The following Fedora 27 Security updates need testing:
Age URL
279
https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27
211
https://bodhi.fedoraproject.org/updates/FEDORA-2018-8dc6395408
dpdk-17.08.2-1.fc27
174
https://bodhi.fedoraproject.org/updates/FEDORA-2018-3b33f65b01
nodejs-brace-expansion-1.1.11-1.fc27
166
https://bodhi.fedoraproject.org/updates/FEDORA-2018-a748acc219
unrtf-0.21.9-8.fc27
142
https://bodhi.fedoraproject.org/updates/FEDORA-2018-f6ccdeb750
mailman-2.1.21-9.fc27
142
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc864bb9e1
openslp-2.0.0-15.fc27
100
https://bodhi.fedoraproject.org/updates/FEDORA-2018-21ffebf41c
tomcat-8.0.53-1.fc27
100
https://bodhi.fedoraproject.org/updates/FEDORA-2018-e8533a3ef1
unixODBC-2.3.7-1.fc27
49
https://bodhi.fedoraproject.org/updates/FEDORA-2018-fc2ba807a6
xerces-c27-2.7.0-28.fc27
22
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4c0b99a9eb
drupal7-7.60-2.fc27
22
https://bodhi.fedoraproject.org/updates/FEDORA-2018-60c74d2b16
php-Smarty2-2.6.31-2.fc27
20
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cca4732a99
thunderbird-60.3.0-1.fc27
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-fe24359b69 xen-4.9.3-3.fc27
9
https://bodhi.fedoraproject.org/updates/FEDORA-2018-0363fec36c
chromium-70.0.3538.77-4.fc27
8
https://bodhi.fedoraproject.org/updates/FEDORA-2018-5743ef02a1
rubygem-rack-2.0.3-4.fc27
8
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4febd7f702
rubygem-i18n-0.7.0-6.fc27
8
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4ce40afcb6
rubygem-loofah-2.0.3-6.fc27
7
https://bodhi.fedoraproject.org/updates/FEDORA-2018-399bce9f8f
libtiff-4.0.10-1.fc27
7
https://bodhi.fedoraproject.org/updates/FEDORA-2018-dbe9da512d
soundtouch-2.1.1-1.fc27
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4ae94c8deb
community-mysql-5.7.24-1.fc27
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b68776e5b0
kernel-headers-4.18.19-100.fc27 kernel-tools-4.18.19-100.fc27 kernel-4.18.19-100.fc27
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-192148f4ff
mariadb-10.2.19-1.fc27
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-50eceed44a
kio-extras-17.12.3-1.fc27.1
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-daee493feb
php-PHPMailer-5.2.27-1.fc27
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-46b92c9064
php-phpmailer6-6.0.6-1.fc27
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-382362e255
firefox-63.0.3-1.fc27
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9b7d7a155b
flatpak-1.0.6-1.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-c271659b1e
nginx-1.14.1-1.fc27
0
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4ec3eecd7f
moodle-3.3.9-1.fc27
The following Fedora 27 Critical Path updates have yet to be approved:
Age URL
195
https://bodhi.fedoraproject.org/updates/FEDORA-2018-25d5c86330 libidn-1.34-2.fc27
mcabber-1.1.0-1.fc27.1 pidgin-2.13.0-1.fc27.1 python-slixmpp-1.3.0-5.fc27.1
155
https://bodhi.fedoraproject.org/updates/FEDORA-2018-200dba6b93
upower-0.99.8-1.fc27
119
https://bodhi.fedoraproject.org/updates/FEDORA-2018-05a68ea22e
geoclue2-2.4.11-1.fc27
99
https://bodhi.fedoraproject.org/updates/FEDORA-2018-20c3deae24
iproute-4.17.0-1.fc27
20
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cca4732a99
thunderbird-60.3.0-1.fc27
15
https://bodhi.fedoraproject.org/updates/FEDORA-2018-6c6faa135b
selinux-policy-3.13.1-284.38.fc27
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-fe24359b69 xen-4.9.3-3.fc27
7
https://bodhi.fedoraproject.org/updates/FEDORA-2018-399bce9f8f
libtiff-4.0.10-1.fc27
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b68776e5b0
kernel-headers-4.18.19-100.fc27 kernel-tools-4.18.19-100.fc27 kernel-4.18.19-100.fc27
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9b7d7a155b
flatpak-1.0.6-1.fc27
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-382362e255
firefox-63.0.3-1.fc27
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-a864e8515f
osinfo-db-20181116-1.fc27
The following builds have been pushed to Fedora 27 updates-testing
feh-2.28.1-1.fc27
gravity-beams-and-evaporating-stars-1.0-1.fc27
mate-user-guide-1.20.2-1.fc27
muParser-2.2.6-1.fc27
pluma-1.20.3-1.fc27
relval-2.4.1-1.fc27
tmux-2.8-2.fc27
webkitgtk4-2.22.4-1.fc27
Details about builds:
================================================================================
feh-2.28.1-1.fc27 (FEDORA-2018-248b379f78)
Fast command line image viewer using Imlib2
--------------------------------------------------------------------------------
Update Information:
- update to 2.28.1
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2018 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.28.1-1
- update to 2.28.1
--------------------------------------------------------------------------------
================================================================================
gravity-beams-and-evaporating-stars-1.0-1.fc27 (FEDORA-2018-5f6b200e82)
A game about hurling asteroids into the sun
--------------------------------------------------------------------------------
Update Information:
Update to upstream version 1.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2018 Artur Iwicki <fedora(a)svgames.pl> - 1.0-1
