The following Fedora 26 Security updates need testing: Age URL 258 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 90 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26 77 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef squid-4.0.23-1.fc26 52 https://bodhi.fedoraproject.org/updates/FEDORA-2018-db5041e661 bro-2.5.3-1.fc26 40 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c967cee830 dovecot-2.2.34-1.fc26 36 https://bodhi.fedoraproject.org/updates/FEDORA-2018-122ea355a7 memcached-1.4.39-2.fc26 19 https://bodhi.fedoraproject.org/updates/FEDORA-2018-010396b4a2 chromium-65.0.3325.181-1.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-922cc2fbaa drupal8-8.3.9-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6855fa237d mod_http2-1.10.16-1.fc26 10 https://bodhi.fedoraproject.org/updates/FEDORA-2018-22b25bab31 httpd-2.4.33-2.fc26 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-97ad7e69c1 wordpress-4.9.5-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ce5d7106d8 pcs-0.9.160-2.fc26
The following Fedora 26 Critical Path updates have yet to be approved: Age URL 56 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a iproute-4.14.1-5.fc26 16 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ab61ad2e1b osinfo-db-20180325-1.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d4cacdf9bc rpm-4.13.1-1.fc26 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3a53c9f749 libtalloc-2.1.13-1.fc26 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-200bbdfc76 vim-8.0.1666-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4ae4ecee01 webkitgtk4-2.20.1-1.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b931933ce3 desktop-file-utils-0.23-8.fc26 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d5f6e8a28a python-beautifulsoup4-4.6.0-2.fc26.1
The following builds have been pushed to Fedora 26 updates-testing
atril-1.18.5-1.fc26 babeld-1.8.1-1.fc26 bindfs-1.13.9-1.fc26 dippi-2.6.2-1.fc26 gdal-2.1.3-2.1.fc26 gerbv-2.6.2-1.fc26 gnupg2-2.2.6-1.fc26 golang-github-jackpal-gateway-1.0.4-0.2.gitcbcf4e3.fc26 ibus-typing-booster-1.5.36-1.fc26 jgraphx-3.6.0.0-3.fc26 js-jsroot-5.4.1-1.fc26 kernel-4.15.16-200.fc26 knot-2.6.6-1.fc26 mariadb-10.1.32-2.fc26 perl-Gtk2-Unique-0.05-19.fc26 python-fedmsg-meta-fedora-infrastructure-0.24.1-1.fc26 python-productmd-1.11-2.fc26 python-pypillowfight-0.2.4-1.fc26 rpkg-1.53-1.fc26 rubygem-rdoc-5.1.0-3.fc26 salt-2018.3.0-1.fc26
Details about builds:
================================================================================ atril-1.18.5-1.fc26 (FEDORA-2018-5015c9934d) Document viewer -------------------------------------------------------------------------------- Update Information:
- update to 1.18.5 --------------------------------------------------------------------------------
================================================================================ babeld-1.8.1-1.fc26 (FEDORA-2018-8395ce7ef1) Ad-hoc network routing daemon -------------------------------------------------------------------------------- Update Information:
1.8.1 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1564798 - babeld-1.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1564798 --------------------------------------------------------------------------------
================================================================================ bindfs-1.13.9-1.fc26 (FEDORA-2018-b5104be786) Fuse filesystem to mirror a directory -------------------------------------------------------------------------------- Update Information:
- update to new version 1.13.9 + spec cleanup / modernization --------------------------------------------------------------------------------
================================================================================ dippi-2.6.2-1.fc26 (FEDORA-2018-d582d88431) Calculate display info like DPI and aspect ratio -------------------------------------------------------------------------------- Update Information:
Update to version 2.6.2. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1565609 - dippi-2.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1565609 --------------------------------------------------------------------------------
================================================================================ gdal-2.1.3-2.1.fc26 (FEDORA-2018-78b9d2b164) GIS file format library -------------------------------------------------------------------------------- Update Information:
Solves build failure with package using gdal headers -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1565050 - GDAL: wrong declaration in /usr/include/gdal/gdal_priv.h (with patch) https://bugzilla.redhat.com/show_bug.cgi?id=1565050 --------------------------------------------------------------------------------
================================================================================ gerbv-2.6.2-1.fc26 (FEDORA-2018-07ccbb250d) Gerber file viewer from the gEDA toolkit -------------------------------------------------------------------------------- Update Information:
