[SECURITY] Fedora 28 Update: moodle-3.4.7-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-077cd6f168
2019-01-31 02:11:11.622168
--------------------------------------------------------------------------------
Name : moodle
Product : Fedora 28
Version : 3.4.7
Release : 1.fc28
URL : http://moodle.org/
Summary : A Course Management System
Description :
Moodle is a course management system (CMS) - a free, Open Source software
package designed using sound pedagogical principles, to help educators create
effective online learning communities.
--------------------------------------------------------------------------------
Update Information:
Multiple CVE fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 22 2019 Gwyn Ciesla <limburgher(a)gmail.com> - 3.4.7-1
- 3.4.7
* Wed Nov 21 2018 Gwyn Ciesla <limburgher(a)gmail.com> - 3.4.6-1
- 3.4.6
* Mon Sep 17 2018 Gwyn Ciesla <limburgher(a)gmail.com> - 3.4.5-1
- 3.4.5
* Mon Jul 30 2018 Gwyn Ciesla <limburgher(a)gmail.com> - 3.4.4-1
- 3.4.4.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1668074 - CVE-2019-3810 moodle: User full name is not escaped in the un-linked userpix page (MSA-19-0003) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1668074
[ 2 ] Bug #1668068 - CVE-2019-3809 moodle: Blind SSRF Risk in /badges/mybackpack.php (MSA-19-0002) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1668068
[ 3 ] Bug #1668066 - CVE-2019-3808 moodle: Manage groups capability is missing XSS risk flag (MSA-19-0001) [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1668066
[ 4 ] Bug #1668065 - CVE-2019-3808 moodle: Manage groups capability is missing XSS risk flag (MSA-19-0001) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1668065
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-077cd6f168' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months
Fedora 28 Update: vala-0.40.13-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-59e549ef81
2019-01-31 02:11:11.622156
--------------------------------------------------------------------------------
Name : vala
Product : Fedora 28
Version : 0.40.13
Release : 1.fc28
URL : https://wiki.gnome.org/Projects/Vala
Summary : A modern programming language for GNOME
Description :
Vala is a new programming language that aims to bring modern programming
language features to GNOME developers without imposing any additional
runtime requirements and without using a different ABI compared to
applications and libraries written in C.
valac, the Vala compiler, is a self-hosting compiler that translates
Vala source code into C source and header files. It uses the GObject
type system to create classes and interfaces declared in the Vala source
code. It's also planned to generate GIDL files when gobject-
introspection is ready.
The syntax of Vala is similar to C#, modified to better fit the GObject
type system.
--------------------------------------------------------------------------------
Update Information:
vala 0.40.13 release. For details, see https://mail.gnome.org/archives/ftp-
release-list/2019-January/msg00080.html
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 22 2019 Kalev Lember <klember(a)redhat.com> - 0.40.13-1
- Update to 0.40.13
* Thu Dec 27 2018 Kalev Lember <klember(a)redhat.com> - 0.40.12-1
- Update to 0.40.12
* Wed Nov 7 2018 Kalev Lember <klember(a)redhat.com> - 0.40.11-1
- Update to 0.40.11
* Tue Oct 16 2018 Kalev Lember <klember(a)redhat.com> - 0.40.10-1
- Update to 0.40.10
* Tue Sep 4 2018 Kalev Lember <klember(a)redhat.com> - 0.40.9-1
- Update to 0.40.9
* Wed Jul 25 2018 Kalev Lember <klember(a)redhat.com> - 0.40.8-1
- Update to 0.40.8
* Tue Jun 26 2018 Kalev Lember <klember(a)redhat.com> - 0.40.7-1
- Update to 0.40.7
* Mon May 21 2018 Kalev Lember <klember(a)redhat.com> - 0.40.6-1
- Update to 0.40.6
* Mon May 21 2018 Kalev Lember <klember(a)redhat.com> - 0.40.5-1
- Update to 0.40.5
* Mon Apr 16 2018 Kalev Lember <klember(a)redhat.com> - 0.40.4-1
- Update to 0.40.4
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-59e549ef81' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months
Fedora 28 Update: ibus-libzhuyin-1.9.0-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-f6e74b18e6
2019-01-31 02:11:11.622145
--------------------------------------------------------------------------------
Name : ibus-libzhuyin
Product : Fedora 28
Version : 1.9.0
Release : 1.fc28
URL : https://github.com/libzhuyin/ibus-libzhuyin
Summary : New Zhuyin engine based on libzhuyin for IBus
Description :
It includes a Chinese Zhuyin (Bopomofo) input method
based on libzhuyin for IBus.
