The following Fedora 29 Security updates need testing: Age URL 128 https://bodhi.fedoraproject.org/updates/FEDORA-2018-51ce232320 xerces-c27-2.7.0-28.fc29 57 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b89746cb9b tomcat-9.0.13-1.fc29 11 https://bodhi.fedoraproject.org/updates/FEDORA-2019-ac70292cfc rdesktop-1.8.4-2.fc29 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-614f1cd5a8 community-mysql-8.0.14-1.fc29 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-b0bd3c604a mingw-poppler-0.67.0-3.fc29 9 https://bodhi.fedoraproject.org/updates/FEDORA-2019-f44f095639 pdns-recursor-4.1.9-1.fc29 9 https://bodhi.fedoraproject.org/updates/FEDORA-2019-73cbc02e14 perl-Email-Address-List-0.06-1.fc29 5 https://bodhi.fedoraproject.org/updates/FEDORA-2019-9ccbbfeae1 mingw-libconfuse-3.2.2-1.fc29 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cc827b7a1 podofo-0.9.6-5.fc29 mingw-podofo-0.9.6-7.fc29
The following Fedora 29 Critical Path updates have yet to be approved: Age URL 59 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3d43e7dd21 SLOF-0.1.git20180702-2.fc29 10 https://bodhi.fedoraproject.org/updates/FEDORA-2019-08018846dd lorax-29.26-1.fc29 8 https://bodhi.fedoraproject.org/updates/FEDORA-2019-0d0dab0484 iproute-4.20.0-1.fc29 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-896033e53f python-packaging-19.0-1.fc29 3 https://bodhi.fedoraproject.org/updates/FEDORA-2019-3aa0fbffb4 ibus-1.5.19-16.fc29
The following builds have been pushed to Fedora 29 updates-testing
NetworkManager-openvpn-1.8.10-1.fc29 R-Bessel-0.5.5-1.fc29 R-R.rsp-0.43.1-1.fc29 R-future-1.11.1.1-1.fc29 R-gplots-3.0.1.1-1.fc29 R-repr-0.19.2-1.fc29 R-unitizer-1.4.6-1.fc29 abcde-2.9.3-1.fc29 abrt-server-info-page-1.7-1.fc29 amanda-3.5.1-16.fc29 ansible-2.7.7-1.fc29 aspell-0.60.6.1-25.fc29 aspell-es-1.11-16.fc29 aspell-pt_PT-20070510-15.fc29 aspell-sk-2.02-1.fc29 awesome-4.3-1.fc29 bouncycastle-1.61-1.fc29 buildbot-1.8.1-1.fc29 ccdciel-0.9.52-1.fc29 chirp-20190209-1.fc29 clamtk-5.27-1.fc29 cmdtest-0.32-1.fc29 cockpit-187-1.fc29 container-selinux-2.81-2.git484806a.fc29 cppcheck-1.87-1.fc29 crawl-0.23.0-1.fc29 curl-7.61.1-8.fc29 dmenu-4.9-1.fc29 easy-rsa-3.0.6-1.fc29 eclipse-jgit-5.2.0-4.fc29 eclipse-linuxtools-7.1.0-3.fc29 erlang-triq-1.3.0-1.fc29 fedpkg-1.36-2.fc29 flatpak-1.2.2-1.fc29 flatpak-builder-1.0.5-1.fc29 flatpak-module-tools-0.9.2-1.fc29 fuse-sshfs-3.5.1-1.fc29 generic-release-29-1.fc29 geolite2-20190205-1.fc29 ghostscript-9.26-1.fc29 globus-gram-job-manager-fork-3.0-3.fc29 globus-gram-job-manager-lsf-3.0-3.fc29 globus-gram-job-manager-pbs-3.0-3.fc29 globus-gram-job-manager-sge-3.0-3.fc29 gnome-control-center-3.30.3-1.fc29 gnome-desktop3-3.30.2.1-1.fc29 golang-github-hashicorp-hcl-1.0.0-1.fc29 golang-github-pkg-errors-0.8.1-1.fc29 greybird-3.22.10-1.fc29 gsi-openssh-7.9p1-5.fc29 gtk3-3.24.1-2.fc29 ibus-typing-booster-2.5.2-1.fc29 inkscape-0.92.4-4.fc29 inxi-3.0.31-1.fc29 jackson-annotations-2.9.8-1.fc29 jackson-bom-2.9.8-1.fc29 jackson-core-2.9.8-1.fc29 jackson-databind-2.9.8-1.fc29 jackson-dataformat-xml-2.9.8-1.fc29 jackson-dataformats-binary-2.9.8-1.fc29 jackson-dataformats-text-2.9.8-1.fc29 jackson-datatype-jdk8-2.9.8-1.fc29 jackson-datatype-joda-2.9.8-1.fc29 jackson-datatypes-collections-2.9.8-1.fc29 jackson-jaxrs-providers-2.9.8-1.fc29 jackson-module-jsonSchema-2.9.8-1.fc29 jackson-modules-base-2.9.8-1.fc29 jackson-parent-2.9.1.2-1.fc29 java-1.8.0-openjdk-1.8.0.201.b09-2.fc29 kernel-4.20.7-200.fc29 kernel-headers-4.20.7-200.fc29 knights-18.12.2-1.fc29 libdvdread-6.0.1-1.fc29 libffado-2.4.1-6.fc29 libidn2-2.1.1a-1.fc29 libpng-1.6.34-7.fc29 libproxy-0.4.15-10.fc29 libreoffice-6.1.5.2-1.fc29 libunicapgtk-0.9.8-21.fc29 lua-lgi-0.9.2-4.fc29 mandoc-1.14.4-1.fc29 mellowplayer-3.5.1-1.20190206git402e336.fc29 mingw-sqlite-3.26.0.0-1.fc29 mkvtoolnix-30.1.0-1.fc29 mod_auth_token-1.0.5-16.fc29 mosquitto-1.5.6-1.fc29 munin-2.0.45-1.fc29 mutt-1.11.3-1.fc29 nbd-3.19-1.fc29 ncdu-1.14-1.fc29 ncid-1.10.1-7.fc29 ndctl-64.1-1.fc29 net-snmp-5.8-6.fc29 netmask-2.4.4-1.fc29 nodejs-yarn-1.13.0-1.fc29 nss-pem-1.0.5-1.fc29 openjfx-8.0.202-5.b07.fc29 openssh-7.9p1-4.fc29 osbs-client-0.52-1.fc29 perl-Applify-0.15-2.fc29 perl-File-BOM-0.16-1.fc29 perl-MongoDB-2.0.3-1.fc29 perl-Perl-PrereqScanner-NotQuiteLite-0.9903-2.fc29 perl-Regexp-Trie-0.02-2.fc29 php-7.2.15-1.fc29 php-alcaeus-mongo-php-adapter-1.1.6-1.fc29 php-getid3-1.9.17-1.fc29 php-icewind-smb2-2.0.6-1.fc29 php-league-tactician-1.0.3-1.fc29 php-myclabs-php-enum-1.6.6-1.fc29 php-pecl-pcov-1.0.0-2.fc29 php-pecl-uopz-6.0.1-2.fc29 php-sensiolabs-security-checker-5.0.3-1.fc29 php-zendframework-zendservice-recaptcha-3.2.0-1.fc29 phpunit7-7.5.4-1.fc29 pocl-1.2-1.fc29 python-bugzilla-2.2.0-3.fc29 python-cliapp-1.20180121-1.fc29 python-impacket-0.9.18-3.fc29 python-markdown2-2.3.7-1.fc29 python-moksha-hub-1.5.16-1.fc29 python-passlib-1.7.1-1.fc29 python-prometheus_client-0.5.0-1.fc29 python-sushy-1.3.3-1.fc29 rpkg-1.57-6.fc29 rubygem-thread_order-1.1.1-1.fc29 shotwell-0.30.2-1.fc29 snapd-2.37.2-1.fc29 switchboard-plug-bluetooth-2.2.1-1.fc29 systemd-239-11.git4dc7dce.fc29 texi2html-5.0-11.fc29 texlive-2018-25.fc29 thunderbird-60.5.0-4.fc29 tideEditor-1.4.5-1.fc29 tnef-1.4.17-1.fc29 tracker-2.1.7-1.fc29
Details about builds:
================================================================================ NetworkManager-openvpn-1.8.10-1.fc29 (FEDORA-2019-a1352a243a) NetworkManager VPN plugin for OpenVPN -------------------------------------------------------------------------------- Update Information:
Update to 1.8.10 release. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Beniamino Galvani bgalvani@redhat.com - 1:1.8.10-1 - Update to 1.8.10 release --------------------------------------------------------------------------------
================================================================================ R-Bessel-0.5.5-1.fc29 (FEDORA-2019-cfe441cf0f) Bessel functions computations and approximations -------------------------------------------------------------------------------- Update Information:
Initial package of Bessel for R -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669766 - Review Request: R-Bessel - Bessel functions computations and approximations https://bugzilla.redhat.com/show_bug.cgi?id=1669766 --------------------------------------------------------------------------------
================================================================================ R-R.rsp-0.43.1-1.fc29 (FEDORA-2019-a73c9f9af7) Dynamic Generation of Scientific Reports -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade quantum.analyst@gmail.com - 0.43.1-1 - Update to latest version * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 0.43.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672831 - R-R.rsp-0.43.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672831 --------------------------------------------------------------------------------
================================================================================ R-future-1.11.1.1-1.fc29 (FEDORA-2019-90a73b4e2f) Unified Parallel and Distributed Processing in R for Everyone -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade quantum.analyst@gmail.com - 1.11.1.1-1 - Update to latest version * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.11.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669773 - R-future-1.11.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669773 --------------------------------------------------------------------------------
================================================================================ R-gplots-3.0.1.1-1.fc29 (FEDORA-2019-80481e3c14) Various R Programming Tools for Plotting Data -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade quantum.analyst@gmail.com - 3.0.1.1-1 - Update to latest version * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 3.0.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669886 - R-gplots-3.0.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669886 --------------------------------------------------------------------------------
================================================================================ R-repr-0.19.2-1.fc29 (FEDORA-2019-3bb8f6fdf0) Serializable Representations -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade quantum.analyst@gmail.com - 0.19.2-1 - Update to latest version * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 0.15.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673219 - R-repr-0.19.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1673219 --------------------------------------------------------------------------------
================================================================================ R-unitizer-1.4.6-1.fc29 (FEDORA-2019-ccf7a57f74) Interactive R Unit Tests -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade quantum.analyst@gmail.com - 1.4.6-1 - Update to latest version * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.4.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669910 - R-unitizer-1.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669910 --------------------------------------------------------------------------------
================================================================================ abcde-2.9.3-1.fc29 (FEDORA-2019-2928c2dc0f) A Better CD Encoder -------------------------------------------------------------------------------- Update Information:
* Replace non-portable sed code for generating offset list with some simple awk instead. Should now work on FreeBSD again. * Deal with bizarre cdda2wav behaviour when doing cdtext lookup - it writes the track information to *stdin*. Closes Issue #89: https://abcde.einval.com/bugzilla/show_bug.cgi?id=89 * Add a warning in abcde.conf about mayb needing to install recode before using it in mungefilename() -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 Dominik Mierzejewski rpm@greysector.net - 2.9.3-1 - update to 2.9.3 (#1672604) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672604 - abcde-2.9.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672604 --------------------------------------------------------------------------------
================================================================================ abrt-server-info-page-1.7-1.fc29 (FEDORA-2019-b79de694d2) Web page with summary of ABRT services -------------------------------------------------------------------------------- Update Information:
- Migrate to python3 for F28+ and RHEL8+ -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Martin Kutlak mkutlak@redhat.com 1.7-1 - Migrate to python3 for F28+ and RHEL8+ - add releaser for f29 --------------------------------------------------------------------------------
================================================================================ amanda-3.5.1-16.fc29 (FEDORA-2019-9dca788639) A network-capable tape backup solution -------------------------------------------------------------------------------- Update Information:
Fixes an issue with index generation when backing up XFS filesystems. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 1 2019 Jason L Tibbitts III tibbs@math.uh.edu - 3.5.1-16 - Add patch to specify xfsrestore housekeeping dir during index generation (#1671117) * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 3.5.1-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1671117 - Indexes for backups made with xfsdump have broken https://bugzilla.redhat.com/show_bug.cgi?id=1671117 --------------------------------------------------------------------------------
================================================================================ ansible-2.7.7-1.fc29 (FEDORA-2019-635400aefa) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information:
Update to 2.7.7 bugfix release. See https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v2.7... for more details. ---- Update to 2.7.6 bugfix release. -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Kevin Fenzi kevin@scrye.com - 2.7.7-1 - Update to 2.7.7. Fixes bug #1673761 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 2.7.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jan 17 2019 Kevin Fenzi kevin@scrye.com - 2.7.6-1 - Update to 2.7.6. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673761 - ansible-2.7.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1673761 --------------------------------------------------------------------------------
================================================================================ aspell-0.60.6.1-25.fc29 (FEDORA-2019-4aefd63307) Spell checker -------------------------------------------------------------------------------- Update Information:
Workaround GCC 8 bug triggered by `-O2`. -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 4 2019 Nikola Forr�� nforro@redhat.com - 12:0.60.6.1-25 - resolves: #1603421 workaround GCC 8 bug triggered by -O2 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1603421 - aspell-sk: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603421 [ 2 ] Bug #1603415 - aspell-es: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603415 [ 3 ] Bug #1603418 - aspell-pt_PT: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603418 --------------------------------------------------------------------------------
================================================================================ aspell-es-1.11-16.fc29 (FEDORA-2019-4aefd63307) Spanish dictionaries for Aspell -------------------------------------------------------------------------------- Update Information:
Workaround GCC 8 bug triggered by `-O2`. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Nikola Forr�� nforro@redhat.com - 50:1.11-16 - rebuild with fixed aspell resolves: #1603415 * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 50:1.11-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1603421 - aspell-sk: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603421 [ 2 ] Bug #1603415 - aspell-es: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603415 [ 3 ] Bug #1603418 - aspell-pt_PT: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603418 --------------------------------------------------------------------------------
================================================================================ aspell-pt_PT-20070510-15.fc29 (FEDORA-2019-4aefd63307) European Portuguese dictionaries for Aspell -------------------------------------------------------------------------------- Update Information:
Workaround GCC 8 bug triggered by `-O2`. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Nikola Forr�� nforro@redhat.com - 50:20070510-15 - rebuild with fixed aspell resolves: #1603418 * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 50:20070510-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1603421 - aspell-sk: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603421 [ 2 ] Bug #1603415 - aspell-es: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603415 [ 3 ] Bug #1603418 - aspell-pt_PT: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603418 --------------------------------------------------------------------------------
================================================================================ aspell-sk-2.02-1.fc29 (FEDORA-2019-de1abe4d1d) Slovak dictionaries for Aspell -------------------------------------------------------------------------------- Update Information:
Rebuilt on fixed aspell package. -------------------------------------------------------------------------------- ChangeLog:
* Tue Aug 28 2018 J��n ONDREJ (SAL) <ondrejj(at)salstar.sk> - 2.02-1 - Update to upstream. * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 2.01-17 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1603421 - aspell-sk: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603421 --------------------------------------------------------------------------------
================================================================================ awesome-4.3-1.fc29 (FEDORA-2019-27fc2b15d9) Highly configurable, framework window manager for X. Fast, light and extensible -------------------------------------------------------------------------------- Update Information:
Update AwesomeWM to 4.3. See https://awesomewm.org/doc/api/documentation/89-NEWS.md.html for the list of changes. -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Thomas Moschny thomas.moschny@gmx.de - 4.3-1 - Update to 4.3. * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 4.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ bouncycastle-1.61-1.fc29 (FEDORA-2019-df57551f6d) Bouncy Castle Cryptography APIs for Java -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 1.61-1 - Update to latest upstream release * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.60-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ buildbot-1.8.1-1.fc29 (FEDORA-2019-7e722314f3) Build/test automation system -------------------------------------------------------------------------------- Update Information:
Update to 1.8.1 to fix CVE-2019-7313 -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Neal Gompa ngompa13@gmail.com - 1.8.1-1 - Update to 1.8.1 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.7.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672293 - CVE-2019-7313 buildbot: Improper neutralization of CRLF sequences https://bugzilla.redhat.com/show_bug.cgi?id=1672293 --------------------------------------------------------------------------------
================================================================================ ccdciel-0.9.52-1.fc29 (FEDORA-2019-44e656654a) CCD capture software -------------------------------------------------------------------------------- Update Information:
Update to 0.9.52 -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Mattia Verga mattia.verga@protonmail.com - 0.9.52-1 - Update to 0.9.52 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 0.9.47-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ chirp-20190209-1.fc29 (FEDORA-2019-2c862cc5d2) A tool for programming two-way radio equipment -------------------------------------------------------------------------------- Update Information:
Update to 20190209. Changes for Build #551 [Dan Smith dsmith@danplanet.com] Also make ft7100 not claim that its sub devices have sub devices This was making run_tests fully _skip_ it by drilling through all the sub devices to an empty list. -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Richard Shaw hobbes1069@gmail.com - 20190209-1 - Update to 20190209. * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 20190120-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Wed Jan 23 2019 Richard Shaw hobbes1069@gmail.com - 20190120-1 - Update to 20190120. --------------------------------------------------------------------------------
================================================================================ clamtk-5.27-1.fc29 (FEDORA-2019-68de9c9107) Easy to use graphical user interface for Clam anti virus -------------------------------------------------------------------------------- Update Information:
Update to 5.27. -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Dave M. dave.nerd@gmail.com - 5.27-1 - Updated to release 5.27. --------------------------------------------------------------------------------
================================================================================ cmdtest-0.32-1.fc29 (FEDORA-2019-4792657f50) Black-box testing for Unix command line tools -------------------------------------------------------------------------------- Update Information:
Latest upstream release -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Michel Alexandre Salim salimma@fedoraproject.org - 0.32-1 - Update to 0.32 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 0.30-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jul 12 2018 Fedora Release Engineering releng@fedoraproject.org - 0.30-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1603664 - cmdtest: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1603664 [ 2 ] Bug #1548774 - cmdtest-0.32 is available https://bugzilla.redhat.com/show_bug.cgi?id=1548774 --------------------------------------------------------------------------------
================================================================================ cockpit-187-1.fc29 (FEDORA-2019-4122dba5d0) Web Console for Linux servers -------------------------------------------------------------------------------- Update Information:
- Machines: More operations for Storage Pools - Domains: More information about the joined domain - Storage: The options for VDO volumes are explained - Machines: Support for oVirt will be dropped in the future -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Marius Vollmer mvollmer@redhat.com - 187-1 - Machines: More operations for Storage Pools - Domains: More information about the joined domain - Storage: The options for VDO volumes are explained - Machines: Support for oVirt will be dropped in the future --------------------------------------------------------------------------------
================================================================================ container-selinux-2.81-2.git484806a.fc29 (FEDORA-2019-3d2fe7dd05) SELinux policies for container runtimes -------------------------------------------------------------------------------- Update Information:
New paths for containerd -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Dan Walsh dwalsh@fedoraproject.org - 2.81-1 - Add new labels for paths for containerd * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 2:2.80-2.git1b655d9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ cppcheck-1.87-1.fc29 (FEDORA-2019-d8e42e879b) Tool for static C/C++ code analysis -------------------------------------------------------------------------------- Update Information:
New upstream release adds 2 new checks, and config file for boost library. improves whole program analysis, variable lifetime checking, parsing of templates, type aliases. Also improves speed of analysis. -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Steve Grubb sgrubb@redhat.com - 1.87-1 - Update to 1.87. * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.86-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1674148 - cppcheck-1.87 is available https://bugzilla.redhat.com/show_bug.cgi?id=1674148 --------------------------------------------------------------------------------
================================================================================ crawl-0.23.0-1.fc29 (FEDORA-2019-103550670a) Roguelike dungeon exploration game -------------------------------------------------------------------------------- Update Information:
- Release 0.23.0 -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Antonio Trande sagitter@fedoraproject.org - 0.23.0-1 - Upstream release 0.23.0 (bz#1673723) * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 0.22.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1575324 - crawl crashes when loading game https://bugzilla.redhat.com/show_bug.cgi?id=1575324 [ 2 ] Bug #1673723 - crawl-0.23.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1673723 --------------------------------------------------------------------------------
================================================================================ curl-7.61.1-8.fc29 (FEDORA-2019-43489941ff) A utility for getting files from remote servers (FTP, HTTP, and others) -------------------------------------------------------------------------------- Update Information:
- fix SMTP end-of-response out-of-bounds read (CVE-2019-3823) - fix NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822) - fix NTLM type-2 out-of- bounds buffer read (CVE-2018-16890) -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Kamil Dudka kdudka@redhat.com - 7.61.1-8 - fix SMTP end-of-response out-of-bounds read (CVE-2019-3823) - fix NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822) - fix NTLM type-2 out-of-bounds buffer read (CVE-2018-16890) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672906 - CVE-2019-3823 curl: SMTP end-of-response out-of-bounds read [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1672906 [ 2 ] Bug #1672905 - CVE-2019-3822 curl: NTLMv2 type-3 header stack buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1672905 [ 3 ] Bug #1672902 - CVE-2018-16890 curl: NTLM type-2 heap out-of-bounds buffer read [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1672902 --------------------------------------------------------------------------------
================================================================================ dmenu-4.9-1.fc29 (FEDORA-2019-901aac52c7) Generic menu for X -------------------------------------------------------------------------------- Update Information:
dmenu-4.9 is now available for Fedora. This release includes numerous small enahncemens in caching and IME support. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Petr ��abata contyk@redhat.com - 4.9-1 - 4.9 bump * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 4.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672125 - dmenu-4.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672125 --------------------------------------------------------------------------------
================================================================================ easy-rsa-3.0.6-1.fc29 (FEDORA-2019-03364cc79f) Simple shell based CA utility -------------------------------------------------------------------------------- Update Information:
3.0.6 -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 3 2019 Xavier Bachelot xavier@bachelot.org - 3.0.6-1 - Update to 3.0.6. * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 3.0.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ eclipse-jgit-5.2.0-4.fc29 (FEDORA-2019-df57551f6d) Eclipse JGit -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Mat Booth mat.booth@redhat.com - 5.2.0-4 - Add missing requires for optional dep on bouncycastle * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 5.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ eclipse-linuxtools-7.1.0-3.fc29 (FEDORA-2019-df57551f6d) Linux specific Eclipse plugins -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Mat Booth mat.booth@redhat.com - 7.1.0-3 - Rebuild against newer BC and Jackson * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 7.1.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ erlang-triq-1.3.0-1.fc29 (FEDORA-2019-f6dd7e3e9e) A property-based testing library for Erlang -------------------------------------------------------------------------------- Update Information:
* erlang-triq ver. 1.3.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ fedpkg-1.36-2.fc29 (FEDORA-2019-c87d6a582e) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information:
This is mostly a bugfix update with some improvements. Most notable changes are: * support for flatpack namespace (flatpaks will be added as a separate namespace in Fedora `dist-git`) * `fedpkg update` will work for containers Other changes, bugfixes and enhancements consist of: * Added _update-docs_ script and contributing guide * Couple of changes that fix _sdist_, Python 2.6 compatibility and unittests * Move argparse fix to `rpkg` * Add _severity=_ option to `fedpkg update` template * Use module distro instead of platform * Help: Use _foo_ in foo examples, not _name_ -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 Ond��ej Nosek onosek@redhat.com - 1.36-2 - New dependency: python-distro * Mon Feb 4 2019 Ond��ej Nosek onosek@redhat.com - 1.36-1 - Added update-docs script (onosek) - Sdist fix and Python 2.6 compatibility (onosek) - Add support for a 'flatpaks' namespace (otaylor) - Move argparse fix to rpkg - #299 (onosek) - Fix update command related tests (cqi) - Make update work for containers - #296 (lsedlar) - Add 'severity=' option to 'fedpkg update' template (praiskup) - Add contributing guide - #293 (lsedlar) - Use module distro instead of platform - #278 (cqi) - Add missing content to 1.35 release notes (cqi) - Help: Use foo in foo examples, not name (miro) * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.35-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ flatpak-1.2.2-1.fc29 (FEDORA-2019-3f7fead16a) Application deployment framework for desktop apps -------------------------------------------------------------------------------- Update Information:
flatpak 1.2.2 release: * Ensure flatpak builds with older versions of glib and appstream-glib. * build-commit-from: Fix the new --extra-id option. * build- export: Allow disabling the sandboxing of the icon validator and do so during the tests. * profile: Don't break if debug logging is enabled. * Better handling of the appdata release attribute. * Don't install polkit agent when not needed, avoiding some unnecessary log lines in some cases. * Fix the output of the sandboxed icon validator not being visible. * builld-init: Allow specifying a full ref for the sdk, which is used to select the branch name when checking sdk extensions. flatpak-builder 1.0.5 release: * Add --add/remove-tag options * Allow using a full ref as sdk and use the branch from that. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 David King amigadave@amigadave.com - 1.2.2-1 - Update to 1.2.2 * Tue Feb 5 2019 Kalev Lember klember@redhat.com - 1.2.1-1 - Update to 1.2.1 --------------------------------------------------------------------------------
================================================================================ flatpak-builder-1.0.5-1.fc29 (FEDORA-2019-3f7fead16a) Tool to build flatpaks from source -------------------------------------------------------------------------------- Update Information:
flatpak 1.2.2 release: * Ensure flatpak builds with older versions of glib and appstream-glib. * build-commit-from: Fix the new --extra-id option. * build- export: Allow disabling the sandboxing of the icon validator and do so during the tests. * profile: Don't break if debug logging is enabled. * Better handling of the appdata release attribute. * Don't install polkit agent when not needed, avoiding some unnecessary log lines in some cases. * Fix the output of the sandboxed icon validator not being visible. * builld-init: Allow specifying a full ref for the sdk, which is used to select the branch name when checking sdk extensions. flatpak-builder 1.0.5 release: * Add --add/remove-tag options * Allow using a full ref as sdk and use the branch from that. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Kalev Lember klember@redhat.com - 1.0.5-1 - Update to 1.0.5 * Tue Feb 5 2019 Kalev Lember klember@redhat.com - 1.0.4-1 - Update to 1.0.4 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 1.0.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ flatpak-module-tools-0.9.2-1.fc29 (FEDORA-2019-095b7ce5c4) Tools for maintaining Flatpak applications and runtimes as Fedora modules -------------------------------------------------------------------------------- Update Information:
Version 0.9.2 * Fixes compatibility with Flatpak 1.2 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 fedora-toolbox otaylor@redhat.com - 0.9.2-1 - Version 0.9.2 - fix icon validation for Flatpak 1.2 --------------------------------------------------------------------------------
================================================================================ fuse-sshfs-3.5.1-1.fc29 (FEDORA-2019-200e6036d3) FUSE-Filesystem to access remote filesystems via SSH -------------------------------------------------------------------------------- Update Information:
* sshfs ver. 3.5.1 -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Peter Lemenkov lemenkov@gmail.com - 3.5.1-1 - Ver. 3.5.1 * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 3.4.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1656826 - mv does not work on sshfs volumes (Numerical result out of range) https://bugzilla.redhat.com/show_bug.cgi?id=1656826 --------------------------------------------------------------------------------
================================================================================ generic-release-29-1.fc29 (FEDORA-2019-b376a8352c) Generic release files -------------------------------------------------------------------------------- Update Information:
Fix presets to match fedora-release -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Tom Callaway spot@fedoraproject.org - 29-1 - fix presets -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673660 - 90-default.preset is missing dbus service presets https://bugzilla.redhat.com/show_bug.cgi?id=1673660 --------------------------------------------------------------------------------
================================================================================ geolite2-20190205-1.fc29 (FEDORA-2019-abebc6a8cf) Free IP geolocation databases -------------------------------------------------------------------------------- Update Information:
- Latest upstream -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Carl George carl@george.computer - 20190205-1 - Latest upstream * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 20181204-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ ghostscript-9.26-1.fc29 (FEDORA-2019-077a3f23c0) Interpreter for PostScript language & PDF -------------------------------------------------------------------------------- Update Information:
- rebase to latest upstream version 9.26 - Security fix for CVE-2018-19478 CVE-2018-19134 CVE-2018-19477 CVE-2018-19476 CVE-2018-19475 CVE-2018-19409 CVE-2018-18284 CVE-2018-18073 CVE-2018-17961 -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Martin Osvald mosvald@redhat.com - 9.26-1 - rebase to latest upstream version 9.26 - spec change to remove gsdoc.el due to upstream 8bc783cb586 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1656319 - CVE-2018-19478 ghostscript: Attempting to open a carefully crafted PDF file results in long-running computation (699856) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1656319 [ 2 ] Bug #1656320 - CVE-2018-19134 ghostscript: Type confusion in setpattern (700141) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1656320 [ 3 ] Bug #1658244 - [abrt] ghostscript: SkipPage(): gs killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1658244 [ 4 ] Bug #1654470 - CVE-2018-19477 ghostscript: access bypass in psi/zfjbig2.c (700168) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1654470 [ 5 ] Bug #1654465 - CVE-2018-19476 ghostscript: access bypass in psi/zicc.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1654465 [ 6 ] Bug #1654460 - CVE-2018-19475 ghostscript: access bypass in psi/zdevice2.c (700153) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1654460 [ 7 ] Bug #1652584 - CVE-2018-19409 ghostscript: Improperly implemented security check in zsetdevice function in psi/zdevice.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1652584 [ 8 ] Bug #1642943 - CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox protection bypass [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1642943 [ 9 ] Bug #1642585 - CVE-2018-18073 ghostscript: Saved execution stacks can leak operator arrays [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1642585 [ 10 ] Bug #1642579 - CVE-2018-17961 ghostscript: saved execution stacks can leak operator arrays (incomplete fix for CVE-2018-17183) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1642579 [ 11 ] Bug #1663896 - GS fails to process many EPS files - Error: /nocurrentpoint in --currentpoint-- https://bugzilla.redhat.com/show_bug.cgi?id=1663896 --------------------------------------------------------------------------------
================================================================================ globus-gram-job-manager-fork-3.0-3.fc29 (FEDORA-2019-de47878720) Grid Community Toolkit - Fork Job Manager Support -------------------------------------------------------------------------------- Update Information:
Fix unexpanded macro in postun scriptlets. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mattias Ellert mattias.ellert@physics.uu.se - 3.0-3 - Use ? with ldconfig macro * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ globus-gram-job-manager-lsf-3.0-3.fc29 (FEDORA-2019-de47878720) Grid Community Toolkit - LSF Job Manager Support -------------------------------------------------------------------------------- Update Information:
Fix unexpanded macro in postun scriptlets. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mattias Ellert mattias.ellert@physics.uu.se - 3.0-3 - Use ? with ldconfig macro * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ globus-gram-job-manager-pbs-3.0-3.fc29 (FEDORA-2019-de47878720) Grid Community Toolkit - PBS Job Manager Support -------------------------------------------------------------------------------- Update Information:
Fix unexpanded macro in postun scriptlets. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mattias Ellert mattias.ellert@physics.uu.se - 3.0-3 - Use ? with ldconfig macro * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ globus-gram-job-manager-sge-3.0-3.fc29 (FEDORA-2019-de47878720) Grid Community Toolkit - Grid Engine Job Manager Support -------------------------------------------------------------------------------- Update Information:
Fix unexpanded macro in postun scriptlets. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mattias Ellert mattias.ellert@physics.uu.se - 3.0-3 - Use ? with ldconfig macro * Thu Jan 31 2019 Fedora Release Engineering releng@fedoraproject.org - 3.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ gnome-control-center-3.30.3-1.fc29 (FEDORA-2019-2eebd78890) Utilities to configure the GNOME desktop -------------------------------------------------------------------------------- Update Information:
gnome-control-center 3.30.3 release with bug fixes and translation updates. Display: - Various bugfixes Network: - Move AP list population into an idle handler Power: - Fix device label alignment Thunderbolt: - Fix double free in bolt client Universal Access: - Reverse Repeat Keys Speed direction -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Kalev Lember klember@redhat.com - 3.30.3-1 - Update to 3.30.3 --------------------------------------------------------------------------------
================================================================================ gnome-desktop3-3.30.2.1-1.fc29 (FEDORA-2019-56d8e9cc7b) Library with common API for various GNOME modules -------------------------------------------------------------------------------- Update Information:
gnome-desktop 3.30.2.1 release. - Various fixes for the thumbnailer sandbox (#4, #81, #89, #90) - Fix use after free when generating preview icon (#87) - Translation updates -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 Kalev Lember klember@redhat.com - 3.30.2.1-1 - Update to 3.30.2.1 - Sync package description with upstream README --------------------------------------------------------------------------------
================================================================================ golang-github-hashicorp-hcl-1.0.0-1.fc29 (FEDORA-2019-912df5d57f) HCL is a configuration language -------------------------------------------------------------------------------- Update Information:
Update to first tagged version -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 Elliott Sales de Andrade quantum.analyst@gmail.com - 1.0.0-1 - Update to first tagged version * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - Forge-specific packaging variables - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Oct 23 2018 Nicolas Mailhot nim@fedoraproject.org - 0-0.18 - redhat-rpm-config-123 triggers bugs in gosetup, remove it from Go spec files as it���s just an alias - https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/... -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555807 - golang-github-hashicorp-hcl: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555807 --------------------------------------------------------------------------------
================================================================================ golang-github-pkg-errors-0.8.1-1.fc29 (FEDORA-2019-f01a015bb7) Simple error handling primitives -------------------------------------------------------------------------------- Update Information:
Update to latest version -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Elliott Sales de Andrade quantum.analyst@gmail.com - 0.8.1-1 - Update to latest version * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 0.8.0-0.5.git645ef00 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Oct 23 2018 Nicolas Mailhot nim@fedoraproject.org - 0.8.0-0.4 - redhat-rpm-config-123 triggers bugs in gosetup, remove it from Go spec files as it���s just an alias - https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/... * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 0.8.0-0.3.git645ef00 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1604218 - golang-github-pkg-errors: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604218 --------------------------------------------------------------------------------
================================================================================ greybird-3.22.10-1.fc29 (FEDORA-2019-3420f03cd3) A clean minimalistic theme for Xfce, GTK+ 2 and 3 -------------------------------------------------------------------------------- Update Information:
Update to 3.22.10 with various bugfixes. -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Kevin Fenzi kevin@scrye.com - 3.22.10-1 - Update to 3.22.10. Fixes bug #1674179 * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 3.22.9-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1674179 - greybird-3.22.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1674179 --------------------------------------------------------------------------------
================================================================================ gsi-openssh-7.9p1-5.fc29 (FEDORA-2019-af3d726d38) An implementation of the SSH protocol with GSI authentication -------------------------------------------------------------------------------- Update Information:
CVE-2019-7639 -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Mattias Ellert mattias.ellert@physics.uu.se - 7.9p1-5 - CVE-2019-7639 * Thu Feb 7 2019 Mattias Ellert mattias.ellert@physics.uu.se - 7.9p1-4 - Based on openssh-7.9p1-4.fc29 * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 7.9p1-3.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673802 - Enabling PermitPAMUserChange allows to login with the correct username and wrong password https://bugzilla.redhat.com/show_bug.cgi?id=1673802 --------------------------------------------------------------------------------
================================================================================ gtk3-3.24.1-2.fc29 (FEDORA-2019-516cd0773c) GTK+ graphical user interface library -------------------------------------------------------------------------------- Update Information:
Revert changes that broke accessible window-related events. -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Michael Catanzaro mcatanzaro@gnome.org - 3.24.1-2 - Revert changes that broke accessible window-related events --------------------------------------------------------------------------------
================================================================================ ibus-typing-booster-2.5.2-1.fc29 (FEDORA-2019-54ae005dc5) A completion input method -------------------------------------------------------------------------------- Update Information:
Update to 2.5.2 ---- Update to 2.5.1; Add option to automatically select the best candidate -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mike FABIAN mfabian@redhat.com - 2.5.2-1 - Update to 2.5.2 - Fix test case for selecting non existing candidates for Fedora rawhide - Update UnicodeData.txt to current Unicode 12.0 draft - Update emoji data to Unicode 12.0 final for 2019 - Update emoji annotations from CLDR - Initialize self.dictionary_sub_properties_prop_list = [] in self._init_properties() (Resolves: https://github.com/mike-fabian/ibus-typing-booster/issues/46) - Fix test case for case mode change - Improve filter for dictionary selection if langtable available * Tue Jan 29 2019 Mike FABIAN mfabian@redhat.com - 2.5.1-1 - Update to 2.5.1 - Update translations from zanata (de, ja, fr, pl updated) - Show also dictionary when ���Show status in auxiliary text��� is on - Set notebook in setup tool to scrollable - Make filter for dictionary selection work for language descriptions if langtable available - Show names of languages and territories in setup tool if langtable is available - Add missing flag for csb_PL - Add option to automatically select the best candidate - Pressing Shift should not immediately change the case mode of the candidates --------------------------------------------------------------------------------
================================================================================ inkscape-0.92.4-4.fc29 (FEDORA-2019-1d3f298c59) Vector-based drawing program using SVG -------------------------------------------------------------------------------- Update Information:
Drop gvfs dependency. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Gwyn Ciesla gwync@protonmail.com - 0.92.4-4 - Drop gvfs. * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 0.92.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jan 25 2019 Marek Kasik mkasik@redhat.com - 0.92.4-2 - Rebuild for poppler-0.73.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1528784 - inkscape should no longer require gvfs https://bugzilla.redhat.com/show_bug.cgi?id=1528784 --------------------------------------------------------------------------------
================================================================================ inxi-3.0.31-1.fc29 (FEDORA-2019-825e6a4b88) A full featured system information script -------------------------------------------------------------------------------- Update Information:
Update to 3.0.31. -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Vasiliy N. Glazov vascom2@gmail.com - 3.0.31-1 - Update to 3.0.31 * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 3.0.29-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ jackson-annotations-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Core annotations for Jackson data processor -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-bom-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Bill of materials POM for Jackson projects -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-core-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Core part of Jackson -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-databind-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) General data-binding package for Jackson (2.x) -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release, fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-dataformat-xml-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Jackson extension component for reading and writing XML encoded data -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-dataformats-binary-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Jackson standard binary data format backends -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-dataformats-text-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Jackson standard text-format data format backends -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-datatype-jdk8-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Jackson module that adds supports for JDK 8 data types -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.7.6-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 2.7.6-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 2.7.6-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-datatype-joda-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Add-on module for Jackson to support Joda data-types -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-datatypes-collections-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Jackson datatypes: collections -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-jaxrs-providers-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Jackson JAX-RS providers -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-module-jsonSchema-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Jackson JSON Schema Module -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-modules-base-2.9.8-1.fc29 (FEDORA-2019-df57551f6d) Jackson modules: Base -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.8-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.4-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jan 11 2019 Mat Booth mat.booth@redhat.com - 2.9.4-5 - Avoid running test that fails since Mockito 2.x -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ jackson-parent-2.9.1.2-1.fc29 (FEDORA-2019-df57551f6d) Parent pom for all Jackson components -------------------------------------------------------------------------------- Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mat Booth mat.booth@redhat.com - 2.9.1.2-1 - Update to latest upstream release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.9.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28 https://bugzilla.redhat.com/show_bug.cgi?id=1555900 [ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1604397 [ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of types from Jodd-db library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671098 [ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic deserialization in jboss-common-core class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666490 [ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic deserialization in openjpa class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666486 [ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666483 [ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666429 [ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666424 [ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666419 [ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in slf4j-ext class [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1666416 [ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to SSRF attack [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1380206 [ 12 ] Bug #1672925 - bouncycastle-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672925 [ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8: DoS due to an Improper Input Validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1667118 [ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of types from Oracle JDBC driver [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1671099 --------------------------------------------------------------------------------
