 14 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.401-1 - Update to 0.9.401 - Cleanup spec file * Wed Mar 7 2018 Martin Gansser martinkg@fedoraproject.org - 0.9.400-1 - Update to 0.9.400 * Thu Feb 8 2018 Fedora Release Engineering releng@fedoraproject.org - 0.9.306-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Sat Jan 6 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 0.9.306-2 - Remove obsolete scriptlets -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1567480 - [abrt] lollypop: __new__(): Gdk.py:336:__new__:TypeError: constructor returned NULL https://bugzilla.redhat.com/show_bug.cgi?id=1567480 [ 2 ] Bug #1562595 - [abrt] lollypop: __on_save_artwork_tags(): art_album.py:432:__on_save_artwork_tags:GLib.GError: g_convert_error: L'URI ��sftp://bertof@192.168.1.42/mnt/1TB/Condivisa/Musica/Fondamentali/30%20Seconds%20To%20Mars%20-%20Kings%20and%20Queens.mp3�� non �� ... https://bugzilla.redhat.com/show_bug.cgi?id=1562595 --------------------------------------------------------------------------------
================================================================================ qpdf-7.1.1-5.fc26 (FEDORA-2018-d7ea552cde) Command-line tools and library for transforming PDF files -------------------------------------------------------------------------------- Update Information:
Rebase to qpdf-7.1.1 because of CVEs -------------------------------------------------------------------------------- ChangeLog:
* Mon Apr 16 2018 Zdenek Dohnal zdohnal@redhat.com - 7.1.1-5 - CVE-2018-9918 qpdf: stack exhaustion in QPDFObjectHandle and QPDF_Dictionary classes in libqpdf.a [fedora-all] * Mon Feb 19 2018 Zdenek Dohnal zdohnal@redhat.com - 7.1.1-4 - gcc and gcc-c++ are no longer in buildroot by default * Fri Feb 9 2018 Fedora Release Engineering releng@fedoraproject.org - 7.1.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Feb 8 2018 Zdenek Dohnal zdohnal@redhat.com - 7.1.1-2 - remove old stuff * Mon Feb 5 2018 Zdenek Dohnal zdohnal@redhat.com - 7.1.1-1 - rebase to 7.1.1 * Tue Sep 19 2017 Zdenek Dohnal zdohnal@redhat.com - 7.0.0-1 - rebase to 7.0.0 * Fri Aug 11 2017 Zdenek Dohnal zdohnal@redhat.com - 6.0.0-10 - adding patches for CVE back (cups-filters needed to rebuild) --------------------------------------------------------------------------------
================================================================================ sane-backends-1.0.27-17.fc26 (FEDORA-2018-feb776788c) Scanner access software -------------------------------------------------------------------------------- Update Information:
revert samsung patch ---- 1554032 - saned doesn't have permissions to write on usb port -------------------------------------------------------------------------------- ChangeLog:
* Thu Apr 19 2018 Zdenek Dohnal zdohnal@redhat.com - 1.0.27-17 - revert samsung patch * Tue Apr 17 2018 Zdenek Dohnal zdohnal@redhat.com - 1.0.27-16 - 1554032 - saned doesn't have permissions to write on usb port - updated --------------------------------------------------------------------------------