--------------------------------------------------------------------------------
Update Information:
ibus-libpinyin * fixes keypad decimal * fixes emoji candidates * support
configurable opencc config ibus-libzhuyin * fixes special symbol * add need-
tone option
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 22 2019 Peng Wu <pwu(a)redhat.com> - 1.9.0-1
- Update to 1.9.0
- fixes special symbol
- add need-tone option
* Fri Nov 2 2018 Peng Wu <pwu(a)redhat.com> - 1.8.93-1
- Update to 1.8.93
- fixes Space handling
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.8.92-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 1.8.92-2
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-f6e74b18e6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months
Fedora 28 Update: ibus-libpinyin-1.11.0-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-f6e74b18e6
2019-01-31 02:11:11.622145
--------------------------------------------------------------------------------
Name : ibus-libpinyin
Product : Fedora 28
Version : 1.11.0
Release : 1.fc28
URL : https://github.com/libpinyin/ibus-libpinyin
Summary : Intelligent Pinyin engine based on libpinyin for IBus
Description :
It includes a Chinese Pinyin input method and a Chinese ZhuYin (Bopomofo)
input method based on libpinyin for IBus.
--------------------------------------------------------------------------------
Update Information:
ibus-libpinyin * fixes keypad decimal * fixes emoji candidates * support
configurable opencc config ibus-libzhuyin * fixes special symbol * add need-
tone option
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 21 2019 Peng Wu <pwu(a)redhat.com> - 1.11.0-1
- Update to 1.11.0
- fixes keypad decimal
- fixes emoji candidates
- support configurable opencc config
* Wed Oct 31 2018 Peng Wu <pwu(a)redhat.com> - 1.10.92-1
- Update to 1.10.92
- fixes Enter handling
* Thu Oct 11 2018 Peng Wu <pwu(a)redhat.com> - 1.10.91-1
- Update to 1.10.91
- support ime.register_trigger in lua extension
- support predicted candidates
- support emoji input
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.10.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 1.10.0-2
- Rebuilt for Python 3.7
* Tue Apr 17 2018 Peng Wu <pwu(a)redhat.com> - 1.10.0-1
- Update to 1.10.0
- bug fixes
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-f6e74b18e6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months
Fedora 28 Update: libpinyin-2.2.2-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-f6e74b18e6
2019-01-31 02:11:11.622145
--------------------------------------------------------------------------------
Name : libpinyin
Product : Fedora 28
Version : 2.2.2
Release : 1.fc28
URL : https://github.com/libpinyin/libpinyin
Summary : Library to deal with pinyin
Description :
The libpinyin project aims to provide the algorithms core
for intelligent sentence-based Chinese pinyin input methods.
--------------------------------------------------------------------------------
Update Information:
ibus-libpinyin * fixes keypad decimal * fixes emoji candidates * support
configurable opencc config ibus-libzhuyin * fixes special symbol * add need-
tone option
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 21 2019 Peng Wu <pwu(a)redhat.com> - 2.2.2-1
- Update to 2.2.2
- minor fixes
* Tue Oct 9 2018 Peng Wu <pwu(a)redhat.com> - 2.2.1-1
- Update to 2.2.1
- fixes predicted candidates
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Apr 17 2018 Peng Wu <pwu(a)redhat.com> - 2.2.0-1
- Update to 2.2.0
- bug fixes
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-f6e74b18e6' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months
Fedora 28 Update: php-microsoft-tolerant-php-parser-0.0.16-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-5dcb6cb509
2019-01-31 02:11:11.622133
--------------------------------------------------------------------------------
Name : php-microsoft-tolerant-php-parser
Product : Fedora 28
Version : 0.0.16
Release : 1.fc28
URL : https://github.com/Microsoft/tolerant-php-parser
Summary : Tolerant PHP-to-AST parser
Description :
This is an early-stage PHP parser designed, from the beginning, for IDE usage
scenarios. There is still a ton of work to be done, so at this point, this
repo mostly serves as an experiment and the start of a conversation.
