The following Fedora 26 Security updates need testing:
Age URL
257
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7
docker-distribution-2.6.2-1.git48294d9.fc26
89
https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c
keycloak-httpd-client-install-0.8-1.fc26
76
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef
squid-4.0.23-1.fc26
51
https://bodhi.fedoraproject.org/updates/FEDORA-2018-db5041e661 bro-2.5.3-1.fc26
39
https://bodhi.fedoraproject.org/updates/FEDORA-2018-c967cee830
dovecot-2.2.34-1.fc26
35
https://bodhi.fedoraproject.org/updates/FEDORA-2018-122ea355a7
memcached-1.4.39-2.fc26
18
https://bodhi.fedoraproject.org/updates/FEDORA-2018-010396b4a2
chromium-65.0.3325.181-1.fc26
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814
thunderbird-52.7.0-1.fc26
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-922cc2fbaa
drupal8-8.3.9-1.fc26
11
https://bodhi.fedoraproject.org/updates/FEDORA-2018-6855fa237d
mod_http2-1.10.16-1.fc26
9
https://bodhi.fedoraproject.org/updates/FEDORA-2018-22b25bab31
httpd-2.4.33-2.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-97ad7e69c1
wordpress-4.9.5-1.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-81d3af3f36 koji-1.15.1-1.fc26
The following Fedora 26 Critical Path updates have yet to be approved:
Age URL
55
https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a
iproute-4.14.1-5.fc26
15
https://bodhi.fedoraproject.org/updates/FEDORA-2018-ab61ad2e1b
osinfo-db-20180325-1.fc26
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-d4cacdf9bc rpm-4.13.1-1.fc26
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814
thunderbird-52.7.0-1.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-81d3af3f36 koji-1.15.1-1.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2018-0787a0a775
python-productmd-1.11-2.fc26 pungi-4.1.23-1.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-3a53c9f749
libtalloc-2.1.13-1.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-200bbdfc76
vim-8.0.1666-1.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2018-d5f6e8a28a
python-beautifulsoup4-4.6.0-2.fc26.1
The following builds have been pushed to Fedora 26 updates-testing
cdargs-1.35-18.fc26
deja-dup-37.1-4.fc26
desktop-file-utils-0.23-8.fc26
digikam-5.9.0-1.fc26
freeipmi-1.6.1-1.fc26
gpxsee-5.6-1.fc26
jpegoptim-1.4.5-1.fc26
lollypop-0.9.403-3.fc26
pcs-0.9.160-2.fc26
pyhunspell-0.5.4-1.fc26
python-fedmsg-meta-fedora-infrastructure-0.24.0-1.fc26
python-pycryptodomex-3.6.0-2.fc26
sqlitebrowser-3.9.1-6.fc26
webkitgtk4-2.20.1-1.fc26
Details about builds:
================================================================================
cdargs-1.35-18.fc26 (FEDORA-2018-02ce5267e3)
The shell cd with bookmarks and browser
--------------------------------------------------------------------------------
Update Information:
Unorphaned
--------------------------------------------------------------------------------
================================================================================
deja-dup-37.1-4.fc26 (FEDORA-2018-35b38273b9)
Simple backup tool and frontend for duplicity
--------------------------------------------------------------------------------
Update Information:
ulimit fix for webgtk
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1556743 - [abrt] deja-dup: Gigacage::<lambda()>::operator()():
deja-dup-monitor killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1556743
--------------------------------------------------------------------------------
================================================================================
desktop-file-utils-0.23-8.fc26 (FEDORA-2018-b931933ce3)
Utilities for manipulating .desktop files
--------------------------------------------------------------------------------
Update Information:
This update adds 'font' to the list of registered media types, resolving [a
bug](https://bugzilla.redhat.com/show_bug.cgi?id=1564650) which broke `update-
desktop-database` when various packages that used this type were installed.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1564650 - Invalid syntax in
/usr/share/applications/org.gnome.font-viewer.desktop
https://bugzilla.redhat.com/show_bug.cgi?id=1564650
--------------------------------------------------------------------------------
================================================================================
digikam-5.9.0-1.fc26 (FEDORA-2018-a3db66a3d9)
A digital camera accessing & photo management application
--------------------------------------------------------------------------------
Update Information:
Digikam 5.9.0 release,
https://www.digikam.org/news/2018-03-25-5.9.0_release_announcement/
--------------------------------------------------------------------------------
================================================================================
freeipmi-1.6.1-1.fc26 (FEDORA-2018-6a96be3200)
IPMI remote console and system management software
--------------------------------------------------------------------------------
Update Information:
New upstream version of freeipmi (1.6.1)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1541578 - freeipmi-1.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1541578
--------------------------------------------------------------------------------
================================================================================
gpxsee-5.6-1.fc26 (FEDORA-2018-47c04282c6)
GPS log file viewer and analyzer
--------------------------------------------------------------------------------
Update Information:
News in version **5.6**: * Added WMS support * Several minor bugfixes and
improvements (mostly WMTS)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1565383 - gpxsee-5.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1565383
--------------------------------------------------------------------------------
================================================================================
jpegoptim-1.4.5-1.fc26 (FEDORA-2018-1773d72259)
Utility to optimize JPEG files
--------------------------------------------------------------------------------
Update Information:
v1.4.5 - fix `--overwrite` option, - better error reporting for `-d` option -
fix memcmp() potentially reading past end of buffer - some minor fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1562503 - jpegoptim-1.4.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1562503
--------------------------------------------------------------------------------
================================================================================
lollypop-0.9.403-3.fc26 (FEDORA-2018-f06389727c)
Music player for GNOME
--------------------------------------------------------------------------------
Update Information:
Changed RR from pyplast to python2-pylast ---- Add art_album.py.diff (BZ
#1562595) ---- Update to 0.9.403 ---- - Update lollypop-portal to 0.9.7
---- Update to 0.9.402 ---- Update to 0.9.401 ---- Update to 0.9.400
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1562595 - [abrt] lollypop: __on_save_artwork_tags():
art_album.py:432:__on_save_artwork_tags:GLib.GError: g_convert_error: L'URI
��sftp://bertof@192.168.1.42/mnt/1TB/Condivisa/Musica/Fondamentali/30%20Seconds%20To%20Mars%20-%20Kings%20and%20Queens.mp3��
non �� ...