================================================================================ java-1.8.0-openjdk-1.8.0.201.b09-2.fc29 (FEDORA-2019-8f2b27efce) OpenJDK Runtime Environment 8 -------------------------------------------------------------------------------- Update Information:
January 2019 Oracle CPU update. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Andrew John Hughes gnu.andrew@redhat.com - 1:1.8.0.201.b09-2 - Add backport of JDK-8145096 (PR3693) to fix undefined behaviour issues on newer GCCs * Tue Feb 5 2019 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.201.b09-1 - Update to aarch64-shenandoah-jdk8u201-b09. * Tue Feb 5 2019 Nicolas De Amicis deamicis@bluewin.ch - 1:1.8.0.192.b12-1 - Added FX link of libglassgtk3.so * Wed Jan 30 2019 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.192.b12-0 - Update to aarch64-shenandoah-jdk8u192-b12. - Remove patches included upstream - JDK-8031668/PR2842 - JDK-8148351/PR2842 - JDK-6260348/PR3066 - JDK-8061305/PR3335/RH1423421 - JDK-8188030/PR3459/RH1484079 - JDK-8205104/PR3539/RH1548475 - JDK-8185723/PR3553 - JDK-8186461/PR3557 - JDK-8201509/PR3579 - JDK-8075942/PR3602 - JDK-8203182/PR3603 - JDK-8206406/PR3610/RH1597825 - JDK-8206425 - JDK-8036003 - JDK-8201495/PR2415 - JDK-8150954/PR2866/RH1176206 - Re-generate patches (mostly due to upstream build changes) - JDK-8073139/PR1758/RH1191652 - JDK-8143245/PR3548 (due to JDK-8202600) - JDK-8197429/PR3546/RH1536622 (due to JDK-8189170) - JDK-8199936/PR3533 - JDK-8199936/PR3591 - JDK-8207057/PR3613 - JDK-8210761/RH1632174 (due to JDK-8207402) - PR3559 (due to JDK-8185723/JDK-8186461/JDK-8201509) - PR3593 (due to JDK-8081202) - RH1566890/CVE-2018-3639 (due to JDK-8189170) - RH1649664 (due to JDK-8196516) - Add 8160748 for AArch64 which is missing from upstream 8u version. - Add port of 8189170 to AArch64 which is missing from upstream 8u version. * Mon Jan 28 2019 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.191.b14-1 - Add 8131048 & 8164920 (PR3574/RH1498936) to provide a CRC32 intrinsic for PPC64. * Thu Jan 24 2019 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.191.b14-0 - Introduce sa_arches for architectures with sa-jdi.jar and include aarch64 * Thu Jan 10 2019 Andrew Hughes gnu.andrew@redhat.com - 1:1.8.0.191.b14-0 - Update to aarch64-shenandoah-jdk8u191-b14. - Adjust JDK-8073139/PR1758/RH1191652 to apply following 8155627 backport. --------------------------------------------------------------------------------
================================================================================ kernel-4.20.7-200.fc29 (FEDORA-2019-93144c6642) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 4.20.7 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Justin M. Forbes jforbes@fedoraproject.org - 4.20.7-200 - Linux v4.20.7 --------------------------------------------------------------------------------
================================================================================ kernel-headers-4.20.7-200.fc29 (FEDORA-2019-93144c6642) Header files for the Linux kernel for use by glibc -------------------------------------------------------------------------------- Update Information:
The 4.20.7 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Justin M. Forbes jforbes@fedoraproject.org - 4.20.7-200 - Linux v4.20.7 --------------------------------------------------------------------------------
================================================================================ knights-18.12.2-1.fc29 (FEDORA-2019-50f86a1206) A chess board for KDE -------------------------------------------------------------------------------- Update Information:
18.12.2 -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Gwyn Ciesla limburgher@gmail.com - 18.12.2-1 - 18.12.2 --------------------------------------------------------------------------------
================================================================================ libdvdread-6.0.1-1.fc29 (FEDORA-2019-ff3ceb2f0b) A library for reading DVD video discs based on Ogle code -------------------------------------------------------------------------------- Update Information:
* fix a regression on some DVDs, like Resident Evil * check InternalUDFReadBlocksRaw I/O issues * fix issues with some DVDs burnt by Nero -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Dominik Mierzejewski rpm@greysector.net 6.0.1-1 - update to 6.0.1 (#1672721) - drop upstreamed patch -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672721 - libdvdread-6.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672721 --------------------------------------------------------------------------------
================================================================================ libffado-2.4.1-6.fc29 (FEDORA-2019-a495593e5f) Free firewire audio driver library -------------------------------------------------------------------------------- Update Information:
Fixed the directory structure of the ffado package -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 2.4.1-6 - Added BR: python2-rpm-macros * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.4.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672797 - ffado installs python files in /ffado https://bugzilla.redhat.com/show_bug.cgi?id=1672797 --------------------------------------------------------------------------------
================================================================================ libidn2-2.1.1a-1.fc29 (FEDORA-2019-89033102c0) Library to support IDNA2008 internationalized domain names -------------------------------------------------------------------------------- Update Information:
Libidn 2.1.1 (released 2019-02-08) ================================== * Revert SONAME bump from release 2.1.0 * Fix NULL dereference in `idn2_register_u8()` and `idn2_register_ul()` * Fix free of random value in `idn2_to_ascii_4i()` * Improved fuzzer (which found the above issues) * Fix `printf()` crash in `test- lookup.c` on Solaris * Check for valid unicode input in punycode encoder * Avoid excessive CPU usage in punycode encoding with large inputs * Deprecate `idn2_to_ascii_4i()` in favor of `idn2_to_ascii_4i2()` * Restrict output length of `idn2_to_ascii_4i()` to 63 bytes Libidn 2.1.0 (released 2019-01-04) ================================== * Two exposed functions are no longer exposed: `_idn2_punycode_encode()` and `_idn2_punycode_decode()` which were meant to be used internally only. The output needs additional checks to be used safely. This is the reason to for the SONAME bump, just in case. * Fix label length check for `idn2_register_u8()` * Remove compiler warnings * Use gnulib- python tool for bootstrapping if possible * Improve build system (several small issues) * Add missing error messages to `idn2_strerror_name()` * Improve docs and remove typos * Update gnulib -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Robert Scheck robert@fedoraproject.org 2.1.1a-1 - Upgrade to 2.1.1a (#1674002 #c1) * Sat Feb 9 2019 Robert Scheck robert@fedoraproject.org 2.1.1-1 - Upgrade to 2.1.1 (#1674002, #1674023) * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 2.0.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1674023 - A new version of libidn2 has been released to fix a bug https://bugzilla.redhat.com/show_bug.cgi?id=1674023 [ 2 ] Bug #1674002 - libidn2-2.1.1a is available https://bugzilla.redhat.com/show_bug.cgi?id=1674002 --------------------------------------------------------------------------------
================================================================================ libpng-1.6.34-7.fc29 (FEDORA-2019-335c3ad86a) A library of functions for manipulating PNG image format files -------------------------------------------------------------------------------- Update Information:
Fix for **CVE-2019-7317** -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Nikola Forr�� nforro@redhat.com - 2:1.6.34-7 - Fix CVE-2019-7317 (#1672411) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672411 - CVE-2019-7317 libpng: use-after-free in png_image_free in png.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1672411 --------------------------------------------------------------------------------
================================================================================ libproxy-0.4.15-10.fc29 (FEDORA-2019-7285a847c4) A library handling all the details of proxy configuration -------------------------------------------------------------------------------- Update Information:
Update libproxy to build with mozjs60, matching with how gjs is built. This should hopefully fix crashes that happened in gnome-weather when running outside of GNOME (which ended up loading both mozjs52 and mozjs60 in the same process, leading to symbol conflicts). This may also fix https://bugzilla.redhat.com/show_bug.cgi?id=1647981; testing appreciated. If you are testing this update, please note if you are using GNOME or another desktop environment, to make sure we don't regress either case. I'll leave autokarma disabled to get sufficient testing. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Kalev Lember klember@redhat.com - 0.4.15-10 - Build with mozjs60 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1647981 - libproxy-0.4.15-9.fc29.x86_64 core dump https://bugzilla.redhat.com/show_bug.cgi?id=1647981 [ 2 ] Bug #1524507 - libproxy-mozjs causes gnome-weather to crash https://bugzilla.redhat.com/show_bug.cgi?id=1524507 --------------------------------------------------------------------------------
================================================================================ libreoffice-6.1.5.2-1.fc29 (FEDORA-2019-fb354240c6) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information:
- latest 6.1 stable release -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Caol��n McNamara caolanm@redhat.com - 1:6.1.5.2-1 - latest 6.1 release --------------------------------------------------------------------------------
================================================================================ libunicapgtk-0.9.8-21.fc29 (FEDORA-2019-7d1394eff5) Library to build graphical widgets for the unicap library -------------------------------------------------------------------------------- Update Information:
- Avoid `/usr/@DATADIRNAME@/locale/` directory (#1657538) -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Robert Scheck robert@fedoraproject.org 0.9.8-21 - Avoid /usr/@DATADIRNAME@/locale/ directory (#1657538) * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 0.9.8-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1657538 - @DATADIRNAME@ https://bugzilla.redhat.com/show_bug.cgi?id=1657538 --------------------------------------------------------------------------------
================================================================================ lua-lgi-0.9.2-4.fc29 (FEDORA-2019-27fc2b15d9) Lua bindings to GObject libraries -------------------------------------------------------------------------------- Update Information:
Update AwesomeWM to 4.3. See https://awesomewm.org/doc/api/documentation/89-NEWS.md.html for the list of changes. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Thomas Moschny thomas.moschny@gmx.de - 0.9.2-4 - Update BRs. - Add one patch to fix a problem on s390x, and one to fix a warning in the testsuite. * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 0.9.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ mandoc-1.14.4-1.fc29 (FEDORA-2019-a1fe63637e) A suite of tools for compiling mdoc and man -------------------------------------------------------------------------------- Update Information:
Initial package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673214 - Review Request: mandoc - A suite of tools for compiling mdoc and man https://bugzilla.redhat.com/show_bug.cgi?id=1673214 --------------------------------------------------------------------------------
================================================================================ mellowplayer-3.5.1-1.20190206git402e336.fc29 (FEDORA-2019-10f9994cf7) Cloud music integration for your desktop -------------------------------------------------------------------------------- Update Information:
- Update to 3.5.1-1.20190206git402e336 - Add patch for F30 %%{name}-suppress- compiler-warnings.patch -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Martin Gansser martinkg@fedoraproject.org - 3.5.1-1.20190206git402e336 - Update to 3.5.1-1.20190206git402e336 - Add patch for F30 %{name}-suppress-compiler-warnings.patch * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 3.5.0-2.20181227git40ef9dd - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ mingw-sqlite-3.26.0.0-1.fc29 (FEDORA-2019-49f80a78bc) MinGW Windows port of sqlite embeddable SQL database engine -------------------------------------------------------------------------------- Update Information:
- update to 3.26.0.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Thomas Sailer t.sailer@alumni.ethz.ch - 3.26.0.0-1 - update to 3.26.0.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1659908 - CVE-2018-20346 mingw-sqlite: sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1659908 [ 2 ] Bug #1558808 - CVE-2018-8740 mingw-sqlite: sqlite: NULL pointer dereference with databases with schema corrupted with CREATE TABLE AS allows for denial of service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1558808 [ 3 ] Bug #1352440 - CVE-2016-6153 mingw-sqlite: sqlite: Tempdir selection vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1352440 --------------------------------------------------------------------------------
================================================================================ mkvtoolnix-30.1.0-1.fc29 (FEDORA-2019-f3c00f6b99) Matroska container manipulation utilities -------------------------------------------------------------------------------- Update Information:
# Version 30.1.0 "Forever And More" 2019-01-05 ## Bug fixes * MKVToolNix GUI: chapter editor: when opening a Matroska/WebM file that doesn't contain chapters and later saving chapters back to them, the editor was truncating the file down to a couple of KB in size. This was a regression introduced with the implementation of #2439 in v30.0.0 Fixes #2476. # Version 30.0.0 "Interstellar" 2019-01-04 ## New features and enhancements * mkvextract: WAV extractor: mkvextract will now write W64 files instead of WAV files if the file name extension is `.w64` or if the final file size is bigger than 4 GB, the file size limit for WAV files. Implements #2458. * MKVToolNix GUI: multiplexer: a new button was added next to the "destination file" controls. Clicking it shows a menu with the ten most recently used output directories. Selecting one of them will change the destination file to the selected directory keeping the file name. Implements #2468. * MKVToolNix GUI: multiplexer (preferences): the ten most recently used values for the "relative output directory" and "fixed output directory" settings are now saved. The corresponding settings have been changed into combo boxes allowing quick access to those recent values. * MKVToolNix GUI: multiplexer (preferences): the predefined split sizes and durations can now be customized in the preferences. * MKVToolNix GUI: chapter editor: added an option in the "Chapter editor" menu for appending chapters from an existing file to the currently open editor tab. Part of the implementation of #2439. * MKVToolNix GUI: chapter editor: added an action in the context menu for copying the selected entry and all of its children to another open editor tab. Part of the implementation of #2439. ## Bug fixes * mkvmerge: all files opened for writing will now be flushed once before they're closed. This ensures the operating system actually writes all cached data to disk preventing data loss in certain situations such as power outages or buggy drivers in combination with suspending the computer. Fixes #2469. * mkvmerge: AAC: under certain conditions 8 channel audio files were taken for 7 channel ones. * MKVToolNix GUI: multiplexer: removing a file added as an "additional part" will no longer cause a crash. Fixes #2461. * source code: fixed compilation with Boost 1.69.0 after API- breaking change to the `boost::tribool` class. Fixes #2460. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Dominik Mierzejewski rpm@greysector.net - 30.1.0-1 - update to 30.1.0 --------------------------------------------------------------------------------
================================================================================ mod_auth_token-1.0.5-16.fc29 (FEDORA-2019-9ba0edae32) Token based URI access module for Apache -------------------------------------------------------------------------------- Update Information:
- Update spec file to match recent guidelines - Add patch to update deprecated autoconf macros - Add patch to apply LDFLAGS properly -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Bj��rn Esser besser82@fedoraproject.org - 1.0.5-16 - Update spec file to match recent guidelines - Add patch to update deprecated autoconf macros - Add patch to apply LDFLAGS properly * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1.0.5-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ mosquitto-1.5.6-1.fc29 (FEDORA-2019-032b36306f) An Open Source MQTT v3.1/v3.1.1 Broker -------------------------------------------------------------------------------- Update Information:
Fixes for the following CVES: * CVE-2018-12546 * CVE-2018-12550 * CVE-2018-12551 The list of other fixes addressed in version 1.5.6 is: Broker: * Fixed comment handling for config options that have optional arguments. * Improved documentation around bridge topic remapping. * Handle mismatched handshakes (e.g. QoS1 PUBLISH with QoS2 reply) properly. * Fix spaces not being allowed in the bridge remote_username option. Closes #1131. * Allow broker to always restart on Windows when using log_dest file. Closes #1080. * Fix Will not being sent for Websockets clients. Closes #1143. * Windows: Fix possible crash when client disconnects. Closes #1137. * Fixed durable clients being unable to receive messages when offline, when per_listener_settings was set to true. Closes #1081. * Add log message for the case where a client is disconnected for sending a topic with invalid UTF-8. Closes #1144. Library: * Fix TLS connections not working over SOCKS. * Don't clear SSL context when TLS connection is closed, meaning if a user provided an external SSL_CTX they have less chance of leaking references. -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Peter Robinson pbrobinson@fedoraproject.org 1.5.6-1 - 1.5.6 release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1.5.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ munin-2.0.45-1.fc29 (FEDORA-2019-005db71209) Network-wide resource monitoring tool -------------------------------------------------------------------------------- Update Information:
Upstream update to 2.0.45. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Kim B. Heino b@bbbs.net - 2.0.45-1 - Upgrade to 2.0.45 * Mon Jan 28 2019 Kim B. Heino b@bbbs.net - 2.0.44-2 - Add smart_ plugin config to 00-default * Thu Dec 20 2018 Kim B. Heino b@bbbs.net - 2.0.44-1 - Upgrade to 2.0.44 --------------------------------------------------------------------------------
================================================================================ mutt-1.11.3-1.fc29 (FEDORA-2019-7bb21ad3f6) A text mode mail user agent -------------------------------------------------------------------------------- Update Information:
Upgrade to 1.11.3 -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Matej Mu��ila mmuzila@redhat.com - 5:1.11.3-1 - Upgrade to 1.11.3 - Resolves #1659217 * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 5:1.10.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1659217 - mutt does not correctly decode PGP emails https://bugzilla.redhat.com/show_bug.cgi?id=1659217 [ 2 ] Bug #1660868 - mutt-1.11.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1660868 [ 3 ] Bug #1671851 - mutt-1.11.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1671851 --------------------------------------------------------------------------------
================================================================================ nbd-3.19-1.fc29 (FEDORA-2019-fab29b6708) Network Block Device user-space tools (TCP version) -------------------------------------------------------------------------------- Update Information:
New upstream version 3.19 (RHBZ#1671079). -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Richard W.M. Jones rjones@redhat.com - 3.19-1 - New upstream version 3.19 (RHBZ#1671079). * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 3.18-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sun Nov 4 2018 Robin Lee cheeselee@fedoraproject.org - 3.18-1 - Update to 3.18 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1671079 - nbd-3.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=1671079 --------------------------------------------------------------------------------
================================================================================ ncdu-1.14-1.fc29 (FEDORA-2019-283fc2ed97) Text-based disk usage viewer -------------------------------------------------------------------------------- Update Information:
Update to 1.14. Changes in this release: * Add mtime display and sorting * Add (limited) `--follow-symlinks` option * Display larger file counts in browser UI * Add `-V`, `--version`, and `--help` alias flags * Fix crash when attempting to sort an empty directory * Fix 100% CPU bug when ncdu loses the terminal * Fix `--color=off` flag * Fix some typos -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 Richard Fearn richardfearn@gmail.com - 1.14-1 - Update to new upstream version 1.14 (#1672365) * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1.13-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672365 - ncdu-1.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672365 --------------------------------------------------------------------------------
================================================================================ ncid-1.10.1-7.fc29 (FEDORA-2019-992da90f85) Network Caller ID server, client and gateways -------------------------------------------------------------------------------- Update Information:
removed ncid-mythtv.patch ---- added more makefiles changes in ncid- makefiles.patch -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 John Chmielewski jlcjohn@fedoraproject.org - 1.10.1-7 - removed ncid-mythtv.patch * Tue Feb 5 2019 John Chmielewski jlcjohn@fedoraproject.org - 1.10.1-6 - added more makefiles changes in ncid-makefiles.patch - changed README.desktop to README-desktop * Sat Feb 2 2019 John Chmielewski jlcjohn@fedoraproject.org - 1.10.1-5 - added ncid-mythtv.patch * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1.10.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Thu Jan 31 2019 John Chmielewski jlcjohn@fedoraproject.org - 1.10.1-3 - added ncid-makefiles.patch * Mon Jan 28 2019 John Chmielewski jlcjohn@fedoraproject.org - 1.10.1-2 - Removed obsolete Group tags - created default server modem port and lockfile - created the ncid-gateway package - creates the ncid-mythtv package again - changed mythtvosd to mythutil in ncid-mythtv - updated Source0 URL - New upstream release. * Fri Dec 7 2018 Fedora Release Engineering releng@fedoraproject.org - 1.10-2 - New upstream release. --------------------------------------------------------------------------------
================================================================================ ndctl-64.1-1.fc29 (FEDORA-2019-01ba53f785) Manage "libnvdimm" subsystem devices (Non-volatile Memory) -------------------------------------------------------------------------------- Update Information:
release v64.1 ---- release v64 -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Vishal Verma vishal.l.verma@intel.com - 64.1-1 - release v64.1 * Mon Feb 4 2019 Vishal Verma vishal.l.verma@intel.com - 64-1 - release v64 * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 63-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672858 - ndctl-64.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1672858 [ 2 ] Bug #1671933 - ndctl-64 is available https://bugzilla.redhat.com/show_bug.cgi?id=1671933 --------------------------------------------------------------------------------
================================================================================ net-snmp-5.8-6.fc29 (FEDORA-2019-3ae06fb0a4) A collection of SNMP protocol tools and libraries -------------------------------------------------------------------------------- Update Information:
Fix address assigning from clientaddr option -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Josef Ridky jridky@redhat.com - 1:5.8-6 - fix IPv6 address assignment for clientaddr option (#1673272) * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1:5.8-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Mon Jan 14 2019 Bj��rn Esser besser82@fedoraproject.org - 1:5.8-4 - Rebuilt for libcrypt.so.2 (#1666033) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673272 - IPv6 address from clientaddr option is not assigned https://bugzilla.redhat.com/show_bug.cgi?id=1673272 --------------------------------------------------------------------------------
================================================================================ netmask-2.4.4-1.fc29 (FEDORA-2019-0723b8f333) Utility for determining network masks -------------------------------------------------------------------------------- Update Information:
Security bugfix buffer overflow reported at upstream 2019-01-30; updated sources -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Francisco Javier Tsao Sant��n tsao@gpul.org - 2.4.4-1 - Security bugfix buffer overflow reported at upstream 2019-01-30; updated sources -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673809 - netmask: buffer overflow in error.c https://bugzilla.redhat.com/show_bug.cgi?id=1673809 --------------------------------------------------------------------------------
================================================================================ nodejs-yarn-1.13.0-1.fc29 (FEDORA-2019-b475606e18) Fast, reliable, and secure dependency management. -------------------------------------------------------------------------------- Update Information:
Update to 1.13.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Zuzana Svetlikova zsvetlik@redhat.com - 1.13.0-1 - Update * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1.9.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1612408 - nodejs-yarn-1.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1612408 --------------------------------------------------------------------------------
================================================================================ nss-pem-1.0.5-1.fc29 (FEDORA-2019-770bc0bbfc) PEM file reader for Network Security Services (NSS) -------------------------------------------------------------------------------- Update Information:
- update to latest upstream bugfix release -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Kamil Dudka kdudka@redhat.com 1.0.5-1 - update to latest upstream bugfix release * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 1.0.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ openjfx-8.0.202-5.b07.fc29 (FEDORA-2019-9a53d59e9f) Rich client application platform for Java -------------------------------------------------------------------------------- Update Information:
Fix compilation flags (see bug 1667675) and GTK3 support added (libglassgtk3.so) -------------------------------------------------------------------------------- ChangeLog:
* Mon Feb 4 2019 Nicolas De Amicis deamicis@bluewin.ch - 8.0.202-5.b07 - Fix compilation flags (see bug 1667675) * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 8.0.202-4.b07 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jan 18 2019 Nicolas De Amicis deamicis@bluewin.ch - 8.0.202-3.b07 - Update to upstream version 8.0.202b07 and adding gtk3 support (libglassgtk3.so) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1667675 - The program 'java' received an X Window System error https://bugzilla.redhat.com/show_bug.cgi?id=1667675 --------------------------------------------------------------------------------
================================================================================ openssh-7.9p1-4.fc29 (FEDORA-2019-0576ad8060) An open source implementation of SSH protocol version 2 -------------------------------------------------------------------------------- Update Information:
This update brings minor bugfixes and updates default configuration to have lower priority than the configuration specified by users, finally allowing to overwrite default configuration options. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Jakub Jelen jjelen@redhat.com - 7.9p1-4 + 0.10.3.6 - Log when a client requests an interactive session and only sftp is allowed - Fix minor issues in ssh-copy-id - Enclose redhat specific configuration with Match final block * Fri Feb 1 2019 Fedora Release Engineering releng@fedoraproject.org - 7.9p1-3.2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1630166 - crypto-policies trump post-canonicalization ssh settings https://bugzilla.redhat.com/show_bug.cgi?id=1630166 [ 2 ] Bug #1438326 - System-wide "Host *" block incompatible with CanonicalizeHostname directive https://bugzilla.redhat.com/show_bug.cgi?id=1438326 --------------------------------------------------------------------------------
================================================================================ osbs-client-0.52-1.fc29 (FEDORA-2019-28e90de972) Python command line client for OpenShift Build Service -------------------------------------------------------------------------------- Update Information:
Update to latest upstream -------------------------------------------------------------------------------- ChangeLog:
* Mon Dec 3 2018 Clement Verna cverna@fedoraproject.org - 0.52-1 - Update to latest upstream --------------------------------------------------------------------------------
================================================================================ perl-Applify-0.15-2.fc29 (FEDORA-2019-c10826b35b) Write object oriented perl scripts with ease -------------------------------------------------------------------------------- Update Information:
The Applify module should keep all the noise away and let you write perl scripts very easily. These scripts can even be unit tested even though they are defined directly in the script file and not in a module. --------------------------------------------------------------------------------
================================================================================ perl-File-BOM-0.16-1.fc29 (FEDORA-2019-606a1025e1) Utilities for handling Byte Order Marks -------------------------------------------------------------------------------- Update Information:
Updated to the latest release -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Jitka Plesnikova jplesnik@redhat.com - 0.16-1 - 0.16 bump -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673009 - perl-File-BOM-0.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1673009 --------------------------------------------------------------------------------
================================================================================ perl-MongoDB-2.0.3-1.fc29 (FEDORA-2019-0ea1d68bd7) A MongoDB Driver for Perl -------------------------------------------------------------------------------- Update Information:
This release fixes parsing mobgodb+srv URI with ssl=true option. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Petr Pisar ppisar@redhat.com - 2.0.3-1 - 2.0.3 bump - Disable tests that need a server on recent Fedoras (https://fedoraproject.org/wiki/Changes/MongoDB_Removal, bug #1673849) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673655 - perl-MongoDB-2.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1673655 --------------------------------------------------------------------------------
================================================================================ perl-Perl-PrereqScanner-NotQuiteLite-0.9903-2.fc29 (FEDORA-2019-2e81a7f560) A tool to scan your Perl code for its prerequisites -------------------------------------------------------------------------------- Update Information:
These are the first Fedora 29 builds of perl-Regexp-Trie and perl-Perl- PrereqScanner-NotQuiteLite. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672274 - Review Request: perl-Regexp-Trie - Build trie-ized regexp https://bugzilla.redhat.com/show_bug.cgi?id=1672274 [ 2 ] Bug #1672313 - Review Request: perl-Perl-PrereqScanner-NotQuiteLite - A tool to scan your Perl code for its prerequisites https://bugzilla.redhat.com/show_bug.cgi?id=1672313 --------------------------------------------------------------------------------
