The following Fedora 27 Security updates need testing:
Age URL
272
https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27
204
https://bodhi.fedoraproject.org/updates/FEDORA-2018-8dc6395408
dpdk-17.08.2-1.fc27
167
https://bodhi.fedoraproject.org/updates/FEDORA-2018-3b33f65b01
nodejs-brace-expansion-1.1.11-1.fc27
159
https://bodhi.fedoraproject.org/updates/FEDORA-2018-a748acc219
unrtf-0.21.9-8.fc27
135
https://bodhi.fedoraproject.org/updates/FEDORA-2018-f6ccdeb750
mailman-2.1.21-9.fc27
135
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc864bb9e1
openslp-2.0.0-15.fc27
93
https://bodhi.fedoraproject.org/updates/FEDORA-2018-21ffebf41c
tomcat-8.0.53-1.fc27
93
https://bodhi.fedoraproject.org/updates/FEDORA-2018-e8533a3ef1
unixODBC-2.3.7-1.fc27
42
https://bodhi.fedoraproject.org/updates/FEDORA-2018-fc2ba807a6
xerces-c27-2.7.0-28.fc27
15
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4c0b99a9eb
drupal7-7.60-2.fc27
15
https://bodhi.fedoraproject.org/updates/FEDORA-2018-60c74d2b16
php-Smarty2-2.6.31-2.fc27
13
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cca4732a99
thunderbird-60.3.0-1.fc27
9
https://bodhi.fedoraproject.org/updates/FEDORA-2018-c73d257297
cabextract-1.9-1.fc27 libmspack-0.9.1-0.1.alpha.fc27
8
https://bodhi.fedoraproject.org/updates/FEDORA-2018-d05860129f
suricata-4.0.6-1.fc27
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-fe24359b69 xen-4.9.3-3.fc27
4
https://bodhi.fedoraproject.org/updates/FEDORA-2018-5201a9c4dc
kde-connect-1.3.3-1.fc27
3
https://bodhi.fedoraproject.org/updates/FEDORA-2018-0363fec36c
chromium-70.0.3538.77-4.fc27
3
https://bodhi.fedoraproject.org/updates/FEDORA-2018-7daf712625
flatpak-1.0.5-2.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-5743ef02a1
rubygem-rack-2.0.3-4.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4febd7f702
rubygem-i18n-0.7.0-6.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-190ecd2ef8 ruby-2.4.5-90.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-291f75cf0f
libconfuse-3.2.2-1.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4ce40afcb6
rubygem-loofah-2.0.3-6.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-6b10449b15
python-urllib3-1.24.1-2.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-399bce9f8f
libtiff-4.0.10-1.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-dbe9da512d
soundtouch-2.1.1-1.fc27
The following Fedora 27 Critical Path updates have yet to be approved:
Age URL
188
https://bodhi.fedoraproject.org/updates/FEDORA-2018-25d5c86330 libidn-1.34-2.fc27
mcabber-1.1.0-1.fc27.1 pidgin-2.13.0-1.fc27.1 python-slixmpp-1.3.0-5.fc27.1
148
https://bodhi.fedoraproject.org/updates/FEDORA-2018-200dba6b93
upower-0.99.8-1.fc27
112
https://bodhi.fedoraproject.org/updates/FEDORA-2018-05a68ea22e
geoclue2-2.4.11-1.fc27
93
https://bodhi.fedoraproject.org/updates/FEDORA-2018-20c3deae24
iproute-4.17.0-1.fc27
14
https://bodhi.fedoraproject.org/updates/FEDORA-2018-e093a9ce9c
hwdata-0.317-1.fc27
13
https://bodhi.fedoraproject.org/updates/FEDORA-2018-553390b29e
osinfo-db-20181101-1.fc27
13
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cca4732a99
thunderbird-60.3.0-1.fc27
9
https://bodhi.fedoraproject.org/updates/FEDORA-2018-6c6faa135b
selinux-policy-3.13.1-284.38.fc27
8
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9ead2a6776
firefox-63.0.1-5.fc27
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-fe24359b69 xen-4.9.3-3.fc27
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-ce9924c3ba
libdnf-0.11.1-2.fc27
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-537a8330dc vim-8.1.513-2.fc27
3
https://bodhi.fedoraproject.org/updates/FEDORA-2018-7daf712625
flatpak-1.0.5-2.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-399bce9f8f
libtiff-4.0.10-1.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-6b10449b15
python-urllib3-1.24.1-2.fc27
The following builds have been pushed to Fedora 27 updates-testing
ansifilter-2.12-1.fc27
colobot-0.1.11.1-6.fc27
community-mysql-5.7.24-1.fc27
fcgiwrap-1.1.0-7.20181108git99c942c.fc27
kernel-4.18.19-100.fc27
kernel-headers-4.18.19-100.fc27
kernel-tools-4.18.19-100.fc27
kio-extras-17.12.3-1.fc27.1
mariadb-10.2.19-1.fc27
mock-core-configs-29.3-1.fc27
pgadmin3-1.22.2-10.fc27
Details about builds:
================================================================================
ansifilter-2.12-1.fc27 (FEDORA-2018-ac3e5f0607)
ANSI terminal escape code converter
--------------------------------------------------------------------------------
Update Information:
- Updated to new 2.12 upstream version
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 15 2018 Filipe Rosset <rosset.filipe(a)gmail.com> - 2.12-1
- Updated to new 2.12 upstream version
--------------------------------------------------------------------------------
================================================================================