Autoloader /usr/share/php/Microsoft/PhpParser/autoload.php
--------------------------------------------------------------------------------
Update Information:
18 Jan 2019, **Phan 1.2.1** **New features (CLI):** + Add short flags: `-S`
for `--strict-type-checking`, `-C` for `--color`, `-P` for `--plugin <plugin>`
**New features (Analysis):** + Infer that the result of `array_map` has integer
keys when passed two or more arrays (#2277) + Improve inferences about the left
hand side of `&&` statements such as `$leftVar && (other_expression);` (#2300) +
Warn about passing an undefined variable to a function expecting a reference
parameter with a real, non-nullable type (#1344) + Include variables in scope as
alternative suggestions for undeclared properties (#1680) + Infer a string
literal when analyzing calls to `basename` or `dirname` on an expression that
evaluates to a string literal. (#2323) + Be stricter about warning when literal
int/string values are passed to incompatible scalar types when
`scalar_implicit_cast` or `scalar_implicit_partial` are used. (#2340)
**Maintenance:** + End the output for `--output-mode <json>` with a newline. +
Upgrade tolerant-php-parser, making the polyfill/fallback properly parse `$a &&
$b = $c` (#2180) + Add updates to the function/method signature map from Psalm
and PHPStan. **Language Server/Daemon mode:** + Add `--output-mode <mode>` to
`phan_client`. (#1568). Supported formats: `phan_client` (default), `text`,
`json`, `csv`, `codeclimate`, `checkstyle`, or `pylint` + Add `--color` to
`phan_client` (e.g. for use with `--output-mode text`) + Add `--language-server-
completion-vscode`. This is a workaround to make completion of variables and
static properties work in [the Phan plugin for VS
Code](https://github.com/tysonandre/vscode-php-phan) + Include Phan's signature
types in hover text for internal and user-defined methods (instead of just the
real types) (#2309) Also, show defaults of non-nullable parameters as `=
default` instead of `= null` + Properly return a result set when requesting
variable completion of `$` followed by nothing. + Fix code completion when
`--language-server-analyze-only-on-save` is on. (#2327) **Plugins:** + Add a
new issue type to `DuplicateExpressionPlugin`: `PhanPluginBothLiteralsBinaryOp`.
(#2297) (warns about suspicious expressions such as `null == 'a literal` in
`$x ?? null == 'a literal'`) + Support `assertInternalType` in
`PHPUnitAssertionPlugin` (#2290) + Warn when identical dynamic expressions (e.g.
variables, function calls) are used as array keys in `DuplicateArrayKeyPlugin`
---- **microsoft/tolerant-php-parser version 0.0.16**
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-5dcb6cb509' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months
Fedora 28 Update: phan-1.2.1-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-5dcb6cb509
2019-01-31 02:11:11.622133
--------------------------------------------------------------------------------
Name : phan
Product : Fedora 28
Version : 1.2.1
Release : 1.fc28
URL : https://github.com/phan/phan
Summary : A static analyzer for PHP
Description :
Phan is a static analyzer that looks for common issues and will verify type
compatibility on various operations when type information is available or can
be deduced. Phan does not make any serious attempt to understand flow control
and narrow types based on conditionals.