================================================================================ perl-Regexp-Trie-0.02-2.fc29 (FEDORA-2019-2e81a7f560) Build trie-ized regexp -------------------------------------------------------------------------------- Update Information:
These are the first Fedora 29 builds of perl-Regexp-Trie and perl-Perl- PrereqScanner-NotQuiteLite. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1672274 - Review Request: perl-Regexp-Trie - Build trie-ized regexp https://bugzilla.redhat.com/show_bug.cgi?id=1672274 [ 2 ] Bug #1672313 - Review Request: perl-Perl-PrereqScanner-NotQuiteLite - A tool to scan your Perl code for its prerequisites https://bugzilla.redhat.com/show_bug.cgi?id=1672313 --------------------------------------------------------------------------------
================================================================================ php-7.2.15-1.fc29 (FEDORA-2019-766f747c2b) PHP scripting language for creating dynamic web sites -------------------------------------------------------------------------------- Update Information:
**PHP version 7.2.15** (07 Feb 2019) **Core:** * Fixed bug php#77339 (__callStatic may get incorrect arguments). (Dmitry) * Fixed bug php#77494 (Disabling class causes segfault on member access). (Dmitry) * Fixed bug php#77530 (PHP crashes when parsing `(2)::class`). (Ekin) **Curl:** * Fixed bug php#76675 (Segfault with H2 server push). (Pedro Magalh��es) **GD:** * Fixed bug php#73281 (imagescale(���, IMG_BILINEAR_FIXED) can cause black border). (cmb) * Fixed bug php#73614 (gdImageFilledArc() doesn't properly draw pies). (cmb) * Fixed bug php#77272 (imagescale() may return image resource on failure). (cmb) * Fixed bug php#77391 (1bpp BMPs may fail to be loaded). (Romain D��oux, cmb) * Fixed bug php#77479 (imagewbmp() segfaults with very large images). (cmb) **ldap:** * Fixed bug php#77440 (ldap_bind using ldaps or ldap_start_tls()=exception in libcrypto-1_1-x64.dll). (Anatol) **Mbstring:** * Fixed bug php#77454 (mb_scrub() silently truncates after a null byte). (64796c6e69 at gmail dot com) **MySQLnd:** * Fixed bug php#75684 (In mysqlnd_ext_plugin.h the plugin methods family has no external visibility). (Anatol) **Opcache:** * Fixed bug php#77361 (configure fails on 64-bit AIX when opcache enabled). (Kevin Adler) **OpenSSL:** * Fixed bug php#77390 (feof might hang on TLS streams in case of fragmented TLS records). (Abyl Valg, Jakub Zelenka) **PDO:** * Fixed bug php#77273 (array_walk_recursive corrupts value types leading to PDO failure). (Nikita) **Sockets:** * Fixed bug php#76839 (socket_recvfrom may return an invalid 'from' address on MacOS). (Michael Meyer) **Standard:** * Fixed bug php#77395 (segfault about array_multisort). (Laruence) * Fixed bug php#77439 (parse_str segfaults when inserting item into existing array). (Nikita) -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Remi Collet remi@remirepo.net - 7.2.15-1 - Update to 7.2.15 - http://www.php.net/releases/7_2_15.php --------------------------------------------------------------------------------
================================================================================ php-alcaeus-mongo-php-adapter-1.1.6-1.fc29 (FEDORA-2019-d8e8f0b24d) Mongo PHP Adapter -------------------------------------------------------------------------------- Update Information:
**Version 1.1.6** (2019-02-08) All issues and pull requests under this release may be found under the [1.1.6](https://github.com/alcaeus/mongo-php- adapter/issues?q=milestone%3A1.1.6) milestone. * [#244](https://github.com/alcaeus/mongo-php-adapter/pull/244) fixes a null acces when converting exceptions. * [#236](https://github.com/alcaeus/mongo- php-adapter/pull/236) allows using `0` as key in documents. * [#234](https://github.com/alcaeus/mongo-php-adapter/pull/234) removes an invalid attribute from phpunit.xml. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Remi Collet remi@remirepo.net - 1.1.6-1 - update to 1.1.6 - drop patch merged upstream - disable test suite and so mongodb-server build dependency for https://fedoraproject.org/wiki/Changes/MongoDB_Removal --------------------------------------------------------------------------------
================================================================================ php-getid3-1.9.17-1.fc29 (FEDORA-2019-f6ae34b14f) The PHP media file parser -------------------------------------------------------------------------------- Update Information:
**Version 1.9.17** (2019-02-07) * bugfix (G:178) HandleAllTags should skip "picture" * bugfix (G:177) error checking for reading more than PHP memory_limit * bugfix (G:176) improved mp3 detection in remote-file demo * bugfix (G:173) Add filepointer option to analyze/openfile function * bugfix (G:170) Add support for WXXX (URL) and APIC (attached picture) subframes inside ID3v2 chapters * bugfix: write.id3v2 year field * bugfix: mp3.APE permit optional " dB" in ReplayGain tags * placeholder support for .xz file format -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Remi Collet remi@remirepo.net - 1.9.17-1 - update to 1.9.17 - add weak dependencies on suggested extension --------------------------------------------------------------------------------
================================================================================ php-icewind-smb2-2.0.6-1.fc29 (FEDORA-2019-33f634b691) php wrapper for smbclient and libsmbclient-php -------------------------------------------------------------------------------- Update Information:
**Version 2.0.6** * Workaround behaviour of some servers that return incorrect data from allinfo * Improved timezone detection -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Remi Collet remi@remirepo.net - 2.0.6-1 - update to 2.0.6 --------------------------------------------------------------------------------
================================================================================ php-league-tactician-1.0.3-1.fc29 (FEDORA-2019-0d5a571798) A small, flexible command bus -------------------------------------------------------------------------------- Update Information:
A small, flexible command bus. Handy for building service layers. Documentation: http://tactician.thephpleague.com/ Autoloader: /usr/share/php/League/Tactician/autoload.php -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1663168 - Review Request: php-league-tactician - A small, flexible command bus https://bugzilla.redhat.com/show_bug.cgi?id=1663168 --------------------------------------------------------------------------------
================================================================================ php-myclabs-php-enum-1.6.6-1.fc29 (FEDORA-2019-fdf49e05a1) PHP Enum implementation -------------------------------------------------------------------------------- Update Information:
**Version 1.6.6** * Fix #84 Require ext-json explicitly in composer.json to avoid bugs when the JSON extension is not installed ----- **Version 1.6.5** - Fix #83: It is now possible to create a new Enum instance from another Enum instance -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 Remi Collet remi@remirepo.net - 1.6.6-1 - update to 1.6.6 --------------------------------------------------------------------------------
================================================================================ php-pecl-pcov-1.0.0-2.fc29 (FEDORA-2019-0a4ac3d14b) Code coverage driver -------------------------------------------------------------------------------- Update Information:
A self contained php-code-coverage compatible driver for PHP7. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1671748 - Review Request: php-pecl-pcov - Code coverage driver https://bugzilla.redhat.com/show_bug.cgi?id=1671748 --------------------------------------------------------------------------------
================================================================================ php-pecl-uopz-6.0.1-2.fc29 (FEDORA-2019-43b39ce966) User Operations for Zend -------------------------------------------------------------------------------- Update Information:
**Version 6.0.1** - Add `uopz.exit` configuration option, to allow the execution of exit opcodes or not (default=0 to keep current behavior) - Improve opcache optimizer compatibility - Display ini settings in module info ---- **Version 6.0.0** - **Breaking change** to `uopz_set_mock`: now behaves like the old test-helpers new overload - Fixed redefine/undefine namespaced constants - Fix flags being ignored when adding functions - Remove executor hook for maximum compatibility ----- **RPM changes** - refresh package description from upstream - update provided configuration with available options and link to documentation -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Remi Collet remi@remirepo.net - 6.0.1-2 - update to 6.0.1 - update provided default configuration - update package description from upstream * Wed Jan 30 2019 Remi Collet remi@remirepo.net - 6.0.0-1 - update to 6.0.0 --------------------------------------------------------------------------------
================================================================================ php-sensiolabs-security-checker-5.0.3-1.fc29 (FEDORA-2019-2702088484) A security checker for your composer.lock -------------------------------------------------------------------------------- Update Information:
The SensioLabs Security Checker is a command line tool that checks if your application uses dependencies with known security vulnerabilities. It uses the Security Check Web service and the Security Advisories Database. Autoloader: /usr/share/php/SensioLabs/Security/autoload.php -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1663245 - Review Request: php-sensiolabs-security-checker - A security checker for your composer.lock https://bugzilla.redhat.com/show_bug.cgi?id=1663245 --------------------------------------------------------------------------------
================================================================================ php-zendframework-zendservice-recaptcha-3.2.0-1.fc29 (FEDORA-2019-2e0faee316) Zend Framework ReCaptcha component -------------------------------------------------------------------------------- Update Information:
**Version 3.2.0** - 2019-02-07 **Added** - [#14](https://github.com/zendframework/ZendService_ReCaptcha/pull/14) adds support for PHP 7.3. **Removed** - [#14](https://github.com/zendframework/ZendService_ReCaptcha/pull/14) removes support for zend-stdlib v2, by explicitly requiring v3 releases. (zend-stdlib v2 was an implicit dependency previously.) -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Remi Collet remi@remirepo.net - 3.2.0-1 - update to 3.2.0 - add dependency on zend-stdlib 3.2.1 --------------------------------------------------------------------------------
================================================================================ phpunit7-7.5.4-1.fc29 (FEDORA-2019-86edb72b18) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information:
**Version 7.5.4** - 2019-02-07 **Fixed** * Fixed [#3352](https://github.com/sebastianbergmann/phpunit/issues/3352): Using `phpunit.phar` with PHPDBG does not work with `auto_globals_jit=On` * Fixed [#3502](https://github.com/sebastianbergmann/phpunit/issues/3502): Numeric `@ticket` or `@group` annotations no longer work ---- **Version 7.5.3** - 2019-02-01 **Fixed** * Fixed [#3490](https://github.com/sebastianbergmann/phpunit/pull/3490): Exceptions in `tearDownAfterClass()` kill PHPUnit **Deprecated** * The method `assertArraySubset()` is now deprecated. There is no behavioral change in this version of PHPUnit. Using this method will trigger a deprecation warning in PHPUnit 8 and in PHPUnit 9 this method will be removed. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Remi Collet remi@remirepo.net - 7.5.4-1 - update to 7.5.4 * Fri Feb 1 2019 Remi Collet remi@remirepo.net - 7.5.3-1 - update to 7.5.3 --------------------------------------------------------------------------------
================================================================================ pocl-1.2-1.fc29 (FEDORA-2019-d507f3fa47) Portable Computing Language - an OpenCL implementation -------------------------------------------------------------------------------- Update Information:
Update to 1.2 release and rebuild to fix rhbz#1671819. -------------------------------------------------------------------------------- ChangeLog:
* Tue Nov 27 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 1.2-1 - Update to 1.2 * Tue Nov 27 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 1.2~rc1-1 - Use tilde versioning -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1671819 - POCL package needs rebuilt using available current clang version https://bugzilla.redhat.com/show_bug.cgi?id=1671819 --------------------------------------------------------------------------------
================================================================================ python-bugzilla-2.2.0-3.fc29 (FEDORA-2019-91a4d41173) Python library for interacting with Bugzilla -------------------------------------------------------------------------------- Update Information:
* Fix SafeConfigParser warnings -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Cole Robinson crobinso@redhat.com - 2.2.0-3 - Fix SafeConfigParser warnings * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 2.2.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ python-cliapp-1.20180121-1.fc29 (FEDORA-2019-258f903de2) Python framework for Unix command line programs -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release -------------------------------------------------------------------------------- ChangeLog:
* Sun Feb 3 2019 Michel Alexandre Salim salimma@fedoraproject.org - 1.20180121-1 - Update to 1.20180121 * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 1.20160724-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Fri Jul 13 2018 Fedora Release Engineering releng@fedoraproject.org - 1.20160724-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1605630 - python-cliapp: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1605630 [ 2 ] Bug #1359556 - python-cliapp-1.20180121.orig is available https://bugzilla.redhat.com/show_bug.cgi?id=1359556 --------------------------------------------------------------------------------
================================================================================ python-impacket-0.9.18-3.fc29 (FEDORA-2019-9bc1a83c87) Collection of Python classes providing access to network packets -------------------------------------------------------------------------------- Update Information:
Update to bugfix release. Update the EPEL packaging. -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 Michal Ambroz <rebus _AT seznam.cz> - 0.9.18-3 - conditional dependencies for EPEL7 - python-flask and pyOpenSSL * Mon Feb 4 2019 Michal Ambroz <rebus _AT seznam.cz> - 0.9.18-2 - add missing dependencies for EPEL7 - python2-setuptools - patch setup.py to remove python_version to meet RHEL7 setuptools version * Mon Feb 4 2019 Michal Ambroz <rebus _AT seznam.cz> - 0.9.18-1 - bump to version 0.9.18 * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 0.9.17-0.4.20180308gite0af5bb - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ python-markdown2-2.3.7-1.fc29 (FEDORA-2019-095c760511) A fast and complete Python implementation of Markdown -------------------------------------------------------------------------------- Update Information:
## python-markdown2 2.3.7 - [pull #306] Drop support for legacy Python versions - [pull #307] Fix syntax highlighting test cases that depend on Pygments output - [pull #308] Add support for Python 3.7 - [pull #304] Add Wheel package support - [pull #312] Fix toc_depth initialization regression - [pull #315] XSS fix -------------------------------------------------------------------------------- ChangeLog:
* Sat Feb 9 2019 Thomas Moschny thomas.moschny@gmx.de - 2.3.7-1 - Update to 2.3.7. - Simplify spec file. * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 2.3.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1536921 - CVE-2018-5773 python-markdown2: Unsanitized input in markdown() method allows for cross-site scripting (XSS) https://bugzilla.redhat.com/show_bug.cgi?id=1536921 --------------------------------------------------------------------------------
================================================================================ python-moksha-hub-1.5.16-1.fc29 (FEDORA-2019-7268edc5fb) Hub components for Moksha -------------------------------------------------------------------------------- Update Information:
https://github.com/mokshaproject/moksha/pull/70 ---- Weaken dep on service- identity module to "Recommends". -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Ralph Bean rbean@redhat.com - 1.5.16-1 - new version * Wed Feb 6 2019 Ralph Bean rbean@redhat.com - 1.5.15-4 - Make service-identity a weak dependency. * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 1.5.15-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1673212 - python-moksha-hub-1.5.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1673212 --------------------------------------------------------------------------------
================================================================================ python-passlib-1.7.1-1.fc29 (FEDORA-2019-fbbc1eef82) Comprehensive password hashing framework supporting over 20 schemes -------------------------------------------------------------------------------- Update Information:
Update to 1.7.1 *** ### Bugfixes * cisco_asa and cisco_pix: Fixed a number of issues which under certain conditions caused prior releases to generate hashes that were unverifiable on Cisco systems. * PasswordHash.hash() will now warn if passed any settings keywords. This usage was deprecated in 1.7.0, but warning wasn���t properly enabled. See Customizing the Configuration for the preferred way to pass settings. * setup.py: Don���t append timestamp when run from an sdist. This should fix some downstream build issues. * passlib.tests.test_totp: Test suite now traps additional errors that datetime.utcfromtimestamp() may throw under python 3, which should fix some test failures on architectures with rarer ILP sizes. It also works around Python 3.6 bug 29100. ### Deprecations * CryptContext: The harden_verify flag has been turned into a NOOP and deprecated. It will be removed in passlib 1.8 along with the already-deprecated min_verify_time (issue 83). ### Other Changes * passlib.tests.utils: General truncation policy details were hammered out, and additional hasher tests were added to enforce them. * documentation: Various updates & corrections. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Bj��rn Esser besser82@fedoraproject.org - 1.7.1-1 - Update to 1.7.1 (#1620382) * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 1.7.0-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1620382 - python-passlib 1.7.1 available https://bugzilla.redhat.com/show_bug.cgi?id=1620382 --------------------------------------------------------------------------------
================================================================================ python-prometheus_client-0.5.0-1.fc29 (FEDORA-2019-7b3d95e8d2) The Python client for Prometheus -------------------------------------------------------------------------------- Update Information:
Update to 0.5.0 -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 mprahl mprahl@redhat.com - 0.5.0-1 - Update to 0.5.0 * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 0.2.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Mon Jan 14 2019 Miro Hron��ok mhroncok@redhat.com - 0.2.0-4 - Subpackage python2-prometheus_client has been removed See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal --------------------------------------------------------------------------------
================================================================================ python-sushy-1.3.3-1.fc29 (FEDORA-2019-cb68f7cbf1) Sushy is a Python library to communicate with Redfish based systems -------------------------------------------------------------------------------- Update Information:
Update to 1.3.3 to fix the UEFI boot mode issue -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Dmitry Tantsur divius.inside@gmail.com - 1.3.3-1 - Update to 1.3.3 to fix the UEFI boot mode issue --------------------------------------------------------------------------------
================================================================================ rpkg-1.57-6.fc29 (FEDORA-2019-d1ab66bbfc) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information:
This release brings 2 minor changes: * there won't be _python-gobject-base_ and _libmodulemd_ packages installed in epel7 * stops building _Python 2_ package on _Fedora_ 30+ -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Ond��ej Nosek onosek@redhat.com - 1.57-6 - Revert previous change. Now python-gobject-base & libmodulemd are removed from epel7 and RHEL7 * Tue Feb 5 2019 Ond��ej Nosek onosek@redhat.com - 1.57-5 - python-gobject-base & libmodulemd also for epel7 and RHEL7 * Mon Feb 4 2019 Lubom��r Sedl���� lsedlar@redhat.com - 1.57-4 - Disable Py2 package on F30+ * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 1.57-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ rubygem-thread_order-1.1.1-1.fc29 (FEDORA-2019-b8e9708b6b) Test helper for ordering threaded code -------------------------------------------------------------------------------- Update Information:
New version 1.1.1 is released. -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Mamoru TASAKA mtasaka@fedoraproject.org - 1.1.1-1 - 1.1.1 * Sat Feb 2 2019 Fedora Release Engineering releng@fedoraproject.org - 1.1.0-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ shotwell-0.30.2-1.fc29 (FEDORA-2019-e91b8c5cb1) A photo organizer for the GNOME desktop -------------------------------------------------------------------------------- Update Information:
shotwell 0.30.2 release. * Fix maximize on Wayland when double-clicking on title-bar * Do not hide the cursor when showing the slideshow settings dialog * Fix compatibility with recent vala compilers * Fix crash when dismissing file modifications on close * Fix issues with google and flickr not being able to log in * Replace picasaweb publishing with Google Photos publishing * Comply with Flick API TOS -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 Kalev Lember klember@redhat.com - 0.30.2-1 - Update to 0.30.2 - Use upstream screenshots for appdata --------------------------------------------------------------------------------
================================================================================ snapd-2.37.2-1.fc29 (FEDORA-2019-49fa31e2e0) A transactional software package manager -------------------------------------------------------------------------------- Update Information:
Release 2.37.2 to Fedora -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Neal Gompa ngompa13@gmail.com - 2.37.2-1 - Release 2.37.2 to Fedora (RH#1667460) * Wed Feb 6 2019 Michael Vogt mvo@ubuntu.com - New upstream release 2.37.2 - cmd/snap, overlord/snapstate: silently ignore classic flag when a snap is strictly confined - snap-confine: remove special handling of /var/lib/jenkins - cmd/snap-confine: handle death of helper process gracefully - snap-confine: fix classic snaps for users with /var/lib/* homedirs like jenkins/postgres - packaging: disable systemd environment generator on 18.04 - tests: update smoke/sandbox test for armhf - cmd/snap-confine: refactor and cleanup of seccomp loading - snap-confine: increase locking timeout to 30s - snap-confine: fix incorrect "sanity timeout 3s" message - snap: fix hook autodiscovery for parallel installed snaps - tests: iterate getting journal logs to support delay on boards on daemon-notify test - interfaces/apparmor: deny inet/inet6 in snap-update-ns profile - interfaces: add u2f-devices interface * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 2.36.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Tue Jan 29 2019 Michael Vogt mvo@ubuntu.com - New upstream release 2.37.1 - cmd/snap-confine: add special case for Jenkins - tests: workaround missing go dependencies in debian-9 - daemon, polkit: pid_t is signed - interfaces: add display-control interface - interfaces: add block-devices interface - tests/main/searching: video section got renamed to photo-and-video - interfaces/camera: allow reading vendor/etc info from /run/udev/data/+usb - interfaces/dbus: be less strict about alternations for well-known names - interfaces/home: allow dac_read_search with 'read: all' - interfaces/pulseaudio: allow reading subdirectories of /etc/pulse - interfaces/system-observe: allow read on /proc/locks - tests: get test-snapd-dbus-{provider,consumer} from the beta channel - interfaces/apparmor: mock presence of overlayfs root - packaging/{fedora,opensuse,ubuntu}: add /var/lib/snapd/lib/glvnd * Wed Jan 16 2019 Michael Vogt mvo@ubuntu.com - New upstream release 2.37 - snapd: fix race in TestSanityFailGoesIntoDegradedMode test - cmd: fix snap-device-helper to deal correctly with hooks - tests: various fixes for external backend - interface: raw-usb: Adding ttyACM[0-9]* as many serial devices have device node /dev/ttyACM[0-9] - tests: fix enable-disable-unit-gpio test on external boards - tests: define new "tests/smoke" suite and use that for autopkgtests - interfaces/builtin/opengl: allow access to NVIDIA VDPAU library - snapshotstate: don't task.Log without the lock - overlord/configstate/configcore: support - and _ in cloud init field names - cmd/snap-confine: use makedev instead of MKDEV - tests: review/fix the autopkgtest failures in disco - systemd: allow only a single daemon-reload at the same time - cmd/snap: only auto-enable unicode to a tty - cmd/snap: right-align revision and size in info's channel map - dirs, interfaces/builtin/desktop: system fontconfig cache path is different on Fedora - tests: fix "No space left on device" issue on amazon-linux - store: undo workaround for timezone-less released-at - store, snap, cmd/snap: channels have released-at - snap-confine: fix incorrect use "src" var in mount-support.c - release: support probing SELinux state - release-tools: display self-help - interface: add new `{personal,system}-files` interface - snap: give Epoch an Equal method - many: remove unused interface code - interfaces/many: use 'unsafe' with docker-support change_profile rules - run-checks: stop running HEAD of staticcheck - release: use sync.Once around lazy intialized state - overlord/ifacestate: include interface name in the hotplug- disconnect task summary - spread: show free space in debug output - cmd/snap: attempt to restore SELinux context of snap user directories - image: do not write empty etc/cloud - tests: skip snapd snap on reset for core systems - cmd/snap-discard-ns: fix umount(2) typo - overlord/ifacestate: hotplug-remove-slot task handler - overlord/ifacestate: handler for hotplug-disconnect task - ifacestate/hotplug: updateDevice helper - tests: reset snapd state on tests restore - interfaces: return security setup errors - overlord: make InstallMany work like UpdateMany, issuing a single request to get candidates - systemd/systemd.go: add missing tests for systemd.IsActive - overlord/ifacestate: addHotplugSeqWaitTask helper - cmd/snap-confine: refactor call to snap-update-ns --user-mounts - tests: new backend used to run upgrade test suite - travis: short circuit failures in static and unit tests travis job - cmd: automatically fix localized <option>s to <option> - overlord/configstate,features: expose features to snapd tools - selinux: package to query SELinux status and verify/restore file contexts - wrappers: use new systemd.IsActive in core18 early boot - cmd: add tests for lintArg and lintDesc - httputil: retry on temporary net errors - cmd/snap-confine: remove unused sc_discard_preserved_mount_ns - wrappers: only restart service in core18 when they are active - overlord/ifacestate: helpers for serializing hotplug changes - packaging/{fedora,opensuse}: own /var/lib/snapd/cookie - systemd: start snapd.autoimport.service in --no-block mode - data/selinux: fix syntax error in definition of snappy_admin interface - snap/info: bind global plugs/slots to implicit hooks - cmd/snap-confine: remove SC_NS_MNT_FILE - spread: record each tests/upgrade job - osutil: do not import dirs - cmd/snap-confine: fix typo "a pipe" - tests: make security-device-cgroups-{devmode,jailmode} work on arm devices - tests: force test-snapd-daemon-notify exit 0 when the interface is not connected - overlord/snapstate: run 'remove' hook before 'auto-disconnect' - centos: enable SELinux support on CentOS 7 - apparmor: allow hard link to snap-specific semaphore files - tests/lib/pkgdb: disable weak deps on Fedora - release: detect too old apparmor_parser - tests: improve how the log is checked to see if the system is waiting for a reboot - cmd, dirs, interfaces/apparmor: update distro identification to support ID="archlinux" - spread, tests: add Fedora 29 - cmd/snap-confine: refactor calling snapd tools into helper module - apparmor: allow snap-update-ns access to common devices - cmd/snap-confine: capture initialized per-user mount ns - tests: reduce verbosity around package installation - data: set KillMode=process for snapd - cmd/snap: handle DNS error gracefully - spread, tests: use checkpoints when dumping audit log - tests/lib/prepare: make sure that SELinux context of repacked core snap is controlled - testutils: split checkers, tweak tests - tests: fix for tests test-*-cgroup - spread: show AVC audits when debugging, start auditd on Fedora - spread: drop Fedora 27, add Fedora 29 - tests/lib/reset: restore context of removed snapd directories - testutil: add File{Present,Absent} checkers - snap: add new `snap run --trace-exec` - tests: fix for failover test on how logs are checked - snapctl: add "services" - overlord/snapstate: use file timestamp to initialize timer - cmd/libsnap: introduce and use sc_strdup - interfaces: let NM access ifindex/ifupdown files - overlord/snapstate: on refresh, check new rev can read current - client, store: don't use store from client (use client from store) - tests/main/parallel-install-store: verify installation of more than one instance at a time - overlord: don't write system key if security setup fails - packaging/fedora/snapd.spec: fix bogus date in changelog - snapstate: update fontconfig caches on install - interfaces/apparmor/backend.go:411:38: regular expression does not contain any meta characters (SA6004) - asserts/header_checks.go:199:35: regular expression does not contain any meta characters (SA6004) - run staticcheck every time :-) - tests/lib/systemd-escape/main.go:46:14: printf-style function with dynamic first argument and no further arguments should use print- style function instead (SA1006) - tests/lib/fakestore/cmd/fakestore/cmd_run.go:66:15: the channel used with signal.Notify should be buffered (SA1017) - tests/lib/fakedevicesvc/main.go:55:15: the channel used with signal.Notify should be buffered (SA1017) - spdx/parser.go:30:1: only the first constant has an explicit type (SA9004) - overlord/snapstate/snapmgr.go:553:21: printf-style function with dynamic first argument and no further arguments should use print- style function instead (SA1006) - overlord/patch/patch3.go:44:70: printf-style function with dynamic first argument and no further arguments should use print-style function instead (SA1006) - cmd/snap/cmd_advise.go:200:2: empty branch (SA9003) - osutil/udev/netlink/conn.go:120:5: ineffective break statement. Did you mean to break out of the outer loop? (SA4011) - daemon/api.go:992:22: printf-style function with dynamic first argument and no further arguments should use print-style function instead (SA1006) - cmd/snapd/main.go:94:5: ineffective break statement. Did you mean to break out of the outer loop? (SA4011) - cmd/snap/cmd_userd.go:73:15: the channel used with signal.Notify should be buffered (SA1017) - cmd/snap/cmd_help.go:102:7: io.Writer.Write must not modify the provided buffer, not even temporarily (SA1023) - release: probe apparmor features lazily - overlord,daemon: mock security backends for testing - cmd/libsnap: move apparmor-support to libsnap - cmd: drop cruft from snap-discard-ns build rules - cmd/snap-confine: use snap-discard-ns ns to discard stale namespaces - cmd/snap-confine: handle mounted shared /run/snapd/ns - many: fix composite literals with unkeyed fields - dirs, wrappers, overlord/snapstate: make completion + bases work - tests: revert "tests: restore in restore, not prepare" - many: validate title - snap: make description maximum in runes, not bytes - tests: discard mount namespaces in reset.sh - tests/lib: sync cla check back from snapcraft - Revert "cmd/snap, tests/main/snap-info: highlight the current channel" - daemon: remove enableInternalInterfaceActions - mkversion: use "test -n" rather than "! test -z" - run-checks: assorted fixes - tests: restore in restore, not in prepare - cmd/snap: fix missing newline in "snap keys" error message - snap: epoch lists must contain no duplicate entries - interfaces/avahi_observe: Fix typo