- Update to new upstream version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1652272 - core dumped on game start
https://bugzilla.redhat.com/show_bug.cgi?id=1652272
--------------------------------------------------------------------------------
================================================================================
mate-user-guide-1.20.2-1.fc27 (FEDORA-2018-f1abd381f1)
User Guide for MATE desktop
--------------------------------------------------------------------------------
Update Information:
- update to 1.20.2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2018 Wolfgang Ulbrich <fedora(a)raveit.de> - 1.20.2-1
- update to 1.20.2
--------------------------------------------------------------------------------
================================================================================
muParser-2.2.6-1.fc27 (FEDORA-2018-c5b835806b)
A fast math parser library
--------------------------------------------------------------------------------
Update Information:
- new upstream release 2.2.6 ---- - rebuilt to fix FTBFS rhbz #1604900
#1316595 and #1448721
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 20 2018 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.2.6-1
- new upstream release 2.2.6
* Tue Nov 20 2018 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.2.5-8
- rebuilt to fix FTBFS rhbz #1604900 #1316595 and #1448721
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.2.5-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Feb 8 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.2.5-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1604900 - muParser: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604900
[ 2 ] Bug #1316595 - muParser-v2.2.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1316595
[ 3 ] Bug #1448721 - [muParser] Upgrade to version 2.2.5 on epel7
https://bugzilla.redhat.com/show_bug.cgi?id=1448721
--------------------------------------------------------------------------------
================================================================================
pluma-1.20.3-1.fc27 (FEDORA-2018-b51ac73257)
Text editor for the MATE desktop
--------------------------------------------------------------------------------
Update Information:
- update to 1.20.3
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2018 Wolfgang Ulbrich <fedora(a)raveit.de> - 1.20.3-1
- update to 1.20.3
--------------------------------------------------------------------------------
================================================================================
relval-2.4.1-1.fc27 (FEDORA-2018-d8a079aad0)
Tool for interacting with Fedora QA wiki pages
--------------------------------------------------------------------------------
Update Information:
This update fixes a bug introduced in 2.4.0 which broke `relval compose --cid`
(it would always fail, complaining you had passed both `--release` and `--cid`,
when you didn't).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2018 Adam Williamson <awilliam(a)redhat.com> - 2.4.1-1
- New release 2.4.1: fix broken `compose --cid` from 2.4.0 (#5)
--------------------------------------------------------------------------------
================================================================================
tmux-2.8-2.fc27 (FEDORA-2018-28b19d8c63)
A terminal multiplexer
--------------------------------------------------------------------------------
Update Information:
- fixes rhbz #1652128 and #1652127 - CVE-2018-19387 - tmux: NULL Pointer
Dereference in format_cb_pane_tabs in format.c
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2018 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.8-2
- fixes rhbz #1652128 CVE-2018-19387
- tmux: NULL Pointer Dereference in format_cb_pane_tabs in format.c
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1652127 - CVE-2018-19387 tmux: NULL Pointer Dereference in
format_cb_pane_tabs in format.c
https://bugzilla.redhat.com/show_bug.cgi?id=1652127
--------------------------------------------------------------------------------
================================================================================
webkitgtk4-2.22.4-1.fc27 (FEDORA-2018-65848eed6d)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
This update addresses the following vulnerability: *
[
CVE-2018-4345](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4345)
This update brings the following changes: * Fix a crash when using Cairo
versions between 1.15 and 1.16.0 * Fix the build with -DLOG_DISABLED=0. * Fix
the build with ENABLE_VIDEO=OFF and ENABLE_WEB_AUDIO=OFF. * Fix debug builds of
JavaScriptCore. * Fix several crashes and rendering issues. * Fix a memory leak
during media playback when using playbin3. * Fix portions of Web views not being
rendered after resizing. * Fix Resource Timing reporting for <iframe> elements.
* Fix the build with the remote Web Inspector disabled. * Fix the build on ARMv7
with NEON extensions. * Fix several crashes and rendering issues.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 22 2018 Tom���� Popela <tpopela(a)redhat.com> - 2.22.4-1
- Update to 2.22.4
* Mon Oct 29 2018 Tomas Popela <tpopela(a)redhat.com> - 2.22.3-1
- Update to 2.22.3
--------------------------------------------------------------------------------