--------------------------------------------------------------------------------
Update Information:
18 Jan 2019, **Phan 1.2.1** **New features (CLI):** + Add short flags: `-S`
for `--strict-type-checking`, `-C` for `--color`, `-P` for `--plugin <plugin>`
**New features (Analysis):** + Infer that the result of `array_map` has integer
keys when passed two or more arrays (#2277) + Improve inferences about the left
hand side of `&&` statements such as `$leftVar && (other_expression);` (#2300) +
Warn about passing an undefined variable to a function expecting a reference
parameter with a real, non-nullable type (#1344) + Include variables in scope as
alternative suggestions for undeclared properties (#1680) + Infer a string
literal when analyzing calls to `basename` or `dirname` on an expression that
evaluates to a string literal. (#2323) + Be stricter about warning when literal
int/string values are passed to incompatible scalar types when
`scalar_implicit_cast` or `scalar_implicit_partial` are used. (#2340)
**Maintenance:** + End the output for `--output-mode <json>` with a newline. +
Upgrade tolerant-php-parser, making the polyfill/fallback properly parse `$a &&
$b = $c` (#2180) + Add updates to the function/method signature map from Psalm
and PHPStan. **Language Server/Daemon mode:** + Add `--output-mode <mode>` to
`phan_client`. (#1568). Supported formats: `phan_client` (default), `text`,
`json`, `csv`, `codeclimate`, `checkstyle`, or `pylint` + Add `--color` to
`phan_client` (e.g. for use with `--output-mode text`) + Add `--language-server-
completion-vscode`. This is a workaround to make completion of variables and
static properties work in [the Phan plugin for VS
Code](https://github.com/tysonandre/vscode-php-phan) + Include Phan's signature
types in hover text for internal and user-defined methods (instead of just the
real types) (#2309) Also, show defaults of non-nullable parameters as `=
default` instead of `= null` + Properly return a result set when requesting
variable completion of `$` followed by nothing. + Fix code completion when
`--language-server-analyze-only-on-save` is on. (#2327) **Plugins:** + Add a
new issue type to `DuplicateExpressionPlugin`: `PhanPluginBothLiteralsBinaryOp`.
(#2297) (warns about suspicious expressions such as `null == 'a literal` in
`$x ?? null == 'a literal'`) + Support `assertInternalType` in
`PHPUnitAssertionPlugin` (#2290) + Warn when identical dynamic expressions (e.g.
variables, function calls) are used as array keys in `DuplicateArrayKeyPlugin`
---- **microsoft/tolerant-php-parser version 0.0.16**
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-5dcb6cb509' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months
Fedora 28 Update: ibus-typing-booster-2.5.0-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-8033641d6e
2019-01-31 02:11:11.622122
--------------------------------------------------------------------------------
Name : ibus-typing-booster
Product : Fedora 28
Version : 2.5.0
Release : 1.fc28
URL : https://mike-fabian.github.io/ibus-typing-booster/
Summary : A completion input method
Description :
Ibus-typing-booster is a context sensitive completion
input method to speedup typing.
--------------------------------------------------------------------------------
Update Information:
Update to 2.5.0: Adds speech recognition feature, See: http://mike-
fabian.github.io/ibus-typing-booster/documentation.html#speech-recognition
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 16 2019 Mike FABIAN <mfabian(a)redhat.com> - 2.5.0-1
- Update to 2.5.0
- Update translations from zanata (de, ja, uk updated)
- Add a property menu for the highest priority dictonary
- Add a missing _update_preedit()
- When lookup is enabled by tab but the lookup table is empty,
the first cancel should clear the input
- Reset self.is_lookup_table_enabled_by_tab and
self.is_lookup_table_enabled_by_min_char_complete when input is cleared
- Get suggestions from hunspell dictionaries only for input
which does not contain spaces
- Don���t reinitialize the dictionaries if only the order of the dictionaries has changed
- Add key bindings to change the priority of dictionaries
- Speech recognition input using Google speech-to-text
- Change the default input methods for as_IN, kn_IN, and ta_IN
- Make ur-phonetic the default input method for ur_IN and add en_GB dictionary to default
- Update emoji annotations from CLDR
- Add Recommends: python3-pyaudio (For voice recognition)
* Sun Dec 30 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.4.1-1
- Update to 2.4.1
- Update translations from zanata (pl updated)
- Add direct input mode
(Resolves: https://github.com/mike-fabian/ibus-typing-booster/issues/25)
- Fix start of setup tool when libexedir is not /usr/libexec/
(Resolves: https://github.com/mike-fabian/ibus-typing-booster/issues/42)
* Wed Dec 19 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.4.0-1
- Update to 2.4.0
- Update translations from zanata (de, es, fr, ja, pl, uk updated)
- Add new command 'toggle_hide_input' to hide the pre��dit, lookup table, and auxiliary text
- Add an option to use preedit style only if lookup is enabled
- Add an option to choose the style of underlining the preedit
- Don���t try to record the first candidate when there is none
after an automatic commit on focus out or reset
(Resolves: rhbz#1659128)
- Add an option in the setup tool to set the debug level
- Move appearance related options to the new ���Appearance��� tab
- Add settings for colour and other appearance stuff
- Move ���Dictionaries and input methods��� Tab in the setup tool to the first position
- Update the shortcut hints in the tooltips when keybindings change
- Only show the label in the panel menus for emoji-mode and off-the-record-mode
- Don���t show the shortcut hints in the menu labels, takes too much space there.