colobot-0.1.11.1-6.fc27 (FEDORA-2018-47c9bcc085)
A video game that teaches programming in a fun way
--------------------------------------------------------------------------------
Update Information:
New package - first build & update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1645852 - Review Request: colobot - A game for teaching programming
https://bugzilla.redhat.com/show_bug.cgi?id=1645852
--------------------------------------------------------------------------------
================================================================================
community-mysql-5.7.24-1.fc27 (FEDORA-2018-4ae94c8deb)
MySQL client programs and shared libraries
--------------------------------------------------------------------------------
Update Information:
**MySQL 5.7.24** Release notes:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-24.html CVEs fixed:
CVE-2018-3276 CVE-2018-3200 CVE-2018-3284 CVE-2018-3173 CVE-2018-3162
CVE-2018-3247 CVE-2018-3156 CVE-2018-3161 CVE-2018-3278 CVE-2018-3282
CVE-2018-3187 CVE-2018-3277 CVE-2018-3144 CVE-2018-3133 CVE-2018-3143
CVE-2018-3283 CVE-2018-3171 CVE-2018-3251 CVE-2018-3185 CVE-2018-3155
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 14 2018 Michal Schorm <mschorm(a)redhat.com> - 5.7.24-1
- Rebase to 5.7.24 version
- CVE fixes: #1640559
CVE-2018-3276 CVE-2018-3200 CVE-2018-3284 CVE-2018-3173 CVE-2018-3162
CVE-2018-3247 CVE-2018-3156 CVE-2018-3161 CVE-2018-3278 CVE-2018-3282
CVE-2018-3187 CVE-2018-3277 CVE-2018-3144 CVE-2018-3133 CVE-2018-3143
CVE-2018-3283 CVE-2018-3171 CVE-2018-3251 CVE-2018-3185 CVE-2018-3155
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1640559 - CVE-2018-3133 CVE-2018-3143 CVE-2018-3144 CVE-2018-3155
CVE-2018-3156 CVE-2018-3161 CVE-2018-3162 CVE-2018-3171 CVE-2018-3173 CVE-2018-3185
CVE-2018-3187 CVE-2018-3200 CVE-2018-3247 CVE-2018-3251 ... community-mysql: various flaws
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1640559
--------------------------------------------------------------------------------
================================================================================
fcgiwrap-1.1.0-7.20181108git99c942c.fc27 (FEDORA-2018-19296d2898)
Simple FastCGI wrapper for CGI scripts
--------------------------------------------------------------------------------
Update Information:
Feedback from fedora package review
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1645811 - Review Request: fcgiwrap - Simple FastCGI wrapper for CGI scripts
https://bugzilla.redhat.com/show_bug.cgi?id=1645811
--------------------------------------------------------------------------------
================================================================================
kernel-4.18.19-100.fc27 (FEDORA-2018-b68776e5b0)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
This is an update to the v4.18.19 stable kernel and includes fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 14 2018 Jeremy Cline <jcline(a)redhat.com> - 4.18.19-100
- Linux v4.18.19
* Wed Nov 14 2018 Jeremy Cline <jcline(a)redhat.com>
- Fix CVE-2018-18710 (rhbz 1645140 1648485)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1645140 - CVE-2018-18710 kernel: Information leak in cdrom_ioctl_select_disc
in drivers/cdrom/cdrom.c
https://bugzilla.redhat.com/show_bug.cgi?id=1645140
--------------------------------------------------------------------------------
================================================================================
kernel-headers-4.18.19-100.fc27 (FEDORA-2018-b68776e5b0)
Header files for the Linux kernel for use by glibc
--------------------------------------------------------------------------------
Update Information:
This is an update to the v4.18.19 stable kernel and includes fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 14 2018 Jeremy Cline <jcline(a)redhat.com> - 4.18.19-100
- Linux v4.18.19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1645140 - CVE-2018-18710 kernel: Information leak in cdrom_ioctl_select_disc
in drivers/cdrom/cdrom.c
https://bugzilla.redhat.com/show_bug.cgi?id=1645140
--------------------------------------------------------------------------------
================================================================================
kernel-tools-4.18.19-100.fc27 (FEDORA-2018-b68776e5b0)
Assortment of tools for the Linux kernel
--------------------------------------------------------------------------------
Update Information:
This is an update to the v4.18.19 stable kernel and includes fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 14 2018 Jeremy Cline <jeremy(a)jcline.org> - 4.18.19-100
- Linux v4.18.19
* Mon Nov 5 2018 Laura Abbott <labbott(a)redhat.com> - 4.18.17-100
- Linux v4.18.17
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1645140 - CVE-2018-18710 kernel: Information leak in cdrom_ioctl_select_disc