in comment - tests: add SPREAD_JOB to the description of systemd_create_and_start_unit - daemon, vendor: bump github.com/coreos/go-systemd/activation, handle API changes - Revert "cmd/snap-confine: don't allow mapping lib{uuid,blkid}" - packaging/fedora: use %_sysctldir macro - cmd/snap-confine: remove unneeded unshare - sanity: extend the kernel version check to cover CentOS/RHEL kernels - wrappers: remove all desktop files from a snap on removal - snap: add an explicit check for `epoch: null` loading - snap: check max description length in validate - spread, tests: add CentOS support - cmd/snap-confine: allow mapping more libc shards - cmd/snap-discard-ns: add support for --from-snap-confine - tests: make tinyproxy support systemd notify - tests: fix shellcheck - snap, store: rename `snap.Epoch`'s `Unset` to `IsZero` - store: add a test for a non-zero epoch refresh (with epoch bump) - store: v1 search doesn't send epoch, stop pretending it does - snap: make any "0" epoch be Unset, and marshalled to {[0],[0]} - overlord/snapstate: amend test should send local revision - tests: use mock-gpio.py in enable-disable-units-gpio test - snap: enforce minimal snap name len of 2 - cmd/libsnap: add sc_verify_snap_lock - cmd/snap-update-ns: extra debugging of trespassing events - userd: force zenity width if the text displayed is long - overlord/snapstate, store: always send epochs - cmd/snap-confine,snap-update-ns: discard quirks - cmd/snap: add nanosleep to blacklisted syscalls when running with --strace - cmd/snap-update-ns, tests: clean trespassing paths - nvidia, interfaces/builtin: OpenCL fixes - ifacestate/hotplug: removeDevice helper - cmd: install snap-discard-ns in "make hack" - overlord/ifacestate: setup security backends phased by backends first - ifacestate/helpers: added SystemSnapName mapper helper method - overlord/ifacestate: set hotplug-key of the connection when connecting hotplug slots - snapd: allow snap-update-ns to read /proc/version - cmd: handle tumbleweed and leap in autogen.sh - interfaces/tests: MockHotplugSlot test helper - store,daemon: make UserInfo,LoginUser part of the store interface - overlord/ifacestate: use remapper when checking if system snap is installed - tests: fix how pinentry is prepared for new gpg v 2.1 and 2.2 - packaging/arch: fix bash completions path - interfaces/builtin: add device-buttons interface for accessing events - tests, fakestore: extend refresh tests with parallel installed snaps - snap, store, overlord/snapshotstate: drop epoch pointers - snap: make Epoch default to {[0],[0]} on load from yaml - data/completion: pass documented arguments to completion functions - tests: skip opensuse from interfaces-openvswitch-support test - tests: simple reproducer for snap try and hooks bug - snapstate: do not allow classic mode for strict snaps - snap: make Epoch's MarshalJSON not simplify - store: remove unused currentSnap and currentSnapJSON - many: some small doc comment fixes in recent hotplug code - ifacestate/udevmonitor: added callback to signal end of enumeration - cmd/libsnap: add simplified feature flag checker - interfaces/opengl: add additional accesses for cuda - tests: add core18 only hooks test and fix running core18 only on classic - sanity, release, cmd/snap: refuse to try to do things on WSL. - cmd: make coreSupportsReExec faster - overlord/ifacestate: don't remove the dash when generating unique slot name - cmd/snap-seccomp: add full complement of ptrace constants - cmd: update autogen.sh for opensuse - interfaces/apparmor: allow access to /run/snap.$SNAP_INSTANCE_NAME - spread.yaml: add more systems to the autopkgtest and qemu backends - daemon: spool sideloaded snap into blob dir overlord/snapstate: address review feedback - packaging/opensuse: stop using golang-packaging - overlord/snapshots: survive an unknown user - wrappers: fix generating of service units with multiple `before` dependencies - data: run snapd.autoimport.service only after seeding - cmd/snap: unhide --name parameter to snap install, tweak help message - packaging/fedora: Merge changes from Fedora Dist-Git - tests/main/snap-service-after-before-install: verify after/before in snap install - overlord/ifacestate: mark connections disconnected by hotplug with hotplug-gone - ifacestate/ifacemgr: don't reload hotplug-gone connections on startup - tests: install dependencies during prepare - tests,store,daemon: ensure proxy settings are honored in auth/userinfo too - tests: core 18 does not support classic confinement - tests: add debug output for degraded test - strutil: make VersionCompare faster - overlord/snapshotstate/backend: survive missing directories - overlord/ifacestate: use map[string]*connState when passing conns around - tests: move fedora 28 to manual - overlord/snapshotstate/backend: be more verbose when SNAPPY_TESTING=1 - tests: removing fedora 26 system from spread.yaml - tests: linode execution is not needed anymore - tests/lib: adjust to changed systemctl behaviour on debian-9 - tests: fixes and new backend for tests on nested suite - strutil: let MatchCounter work with a nil regexp - ifacestate/helpers: findConnsForHotplugKey helper - many: move regexp.(Must)Compile out of non-init functions into variables - store: also make snaps downloaded via deltas 0600 - snap: use Lstat to determine snap size, remove ReadSnapInfoExceptSize - interfaces/builtin: add adb-support interface - tests: fail if install_snap_local fails - strutil: add extra test to CommaSeparatedList as suggested by mborzecki - cmd/snap, daemon, strutil: use CommaSeparatedList to split a CSL - ifacestate: optimize disconnect hooks - cmd/snap-update-ns: parse the -u <uid> command line option - cmd/snap, tests: snapshots for all - client, cmd/daemon: allow disabling keepalive, improve degraded mode unit tests - snap: only show "next" refresh time if its after the hold time - overlord/snapstate: run tests for classic snaps even on systems that don't support classic - overlord/standby: fix a race between standby goroutine and stop - cmd/snap-exec: don't fail on some try mode snaps - cmd/snap, userd, testutil: tweak DBus tests to use private session bus connection - cmd: remove remnants of sc_should_populate_mount_ns - client, daemon, cmd/snap: indicate that services are socket/timer activated - cmd/snap-seccomp: only look for PTRACE_GETFPX?REGS where available - cmd/snap-confine: remove SC_NS_FAIL_GRACEFULLY - snap/pack, cmd/snap: allow specifying the filename of 'snap pack' - cmd/snap-discard-ns: add support for per-user mount namespaces - cmd/snap-confine: remove stale mount profile along stale namespace - data/apt: close stderr when calling snap in the apt install hook. - tests/main: fixes for the new shellcheck - testutil, cmd/snap: introduce and use testutil.EqualsWrapped and fly - tests: initial setup for testing current branch on nested vm and hotplug management - cmd: refactor IPC and lifecycle of the helper process - tests/main/parallel-install-store: the store has caught up, do not expect failures - overlord/snapstate, snap, wrappers: start services in the right order during install - interfaces/browser-support, cmd/snap-seccomp: Allow read-only ptrace, for the Breakpad crash reporter - snap,client: use a different exit code for retryable errors - overlord/ifacestate: don't conflict on own discard-snap tasks when refreshing & doing garbage collection - cmd/snap: tweak `snap services` output when there is no services - interfaces/many: updates to support k8s worker nodes - cmd/snap: gnome-software install via snap:// handler - overlord/many: cleanup use of snapName vs. instanceName - snapstate: add command-chain to supported featureset - daemon, snap: mark screenshots as deprecated - interfaces: fix decoding of json numbers for static/dynamic attributes* ifstate: fix decoding of json numbers - cmd/snap: try not to panic on error from "snap try" - tests: new cosmic image for spread tests on gce - interfaces/system-key: add parser mtime and only discover features on write - overlord/snapshotstate/backend: detect path to tar in unit tests - tests/unit/gccgo: drop gccgo unit tests - cmd: use relative file names in locking APIs - interfaces: fix NormalizeInterfaceAttributes, add tests - overlord/snapshotstate/backend: fall back on sudo when no runuser - cmd/snap-confine: reduce verbosity of debug and error messages - systemd: extend Status() to work for socket and timer units - interfaces: typo 'allows' for consistency with other ifaces - systemd,wrappers: don't start disabled services - ifacestate: simplify task chaining in ifacestate.Connect - tests: ensure that goa-daemon is off - snap/pack, snap/squashfs: remove extra copy before mksquashfs - cmd/snap: block 'snap help <cmd> --all' - asserts, image: ensure kernel, gadget, base and required-snaps use valid snap names - apparmor: add unit test for probeAppArmorParser and simplify code - interfaces/apparmor: conditionally add explicit deny rules for ptrace - po: sync translations from launchpad - osutil: tweak handling of error adduser errors - cmd: rename ns_group to mount_ns - tests/main/interfaces-accounts-service: more debugging - snap/pack, snap/squashfs: use type to determine mksquashfs args - data/systemd, wrappers: tweak system-shutdown helper for core18 - tests: show list of processes when ifaces-accounts-service fails - tests: do not run degraded test in autopkgtest env - snap: overhaul validation error messages - ifacestate/hooks: only create interface hook tasks if hooks exist - osutil: workaround overlayfs on ubuntu 18.10 - interfaces/home: don't allow snaps to write to $HOME/bin - interfaces: improve Attr error further - snapstate: tweak GetFeatureFlagBool() to have a default argument - many: cleanup remaining parallel installs TODOs - image: improve validation of extra snaps -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1667460 - snapd-2.37.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1667460 --------------------------------------------------------------------------------
================================================================================ switchboard-plug-bluetooth-2.2.1-1.fc29 (FEDORA-2019-5887c66319) Switchboard Bluetooth plug -------------------------------------------------------------------------------- Update Information:
Update to version 2.2.1. Release notes: https://github.com/elementary/switchboard-plug-bluetooth/releases/tag/2.2.1 -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Fabio Valentini decathorpe@gmail.com - 2.2.1-1 - Update to version 2.2.1. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1669551 - switchboard-plug-bluetooth-2.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1669551 --------------------------------------------------------------------------------
================================================================================ systemd-239-11.git4dc7dce.fc29 (FEDORA-2019-1fb1547321) System and Service Manager -------------------------------------------------------------------------------- Update Information:
- Fix large memory usage by systemd-journald (#1665931) - Some minor fixes to systemd-nspawn, udevadm, documentation and logging No need to log out or reboot. -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 239-11.git4dc7dce - Revert one of the patches to reduce journald memory usage because of selinux troubles * Thu Feb 7 2019 Zbigniew J��drzejewski-Szmek zbyszek@in.waw.pl - 239-10.git4dc7dce - Fix large memory usage by systemd-journald (#1665931) - Some minor fixes to systemd-nspawn, udevadm, documentation and logging -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1665931 - systemd-journald.service: crazy memory usage (24.5 GB VIRT, 170 MB RES) RuntimeMaxUse=10M https://bugzilla.redhat.com/show_bug.cgi?id=1665931 --------------------------------------------------------------------------------
================================================================================ texi2html-5.0-11.fc29 (FEDORA-2019-f184186475) A highly customizable texinfo to HTML and other formats translator -------------------------------------------------------------------------------- Update Information:
tetex-tex4ht changed to texlive-tex4ht -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Troy Dawson tdawson@redhat.com - 5.0-11 - tetex-tex4ht changed to texlive-tex4ht - BuildRequire gcc-c++ * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 5.0-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sat Jul 14 2018 Fedora Release Engineering releng@fedoraproject.org - 5.0-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1606513 - texi2html: FTBFS in Fedora rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1606513 --------------------------------------------------------------------------------
================================================================================ texlive-2018-25.fc29 (FEDORA-2019-ee186b8961) TeX formatting system -------------------------------------------------------------------------------- Update Information:
- add dependency on translations.sty to texlive-xsim (bz1637642) - handle upgrades for uantwerpendocs (bz1644398) -------------------------------------------------------------------------------- ChangeLog:
* Fri Feb 8 2019 Tom Callaway spot@fedoraproject.org - 8:2018-25 - add dependency on translations.sty to texlive-xsim (bz1637642) - handle upgrades for uantwerpendocs (bz1644398) * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 8:2018-24 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1644398 - texlive-uantwerpendocs conflict when upgrading to fedora 29 https://bugzilla.redhat.com/show_bug.cgi?id=1644398 [ 2 ] Bug #1637642 - texlive-xsim should depend on texlive-translations https://bugzilla.redhat.com/show_bug.cgi?id=1637642 --------------------------------------------------------------------------------
================================================================================ thunderbird-60.5.0-4.fc29 (FEDORA-2019-526ef126cd) Mozilla Thunderbird mail/newsgroup client -------------------------------------------------------------------------------- Update Information:
- Updated to latest version (60.5.0) - https://www.thunderbird.net/en- US/thunderbird/60.5.0/releasenotes/ - Backported Wayland patches from Firefox 65.0 -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 Martin Stransky stransky@redhat.com - 60.5.0-4 - Use MOZ_ENABLE_WAYLAND for Wayland launcher. * Tue Feb 5 2019 Martin Stransky stransky@redhat.com - 60.5.0-3 - Updated Wayland patches * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 60.5.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Wed Jan 30 2019 Martin Stransky stransky@redhat.com - 60.5.0-1 - Update to 60.5.0 --------------------------------------------------------------------------------
================================================================================ tideEditor-1.4.5-1.fc29 (FEDORA-2019-29e8eb1c86) Editor for Tide Constituent Database (TCD) files -------------------------------------------------------------------------------- Update Information:
New version 1.4.5 is released. -------------------------------------------------------------------------------- ChangeLog:
* Tue Feb 5 2019 Mamoru TASAKA mtasaka@fedoraproject.org - 1.4.5-1 - 1.4.5 * Sun Feb 3 2019 Fedora Release Engineering releng@fedoraproject.org - 1.4.4-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------
================================================================================ tnef-1.4.17-1.fc29 (FEDORA-2019-b132b8ff1a) Extract files from email attachments like WINMAIL.DAT -------------------------------------------------------------------------------- Update Information:
Update to release 1.4.17 -------------------------------------------------------------------------------- ChangeLog:
* Thu Feb 7 2019 David Timms iinet.net.au@dtimms - 1.4.17-1 - Update to release 1.4.17. --------------------------------------------------------------------------------
================================================================================ tracker-2.1.7-1.fc29 (FEDORA-2019-9e3011f6dd) Desktop-neutral metadata database and search tool -------------------------------------------------------------------------------- Update Information:
tracker 2.1.7 release. * Fix build order with libtracker-sparql generated headers * Fix ontology update with SQLite 3.25 * Fix build with Vala 0.43 -------------------------------------------------------------------------------- ChangeLog:
* Wed Feb 6 2019 Kalev Lember klember@redhat.com - 2.1.7-1 - Update to 2.1.7 * Wed Jan 23 2019 Kalev Lember klember@redhat.com - 2.1.6-1 - Update to 2.1.6 --------------------------------------------------------------------------------