- Update README because of the recent change to make keybindings configurable.
* Thu Dec 13 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.3.3-1
- Update to 2.3.3
- Toggle candidates between 'title', 'upper', and 'lower' case
when Shift is typed.
- Improve Spanish translation (Thanks to Ismael Venegas Castell��)
* Tue Dec 11 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.3.2-1
- Update to 2.3.2
- Key bindings should match independent of whether
Num Lock or Caps Lock are on or off.
* Sat Dec 8 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.3.1-1
- Update to 2.3.1
- Update translations from zanata (cs, de, es, fr, ja, pl, pt_BR, uk, zh_CN updated)
- Avoid some PyGTKDeprecationWarnings
- Don���t show Unicode 12.0 draft emoji by default in emoji-picker
- Update emoji data to Unicode 12.0 draft
- Update emoji annotations from CLDR
* Wed Dec 5 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.3.0-1
- Update to 2.3.0
- Update translations from zanata (de, ja, uk updated)
- Commit the current pre��dit when the focus changes
- When pre��dit empty or lookup table not enabled by key: clear the lookup table
- Make key bindings configurable
(Resolves: https://github.com/mike-fabian/ibus-typing-booster/issues/15)
- Correct tooltips for the ���up��� and ���down��� buttons for
input methods dictionaries
* Wed Nov 28 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.2.1-2
- Add desktop-file-utils, python3-gobject-base, gtk3, dbus-x11, dconf, and ibus
to BuildRequires (without that the build started failing on F28).
* Wed Nov 28 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.2.1-1
- Update to 2.2.1
- Update translations from zanata (pl, uk updated)
* Wed Nov 21 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.2.0-1
- Update translations from zanata (de updated)
- Save some screen space in the setup tool
- Add inline completion feature
- Tab should force a lookup when the minimum number of characters is not yet reached
* Mon Sep 24 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.1.3-1
- Update translations from zanata (uk updated)
* Mon Sep 24 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.1.2-1
- Update to 2.1.2
- Update translations from zanata (de, pl updated)
- Add typing-booster.its and typing-booster.loc to avoid making the
release descriptions and developer name in typing-booster.appdata.xml
translatable.
- Remove code to check whether another instance of the setup tool is running.
- Add new option to avoid adding a space when committing by label or mouse
(Resolves: https://github.com/mike-fabian/ibus-typing-booster/issues/39)
- Update emoji annotations from CLDR
- Do not try to commit if index is >= the current number of candidates
(Resolves: rhbz#1630349)
- Add test case for https://bugzilla.redhat.com/show_bug.cgi?id=1630349
* Tue Sep 4 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.1.1-1
- Update translations from zanata (es updated, 100% complete now)
* Thu Aug 23 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.1.0-2
- Make ���make check��� test cases work again when building the rpm
* Tue Jul 24 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.1.0-1
- Update to 2.1.0
- emoji-picker: Show a concise description of a selected emoji in the header bar
- Update the setup UI when settings are changed outside of the setup UI
- Migrate IBusConfig to GSettings (The old settings are
unfortunately lost, so one has to open the setup tool
and recreate ones favourite settings).