in drivers/cdrom/cdrom.c
https://bugzilla.redhat.com/show_bug.cgi?id=1645140
--------------------------------------------------------------------------------
================================================================================
kio-extras-17.12.3-1.fc27.1 (FEDORA-2018-50eceed44a)
Additional components to increase the functionality of KIO Framework
--------------------------------------------------------------------------------
Update Information:
Drop -htmlthumbnailer, it has security implications and didn't work all that
well.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 15 2018 Rex Dieter <rdieter(a)fedoraproject.org> - 17.12.3-1.1
- drop -htmlthumbnail: CVE-2018-19120 kio-extras: HTML Thumbnailer automatic remote file
access (#1649421)
* Mon Apr 2 2018 Rex Dieter <rdieter(a)fedoraproject.org> - 17.12.3-1
- 17.12.3
- %check: skip tests, seem to be hanging despite setting 10s timeout
- use %ldconfig_scriptlets
* Thu Feb 8 2018 Rex Dieter <rdieter(a)fedoraproject.org> - 17.12.2-1
- 17.12.2
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 17.12.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1649420 - CVE-2018-19120 kio-extras: HTML Thumbnailer automatic remote file
access
https://bugzilla.redhat.com/show_bug.cgi?id=1649420
--------------------------------------------------------------------------------
================================================================================
mariadb-10.2.19-1.fc27 (FEDORA-2018-192148f4ff)
A community developed branch of MySQL
--------------------------------------------------------------------------------
Update Information:
**MariaDB 10.2.19** Release notes:
https://mariadb.com/kb/en/library/mariadb-10219-release-notes/ CVEs fixed:
CVE-2018-3282 CVE-2016-9843 CVE-2018-3174 CVE-2018-3143 CVE-2018-3156
CVE-2018-3251 CVE-2018-3185 CVE-2018-3277 CVE-2018-3162 CVE-2018-3173
CVE-2018-3200 CVE-2018-3284 Aditional notes: As per the upstream MariaDB
Deprecation Policy, this will be the last release of MariaDB 10.2 supporting
Fedora 27
--------------------------------------------------------------------------------
ChangeLog:
* Wed Nov 14 2018 Michal Schorm <mschorm(a)redhat.com> - 3:10.2.19-1
- Rebase to 10.2.19
- CVEs fixed:
CVE-2018-3282 CVE-2016-9843 CVE-2018-3174 CVE-2018-3143 CVE-2018-3156
CVE-2018-3251 CVE-2018-3185 CVE-2018-3277 CVE-2018-3162 CVE-2018-3173
CVE-2018-3200 CVE-2018-3284
* Fri Oct 19 2018 Michal Schorm <mschorm(a)redhat.com> - 3:10.2.18-2
- Fix parallel installability for x86_64 and i686 devel packages on F<=27
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1625157 - mariadb-devel i686 and x86_64 packages conflict
https://bugzilla.redhat.com/show_bug.cgi?id=1625157
--------------------------------------------------------------------------------
================================================================================
mock-core-configs-29.3-1.fc27 (FEDORA-2018-e3c3a22d00)
Mock core config files basic chroots
--------------------------------------------------------------------------------
Update Information:
mock-core-configs: - add rhelbeta-8-* configs - move EOLed configs to
/etc/mock/eol directory - Add source repos to all fedora configs
(sfowler(a)redhat.com) - add epel-7-ppc64.cfg distribution-gpg-keys: - update
copr keys - add RPM-GPG-KEY-redhat8-beta key - add RPM-GPG-KEY-redhat-auxiliary2
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 15 2018 Miroslav Such�� <msuchy(a)redhat.com> 29.3-1
- add rhelbeta-8-* configs
- move EOLed configs to /etc/mock/eol directory
- Add source repos to all fedora configs (sfowler(a)redhat.com)
- add epel-7-ppc64.cfg
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1637059 - epel-7-ppc64 config is missing despite ppc64 being a supported EL7
target
https://bugzilla.redhat.com/show_bug.cgi?id=1637059
--------------------------------------------------------------------------------
================================================================================
pgadmin3-1.22.2-10.fc27 (FEDORA-2018-adb03c4283)
Graphical client for PostgreSQL
--------------------------------------------------------------------------------
Update Information:
Really include the experimental PG10 support promised last release. For f28 and
f29, compile with compat-wxGTK3-gtk2, which might fix some of the wx crashes
(but I don't know which ones as I haven't reproduced any of the reports).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 8 2018 Scott Talbert <swt(a)techie.net> - 1.22.2-10
- Restore missing patch for PG10
- Build with wxWidgets 3.0 on F30+ only
- Build with wxWidgets 3.0 and gtk2 compatibility on F27-F29
* Wed Nov 7 2018 Scott Talbert <swt(a)techie.net> - 1.22.2-9
- Rebuild with wxWidgets 3.0
--------------------------------------------------------------------------------