The following Fedora 26 Security updates need testing:
Age URL
141
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7
docker-distribution-2.6.2-1.git48294d9.fc26
70
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e6f4f95e6 ruby-2.4.2-84.fc26
33
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3915878e18 ldns-1.7.0-4.fc26
33
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f87ce166c5
chromium-62.0.3202.89-1.fc26
16
https://bodhi.fedoraproject.org/updates/FEDORA-2017-774e7863a4
mongodb-3.4.10-1.fc26
12
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7bac3ba7c3
qpid-cpp-1.37.0-1.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-bce9e03721 tor-0.3.1.9-1.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5cdad4163
libvirt-3.2.1-7.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-018464cbf9
optipng-0.7.6-6.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d6402c8005
evince-3.24.2-2.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2d441a1d98
python26-2.6.9-7.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf8c62747a
python35-3.5.4-2.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1dc71e1acd
shellinabox-2.20-5.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e0abe14016
python34-3.4.7-2.fc26
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-bf172b2035
lynx-2.8.9-0.20.dev16.fc26
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7fe2c4bc0e
python33-3.3.7-2.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f3270406c
libextractor-1.6-2.fc26
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-26c3ab48e4
wayland-1.13.0-3.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-38fbcdffc3
asterisk-13.18.4-1.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-80c6b4d3be
sensible-utils-0.0.11-1.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-aa4cc10bde
qt5-qtbase-5.9.2-6.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-16a414b3c5 xen-4.8.2-9.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2962e58478
heimdal-7.5.0-1.fc26
The following Fedora 26 Critical Path updates have yet to be approved:
Age URL
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5cdad4163
libvirt-3.2.1-7.fc26
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d2a756133
libsmbios-2.3.3-2.fc26
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b74d9063ca
python2-2.7.14-4.fc26
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5ac57e518
selinux-policy-3.13.1-260.18.fc26
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-26c3ab48e4
wayland-1.13.0-3.fc26
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7ba1f5a232
kernel-4.14.5-200.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-16a414b3c5 xen-4.8.2-9.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b1ce6bb43a audit-2.8.2-1.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-aa4cc10bde
qt5-qtbase-5.9.2-6.fc26
The following builds have been pushed to Fedora 26 updates-testing
audit-2.8.2-1.fc26
avogadro2-1.90.0-7.fc26
avogadro2-libs-1.90.0-11.fc26
ckeditor-4.8.0-1.fc26
dpdk-17.02-3.fc26
drupal7-drafty-1.0-0.5.rc1.fc26
heimdal-7.5.0-1.fc26
julia-0.6.2-1.fc26
nordugrid-arc-5.4.2-1.fc26
nordugrid-arc-doc-2.0.19-1.fc26
perl-Algorithm-Loops-1.032-1.fc26
php-erusev-parsedown-1.6.4-1.fc26
php-jms-serializer-1.10.0-1.fc26
pymol-1.8.6-4.20170314svn4170.fc26
qt5-qtbase-5.9.2-6.fc26
qupzilla-2.2.2-1.fc26
rsyslog-8.31.0-2.fc26
spglib-1.10.2-1.fc26
waiverdb-0.4.0-2.fc26
xen-4.8.2-9.fc26
Details about builds:
================================================================================
audit-2.8.2-1.fc26 (FEDORA-2017-b1ce6bb43a)
User space tools for 2.6 kernel auditing
--------------------------------------------------------------------------------
Update Information:
This is a bugfix release which updates tables to match the 4.14 kernel, fixes
ipv6 socket binding, fixes auditctl --reset-lost command, corrects the
expr_create_timestamp_comparison_ex function in libauparse, and fixes building
on old systems without linux/fanotify.h.