- Read emoji data files always in UTF-8
* Wed Jun 27 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.0.2-1
- Update to 2.0.2
- Better Tab handling, use Tab to switch to the next candidate, not to commit
* Thu Jun 21 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.0.1-1
- Update to 2.0.1
- Update translations from zanata (ja updated)
- Update emoji annotations from CLDR
- Fix some bugs in the usage of ���prefix��� for prefixes other than ���/usr��� (For FreeBSD)
- Make itb_util.get_ime_help() work on FreeBSD
- Update UnicodeData.txt to Unicode 11.0.0
- Remove useless 't-nil vi-base': 'vi-base.mim', from M17N_INPUT_METHODS
- Remove extra space in entry for sa-IAST input method to make it work
- Show in the setup tool in the input listbox whether minput_open_im() succeeded.
- Use the rocket icon emoji_u1f680.svg from the ���Noto Color Emoji��� font
* Mon May 28 2018 Mike FABIAN <mfabian(a)redhat.com> - 2.0.0-1
- Update to 2.0.0
- Update translations because of the merge of the engines (de, pl, uk updated)
- Update emoji annotations from CLDR
- Do not hardcode icon names in desktop files
(Resolves: https://github.com/mike-fabian/ibus-typing-booster/issues/17)
- Change the default for ���Unicode symbols and emoji predictions��� to ���False���
- Merge all typing-booster engines into one
- Change the UI of the setup tool to make it possible to select
multiple input methods and dictionaries
- Move the buttons to learn from a file and to delete learned data to the options tab
- Use the same ���About��� dialog in the setup tool as in emoji-picker
* Tue May 22 2018 Mike FABIAN <mfabian(a)redhat.com> - 1.5.38-2
- Update to 1.5.38
- Refresh french translation (thanks to Thierry Thomas)
- Mark comments in the emoji-picker about dialog as translatable
* Mon May 14 2018 Mike FABIAN <mfabian(a)redhat.com> - 1.5.37-1
- Update to 1.5.37
- Update translations from Zanata (pl and uk updated)
- Make ���Add direct input��� option work correctly when
���Remember last preedit input method��� option is off
- Fix test case for Korean
- Rewrite setup UI completely in Python, without using Glade
- Fix format string in debug message when a dictionary .aff file has no encoding
(Resolves: rhbz#1575659)
- Return False in read_training_data_from_file() if file cannot be opened
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-8033641d6e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months
[SECURITY] Fedora 28 Update: wireshark-2.6.6-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-fbd2bad9f9
2019-01-31 02:11:11.622110
--------------------------------------------------------------------------------
Name : wireshark
Product : Fedora 28
Version : 2.6.6
Release : 1.fc28
URL : http://www.wireshark.org/
Summary : Network traffic analyzer
Description :
Metapackage with installs wireshark-cli and wireshark-qt.
--------------------------------------------------------------------------------
Update Information:
New version 2.6.6. Security fix for CVE-2019-5716, CVE-2019-5717, CVE-2019-5718,
CVE-2019-5719
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 21 2019 Michal Ruprich <mruprich(a)redhat.com> - 1:2.6.5-3
- New version 2.6.6
- Contains fixes for CVE-2019-5716, CVE-2019-5717, CVE-2019-5718, CVE-2019-5719
* Thu Jan 3 2019 Michal Ruprich <mruprich(a)redhat.com> - 1:2.6.5-2
- Adding libnghttp2-devel as BuildRequires - needed for HTTP2 support(rhbz#1512722)
- Adding jack-audio-connection-kit as a BuildRequire for portaudio
* Mon Dec 10 2018 Michal Ruprich <mruprich(a)redhat.com> - 1:2.6.5-1
- New version 2.6.5
- Contains fixes for CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628
* Mon Nov 12 2018 Michal Ruprich <mruprich(a)redhat.com> - 1:2.6.4-1
- New version 2.6.4
- Contains fixes for CVE-2018-16056, CVE-2018-16057, CVE-2018-16058
* Tue Jul 24 2018 Michal Ruprich <mruprich(a)redhat.com> - 1:2.6.2-1
- New version 2.6.2
- Contains fixes for CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370
* Thu May 24 2018 Michal Ruprich <mruprich(a)redhat.com> - 1:2.6.1-1