https://bugzilla.redhat.com/show_bug.cgi?id=1562595
--------------------------------------------------------------------------------
================================================================================
pcs-0.9.160-2.fc26 (FEDORA-2018-ce5d7106d8)
Pacemaker Configuration System
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2018-1086 and CVE-2018-1079
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1557366 - CVE-2018-1086 pcs: Debug parameter removal bypass, allowing
information disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=1557366
[ 2 ] Bug #1550243 - CVE-2018-1079 pcs: Privilege escalation via authorized user
malicious REST call
https://bugzilla.redhat.com/show_bug.cgi?id=1550243
--------------------------------------------------------------------------------
================================================================================
pyhunspell-0.5.4-1.fc26 (FEDORA-2018-c4b84cad19)
Python bindings for hunspell
--------------------------------------------------------------------------------
Update Information:
update to 0.5.4 ---- Apply fix for encoding problem from upstream. (See:
https://github.com/blatinier/pyhunspell/issues/32) ---- update to 0.5.0
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-meta-fedora-infrastructure-0.24.0-1.fc26 (FEDORA-2018-60d27bd8f9)
Metadata providers for Fedora Infrastructure's fedmsg deployment
--------------------------------------------------------------------------------
Update Information:
Update to 0.24.0 Changelog is at:
https://github.com/fedora-
infra/fedmsg_meta_fedora_infrastructure/blob/develop/CHANGELOG.rst#0240
--------------------------------------------------------------------------------
================================================================================
python-pycryptodomex-3.6.0-2.fc26 (FEDORA-2018-e687c05bd5)
A self-contained cryptographic library for Python
--------------------------------------------------------------------------------
Update Information:
3.6.0 (8 April 2018) ======== New features ------------ * Introduced
``export_key`` and deprecated ``exportKey`` for DSA and RSA key objects. *
Ciphers and hash functions accept ``memoryview`` objects in input. * Added
support for SHA-512/224 and SHA-512/256. Resolved issues --------------- *
Reintroduced `Crypto.__version__` variable as in PyCrypto. * Fixed compilation
problem with MinGW.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1564320 - python-pycryptodomex-3.6.0x is available
https://bugzilla.redhat.com/show_bug.cgi?id=1564320
--------------------------------------------------------------------------------
================================================================================
sqlitebrowser-3.9.1-6.fc26 (FEDORA-2018-71c5320965)
Create, design, and edit SQLite database files
--------------------------------------------------------------------------------
Update Information:
This update fixes an issue where the sqlitebrowser application could not be
minimized when using certain desktop environments, among which gnome shell.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1565145 - sqlitebrowser locks workspace
https://bugzilla.redhat.com/show_bug.cgi?id=1565145
--------------------------------------------------------------------------------
================================================================================
webkitgtk4-2.20.1-1.fc26 (FEDORA-2018-4ae4ecee01)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
This update brings the following changes: * Improve error message when Gigacage
cannot allocate virtual memory. * Add missing WebKitWebProcessEnumTypes.h to
webkit-web-extension.h. * Improve web process memory monitor thresholds. * Fix
a web process crash when the web view is created and destroyed quickly. * Fix a
network process crash when load is cancelled while searching for stored HTTP
auth credentials. * Fix the build when ENABLE_VIDEO, ENABLE_WEB_AUDIO and
ENABLE_XSLT are disabled. * Fix several crashes and rendering issues.
Translation updates: * Brazilian Portuguese, Czech.
--------------------------------------------------------------------------------