--------------------------------------------------------------------------------
================================================================================
avogadro2-1.90.0-7.fc26 (FEDORA-2017-b87c69ab59)
Advanced molecular editor
--------------------------------------------------------------------------------
Update Information:
- Update to spglib-1.10.2 - Fix dependencies
--------------------------------------------------------------------------------
================================================================================
avogadro2-libs-1.90.0-11.fc26 (FEDORA-2017-b87c69ab59)
Avogadro2 libraries
--------------------------------------------------------------------------------
Update Information:
- Update to spglib-1.10.2 - Fix dependencies
--------------------------------------------------------------------------------
================================================================================
ckeditor-4.8.0-1.fc26 (FEDORA-2017-cf0ead6db8)
WYSIWYG text editor to be used inside web pages
--------------------------------------------------------------------------------
Update Information:
## CKEditor 4.8 ### Important Notes * [#1249](https://github.com/ckeditor
/ckeditor-dev/issues/1249): Enabled the [Upload
Image](https://ckeditor.com/cke4/addon/uploadimage) plugin by default in
standard and full presets. Also, it will no longer log an error in case of
missing [`config.imageUploadUrl`](https://docs.ckeditor.com/ckeditor4/docs/#!/ap
i/CKEDITOR.config-cfg-imageUploadUrl) property. ### New Features *
[#933](https://github.com/ckeditor/ckeditor-dev/issues/933): Introduced [Balloon
Toolbar](https://ckeditor.com/cke4/addon/balloontoolbar) plugin. *
[#662](https://github.com/ckeditor/ckeditor-dev/issues/662): Introduced image
inlining for the [Paste from
Word](https://ckeditor.com/cke4/addon/pastefromword) plugin. *
[#468](https://github.com/ckeditor/ckeditor-dev/issues/468): [Edge] Introduced
support for the Clipboard API. * [#607](https://github.com/ckeditor/ckeditor-
dev/issues/607): Manually inserted Hex color is prefixed with a hash character
(`#`) if needed. It ensures a valid Hex color value is used when setting the
table cell border or background color with the [Color
Dialog](https://ckeditor.com/cke4/addon/colordialog) window. *
[#584](https://github.com/ckeditor/ckeditor-dev/issues/584): [Font size and
Family](https://ckeditor.com/cke4/addon/font) and
[
Format](https://ckeditor.com/cke4/addon/format) drop-downs are not toggleable
anymore. Default option to reset styles added. *
[#856](https://github.com/ckeditor/ckeditor-dev/issues/856): Introduced the [`CK
EDITOR.tools.keystrokeToArray`](https://docs.ckeditor.com/ckeditor4/docs/...
CKEDITOR.tools-method-keystrokeToArray) method. It converts a keystroke into its
string representation, returning every key name as a separate array element. *
[#1053](https://github.com/ckeditor/ckeditor-dev/issues/1053): Introduced the [`
CKEDITOR.tools.object.merge`](https://docs.ckeditor.com/ckeditor4/docs/#!...
EDITOR.tools.object-method-merge) method. It allows to merge two objects,
returning the new object with all properties from both objects deeply cloned. *
[#1073](https://github.com/ckeditor/ckeditor-dev/issues/1073): Introduced the [`
CKEDITOR.tools.array.every`](https://docs.ckeditor.com/ckeditor4/docs/#!/...