- New version 2.6.1
* Tue May 15 2018 Michal Ruprich <mruprich(a)redhat.com> - 1:2.6.0-2
- Fixed undefined reference error in tshark (rhbz#1573906)
- Correcting usage of build flags (rhbz#1548665)
* Fri Apr 27 2018 Michal Ruprich <mruprich(a)redhat.com> - 1:2.6.0-1
- New version 2.6.0
- Removed GeoIP support, libmaxminddb is used instead
- Removed dftest binary
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1667593 - CVE-2019-5719 wireshark: ISAKMP dissector crash in epan/dissectors/packet-isakmp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667593
[ 2 ] Bug #1667587 - CVE-2019-5718 wireshark: RTSE and other ASN.1 dissectors crash in epan/charsets.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667587
[ 3 ] Bug #1667582 - CVE-2019-5717 wireshark: P_MUL dissector crash in epan/dissectors/packet-p_mul.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667582
[ 4 ] Bug #1667580 - CVE-2019-5716 wireshark: 6LoWPAN dissector crash in epan/dissectors/packet-6lowpan.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667580
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-fbd2bad9f9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months
[SECURITY] Fedora 28 Update: docker-latest-1.13.1-40.git1185cfd.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-723711c645
2019-01-31 02:11:11.622099
--------------------------------------------------------------------------------
Name : docker-latest
Product : Fedora 28
Version : 1.13.1
Release : 40.git1185cfd.fc28
URL : https://github.com/projectatomic/docker
Summary : Automates deployment of containerized applications
Description :
Docker is an open-source engine that automates the deployment of any
application as a lightweight, portable, self-sufficient container that will
run virtually anywhere.
Docker containers can encapsulate any payload, and will run consistently on
and between virtually any server. The same container that a developer builds
and tests on a laptop will run at scale, in production*, on VMs, bare-metal
servers, OpenStack clusters, public instances, or combinations of the above.
--------------------------------------------------------------------------------
Update Information:
- Resolves: #1666565, #1667625 - CVE-2018-20699 - Resolves: #1663068, #1667626 -
umount all procfs and sysfs with --no-pivot - built docker
@projectatomic/docker-1.13.1 commit 1185cfd - built docker-runc
@projectatomic/docker-1.13.1 commit e4ffe43 ---- Resolves: #1598581, #1598582
- CVE-2018-10892
--------------------------------------------------------------------------------
ChangeLog:
* Sat Jan 19 2019 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 2:1.13.1-40.git1185cfd
- Resolves: #1666565, #1667625 - CVE-2018-20699
- Resolves: #1663068, #1667626 - umount all procfs and sysfs with --no-pivot
- built docker @projectatomic/docker-1.13.1 commit 1185cfd
- built docker-runc @projectatomic/docker-1.13.1 commit e4ffe43
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2:1.13.1-38.git9cb56fd
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Sun Jul 8 2018 Lokesh Mandvekar <lsm5(a)fedoraproject.org> - 2:1.13.1-37.git9cb56fd
- Resolves: #1598581, #1598582 - CVE-2018-10892
- built docker @projectatomic/docker-1.13.1 commit 9cb56fd
- built docker-runc @projectatomic/docker-1.13.1 commit b425831
- built docker-containerd @projectatomic/docker-1.13.1 commit 42e825a
- built docker-init commit fec3683
- built libnetwork commit d00ceed
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1663068 - runc: not using pivot_root allows mounting of /proc
https://bugzilla.redhat.com/show_bug.cgi?id=1663068
[ 2 ] Bug #1666565 - CVE-2018-20699 docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus
https://bugzilla.redhat.com/show_bug.cgi?id=1666565
[ 3 ] Bug #1598581 - CVE-2018-10892 docker: container breakout without selinux in enforcing mode
https://bugzilla.redhat.com/show_bug.cgi?id=1598581
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-723711c645' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 3 months