- new upstream release 2.6.2 fixes rhbz #1100403 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1100403 - gerbv-2.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1100403 --------------------------------------------------------------------------------
================================================================================ gnupg2-2.2.6-1.fc26 (FEDORA-2018-42a426b17e) Utility for secure communication and data storage -------------------------------------------------------------------------------- Update Information:
Minor update from upstream with fix for CVE-2018-9234 and other bug fixes. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1563931 - CVE-2018-9234 gnupg2: GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1563931 [ 2 ] Bug #1565387 - gnupg2-2.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1565387 --------------------------------------------------------------------------------
================================================================================ golang-github-jackpal-gateway-1.0.4-0.2.gitcbcf4e3.fc26 (FEDORA-2018-db0807622c) Discovering the address of a LAN gateway in go -------------------------------------------------------------------------------- Update Information:
Update to commit cbcf4e3. --------------------------------------------------------------------------------
================================================================================ ibus-typing-booster-1.5.36-1.fc26 (FEDORA-2018-afae367525) A completion input method -------------------------------------------------------------------------------- Update Information:
Update to 1.5.36 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #156435 - None https://bugzilla.redhat.com/show_bug.cgi?id=156435 --------------------------------------------------------------------------------
================================================================================ jgraphx-3.6.0.0-3.fc26 (FEDORA-2018-b3f8bee2e0) Java Graph Drawing Component -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2017-18197 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1550353 - CVE-2017-18197 jgraphx: XML External Entity (XXE) vulnerability in mxGraphViewImageReader.java:convert() https://bugzilla.redhat.com/show_bug.cgi?id=1550353 --------------------------------------------------------------------------------
================================================================================ js-jsroot-5.4.1-1.fc26 (FEDORA-2018-07107f4e98) JavaScript ROOT - Interactive numerical data analysis graphics -------------------------------------------------------------------------------- Update Information:
## Changes in 5.4.1 1. Fix - monitoring mode in draw.htm page 2. Fix - zooming in colz palette 3. Fix - support both 9.x and 10.x jsdom version in Node.js (#149) 4. Fix - draw axis main line with appropriate attributes (#150) 5. Fix - use axis color when drawing grids lines (#150) 6. Fix - when set pad logx/logy, reset existing user ranges in pad 7. Fix - avoid too deep calling stack when drawing many graphs or histos (#154) 8. Fix - correctly (re)draw tooltips on canvas with many subpads --------------------------------------------------------------------------------
================================================================================ kernel-4.15.16-200.fc26 (FEDORA-2018-4c99c98ee1) The Linux kernel -------------------------------------------------------------------------------- Update Information:
The 4.15.16 update contains a number of important fixes across the tree. --------------------------------------------------------------------------------
================================================================================ knot-2.6.6-1.fc26 (FEDORA-2018-ef84322263) High-performance authoritative DNS server -------------------------------------------------------------------------------- Update Information:
Knot DNS 2.6.6 (2018-04-11) =========================== Features: --------- - New EDNS option counters in the statistics module - New '+orphan' filter for the 'zone-purge' operation Improvements: ------------- - Reduced memory consuption of disabled statistics metrics - Some spelling fixes (Thanks to Daniel Kahn Gillmor) - Server no longer fails to start if MODULE_DIR doesn't exist - Configuration include doesn't fail if empty wildcard match - Added a configuration check for a problematical option combination Bugfixes: --------- - NSEC3 chain not re-created when SOA minimum TTL changed - Failed to start server if no template is configured - Possibly incorrect SOA serial upon changed zone reload with DNSSEC signing - Inaccurate outgoing zone transfer size in the log message - Invalid dname compression if empty question section - Missing EDNS in EMALF responses --------------------------------------------------------------------------------