DITOR.tools.array-method-every) method. It invokes a given test function on
every array element and returns `true` if all elements pass the test. ### Fixed
Issues * [#796](https://github.com/ckeditor/ckeditor-dev/issues/796): Fixed: A
list is pasted from OneNote in the reversed order. *
[#834](https://github.com/ckeditor/ckeditor-dev/issues/834): [IE9-11] Fixed: The
editor does not save the selected state of radio buttons inserted by the [Form
Elements](https://ckeditor.com/cke4/addon/forms) plugin. *
[#704](https://github.com/ckeditor/ckeditor-dev/issues/704): [Edge] Fixed: Using
<kbd>Ctrl</kbd>/<kbd>Cmd</kbd> + <kbd>Z</kbd> breaks
widget structure. *
[#591](https://github.com/ckeditor/ckeditor-dev/issues/591): Fixed: A column is
inserted in a wrong order inside the table if any cell has a vertical split. *
[#787](https://github.com/ckeditor/ckeditor-dev/issues/787): Fixed: Using Cut
inside a nested table does not cut the selected content. *
[#842](https://github.com/ckeditor/ckeditor-dev/issues/842): Fixed: List style
not restored when toggling list indent level in the [Indent
List](https://ckeditor.com/cke4/addon/indentlist) plugin. *
[#711](https://github.com/ckeditor/ckeditor-dev/issues/711): Fixed: Dragging
widgets should only work with the left mouse button. *
[#862](https://github.com/ckeditor/ckeditor-dev/issues/862): Fixed: The "Object
Styles" group in the [Styles
Combo](https://ckeditor.com/cke4/addon/stylescombo)
plugin is visible only if the whole element is selected. *
[#994](https://github.com/ckeditor/ckeditor-dev/pull/994): Fixed: Typo in the [`
CKEDITOR.focusManager.focus`](https://docs.ckeditor.com/ckeditor4/docs/#!...
EDITOR.focusManager-method-focus) API documentation. Thanks to
[
benjy](https://github.com/benjy)! * [#1014](https://github.com/ckeditor
/ckeditor-dev/issues/1014): Fixed: The [Table
Tools](https://ckeditor.com/cke4/addon/tabletools) Cell Properties dialog is now
[Advanced Content
Filter](https://docs.ckeditor.com/ckeditor4/docs/#!/guide/dev_acf) aware —
it is not possible to change the cell width or height if corresponding styles
are disabled. * [#877](https://github.com/ckeditor/ckeditor-dev/issues/877):
Fixed: A list with custom bullets with exotic characters crashes the editor when
[pasted from
Word](https://ckeditor.com/cke4/addon/pastefromword). *
[#605](https://github.com/ckeditor/ckeditor-dev/issues/605): Fixed: Inline
widgets do not preserve trailing spaces. * [#1008](https://github.com/ckeditor
/ckeditor-dev/issues/1008): Fixed: Shorthand Hex colors from the [`config.colorB
utton_colors`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.c...
cfg-colorButton_colors) option are not correctly highlighted in the [Color
Button](https://ckeditor.com/cke4/addon/colorbutton) Text Color or Background
Color panel. * [#1094](https://github.com/ckeditor/ckeditor-dev/issues/1094):
Fixed: Widget definition [`upcast`](https://docs.ckeditor.com/ckeditor4/docs/#!/
api/CKEDITOR.plugins.widget.definition-property-upcasts) methods are called for
every element. * [#1057](https://github.com/ckeditor/ckeditor-dev/issues/1057):
Fixed: The [
Notification](https://ckeditor.com/addon/notification) plugin
overwrites Web Notifications API due to leakage to the global scope. *
[#1068](https://github.com/ckeditor/ckeditor-dev/issues/1068): Fixed: Upload
widget paste listener ignores changes to the [`uploadWidgetDefinition`](https://
docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.fileTools.uploadWidgetDe...
n). * [#921](https://github.com/ckeditor/ckeditor-dev/issues/921): Fixed: [Edge]
CKEditor erroneously perceives internal copy and paste as type "external". *
[#1213](https://github.com/ckeditor/ckeditor-dev/issues/1213): Fixed: Multiple
images uploaded using [Upload
Image](https://ckeditor.com/cke4/addon/uploadimage) plugin are randomly
duplicated or mangled. * [#532](https://github.com/ckeditor/ckeditor-
dev/issues/532): Fixed: Removed an outdated user guide link from the
[
About](https://ckeditor.com/cke4/addon/about) dialog. *
[#1221](https://github.com/ckeditor/ckeditor-dev/issues/1221): Fixed: Invalid
CSS loaded by [Balloon
Panel](https://ckeditor.com/cke4/addon/balloonpanel)
plugin when
[`config.skin`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.config-
cfg-skin) is loaded using a custom path. * [#522](https://github.com/ckeditor
/ckeditor-dev/issues/522): Fixed: Widget selection is not removed when widget is
inside table cell with [Table
Selection](https://ckeditor.com/cke4/addon/tableselection) plugin enabled. *
[#1027](https://github.com/ckeditor/ckeditor-dev/issues/1027): Fixed: Cannot add
multiple images to the table with [Table
Selection](https://ckeditor.com/cke4/addon/tableselection) plugin in certain
situations. * [#1069](https://github.com/ckeditor/ckeditor-dev/issues/1069):
Fixed: Wrong shape processing by [Paste from
Word](https://ckeditor.com/cke4/addon/pastefromword) plugin. *
[#995](https://github.com/ckeditor/ckeditor-dev/issues/995): Fixed: Hyperlinked
image gets inserted twice by [Paste from
Word](https://ckeditor.com/cke4/addon/pastefromword) plugin. *
[#1287](https://github.com/ckeditor/ckeditor-dev/issues/1287): Fixed:
[
Widget](https://ckeditor.com/cke4/addon/widget) plugin throws exception if
included in editor build but not loaded into editor's instance. ### API Changes
* [#1097](https://github.com/ckeditor/ckeditor-dev/issues/1097): Widget [`upcast
`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.plugins.widget
.definition-property-upcast) methods are now called in the [widget
definition's](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITO...
.widget-property-definition) context. * [#1118](https://github.com/ckeditor
/ckeditor-dev/issues/1118): Added the `show` option in the [`balloonPanel.attach
`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.ui.balloonPanel-
method-attach) method, allowing to attach a hidden [Balloon
Panel](https://ckeditor.com/cke4/addon/balloonpanel) instance. *
[#1145](https://github.com/ckeditor/ckeditor-dev/issues/1145): Added the [`skipN
otifications`](https://docs.ckeditor.com/ckeditor4/docs/#!/api/CKEDITOR.f...
s.uploadWidgetDefinition-property-skipNotifications) option to the [`CKEDITOR.fi
leTools.uploadWidgetDefinition`](https://docs.ckeditor.com/ckeditor4/docs...
/CKEDITOR.fileTools.uploadWidgetDefinition), allowing to switch off default
notifications displayed by upload widgets. ### Other Changes *
[#815](https://github.com/ckeditor/ckeditor-dev/issues/815): Removed Node.js
dependency from the CKEditor build script. * [#1041](https://github.com/ckeditor
/ckeditor-dev/pull/1041), [#1131](https://github.com/ckeditor/ckeditor-
dev/issues/1131): Updated URLs pointing to [
CKSource](https://cksource.com/) and
[
CKEditor](https://ckeditor.com/) resources after the launch of new websites.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1525735 - ckeditor-4.8.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1525735
--------------------------------------------------------------------------------
================================================================================
dpdk-17.02-3.fc26 (FEDORA-2017-ffea668db3)
Set of libraries and drivers for fast packet processing
--------------------------------------------------------------------------------
Update Information:
Fix dangling symlinks
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1526051 - Broken links installing dpdk-tools
https://bugzilla.redhat.com/show_bug.cgi?id=1526051
--------------------------------------------------------------------------------
================================================================================
drupal7-drafty-1.0-0.5.rc1.fc26 (FEDORA-2017-85246d2c5a)
Facilitates handling of draft revisions
--------------------------------------------------------------------------------
Update Information:
* [
7.x-1.0-rc1](https://www.drupal.org/project/drafty/releases/7.x-1.0-rc1)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1511721 - drupal7-drafty-1.0-rc1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1511721
--------------------------------------------------------------------------------
================================================================================
heimdal-7.5.0-1.fc26 (FEDORA-2017-2962e58478)
A Kerberos 5 implementation without export restrictions
--------------------------------------------------------------------------------
Update Information:
Update to 7.5.0 GA release (CVE-2017-17439)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1524546 - CVE-2017-17439 heimdal: NULL pointer dereference via crafted UDP
packets
https://bugzilla.redhat.com/show_bug.cgi?id=1524546
--------------------------------------------------------------------------------
================================================================================
julia-0.6.2-1.fc26 (FEDORA-2017-6b2af86d61)
High-level, high-performance dynamic language for technical computing
--------------------------------------------------------------------------------
Update Information:
New upstream release.