================================================================================ mariadb-10.1.32-2.fc26 (FEDORA-2018-56ba65b633) A community developed branch of MySQL -------------------------------------------------------------------------------- Update Information:
Fixes #1540109 I'd love to get a feedback for this fix, to be sure it works fine. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1540109 - mariadb@.service for running multiple services checks wrong socket, db directory etc, failing the service https://bugzilla.redhat.com/show_bug.cgi?id=1540109 --------------------------------------------------------------------------------
================================================================================ perl-Gtk2-Unique-0.05-19.fc26 (FEDORA-2018-c6eb0045b6) Perl bindings for the C library "libunique" -------------------------------------------------------------------------------- Update Information:
This release fixes a crash when starting second program instance. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1560182 - Concurrent Gtk2::Unique execution causes shutter to crash https://bugzilla.redhat.com/show_bug.cgi?id=1560182 --------------------------------------------------------------------------------
================================================================================ python-fedmsg-meta-fedora-infrastructure-0.24.1-1.fc26 (FEDORA-2018-13bb0d559d) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information:
Update to 0.24.1 Changelog is at: https://github.com/fedora- infra/fedmsg_meta_fedora_infrastructure/blob/develop/CHANGELOG.rst#0241 --------------------------------------------------------------------------------
================================================================================ python-productmd-1.11-2.fc26 (FEDORA-2018-0787a0a775) Library providing parsers for metadata related to OS installation -------------------------------------------------------------------------------- Update Information:
New upstream release with support for working with metadata about modules. --------------------------------------------------------------------------------
================================================================================ python-pypillowfight-0.2.4-1.fc26 (FEDORA-2018-a705934690) Various image processing algorithms -------------------------------------------------------------------------------- Update Information:
New upstream release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1550759 - python-pypillowfight-0.2.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1550759 --------------------------------------------------------------------------------
================================================================================ rpkg-1.53-1.fc26 (FEDORA-2018-60cd44b116) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information:
## Changelog - Use NSVs and not build IDs with module-build-local --add-local- build (mprahl) - Fix docstring of test_module_build_local_with_skiptests (mprahl) - Add long_description to package (cqi) - Support local module builds when there are uncommitted changes (mprahl) - Fix clarifying error that occurs when mbs-manager is not installed (mprahl) - Add support for Module Stream Expansion (MBS API v2) (mprahl) - Show errors when a module build fails (mprahl) - Move full download url construction to separate method (frostyx) - Fix compose related params for container-build (lucarval) - Avoid calling /usr/bin/python in tests (miro) - Change default rpmlint configuration file (athoscr) - Use koji.grab_session_options() rather than opencoding it (cfergeau) ## Python 3 A Python 3 package is included in this release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1024823 - rpkg: Use Python 3 instead of Python 2 (and provide both python2-rpkg and python3-rpkg) https://bugzilla.redhat.com/show_bug.cgi?id=1024823 --------------------------------------------------------------------------------
================================================================================ rubygem-rdoc-5.1.0-3.fc26 (FEDORA-2018-49c0409931) RDoc produces HTML and command-line documentation for Ruby projects -------------------------------------------------------------------------------- Update Information:
Add missing rubygem(json) dependency. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1565960 - Missing rpm dependency - rubygem-json https://bugzilla.redhat.com/show_bug.cgi?id=1565960 --------------------------------------------------------------------------------
================================================================================ salt-2018.3.0-1.fc26 (FEDORA-2018-5df2ee84c6) A parallel remote execution system -------------------------------------------------------------------------------- Update Information:
Update to feature release 2018.3.0-1 ---- Update to feature release 2017.7.5-1 for Python 2 ---- Update to feature release 2017.7.4 --------------------------------------------------------------------------------