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc-5.4.2-1.fc26 (FEDORA-2017-69913c6911)
Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:
ARC Release 15.03u18
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc-doc-2.0.19-1.fc26 (FEDORA-2017-69913c6911)
Advanced Resource Connector Documentation
--------------------------------------------------------------------------------
Update Information:
ARC Release 15.03u18
--------------------------------------------------------------------------------
================================================================================
perl-Algorithm-Loops-1.032-1.fc26 (FEDORA-2017-f5d200ddd4)
Perl module for looping constructs
--------------------------------------------------------------------------------
Update Information:
Specfile autogenerated by cpanspec 1.78.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1522917 - Review Request: perl-Algorithm-Loops - Perl module for looping
constructs
https://bugzilla.redhat.com/show_bug.cgi?id=1522917
--------------------------------------------------------------------------------
================================================================================
php-erusev-parsedown-1.6.4-1.fc26 (FEDORA-2017-8fa5664073)
Markdown parser in PHP
--------------------------------------------------------------------------------
Update Information:
## 1.6.4 Use `PHPUnit\Framework\TestCase` instead of
`PHPUnit_Framework_TestCase`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1513209 - php-erusev-parsedown-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1513209
--------------------------------------------------------------------------------
================================================================================
php-jms-serializer-1.10.0-1.fc26 (FEDORA-2017-ebf7c3bf59)
Library for (de-)serializing data of any complexity
--------------------------------------------------------------------------------
Update Information:
## [
1.10.0](https://github.com/schmittjoh/serializer/tree/1.10.0) **Implemented
enhancements:** - support PSR-11 compatible DI containers
[\#844](https://github.com/schmittjoh/serializer/pull/844)
([
xabbuh](https://github.com/xabbuh)) **Closed issues:** - Serialize using
jsonSerialize\(\) if object implements JsonSerializable
[\#846](https://github.com/schmittjoh/serializer/issues/846) - ExclusionStrategy
backward compatibility break
[\#843](https://github.com/schmittjoh/serializer/issues/843) - @MaxDepth jms
/serializer-bundle 2.2
[\#842](https://github.com/schmittjoh/serializer/issues/842) ##
[
1.9.2](https://github.com/schmittjoh/serializer/tree/1.9.2) (2017-11-22)
**Fixed bugs:** - Missing ClassMetadata deserialization data
[\#841](https://github.com/schmittjoh/serializer/pull/841)
([
TristanMogwai](https://github.com/TristanMogwai)) **Closed issues:** -
DateTime format documentation
[\#836](https://github.com/schmittjoh/serializer/issues/836) - Deserialization
not working with camelCase
[\#831](https://github.com/schmittjoh/serializer/issues/831) **Merged pull
requests:** - Fix documentation syntax errors on available types
[\#839](https://github.com/schmittjoh/serializer/pull/839) ([andy-
morgan](https://github.com/andy-morgan)) - Improve documentation about default
DateTime format [\#838](https://github.com/schmittjoh/serializer/pull/838)
([
enumag](https://github.com/enumag)) ##
[
1.9.1](https://github.com/schmittjoh/serializer/tree/1.9.1) (2017-10-27)
**Fixed bugs:** - Dynamic exclusion strategy, Variable "object" is not valid
[\#826](https://github.com/schmittjoh/serializer/issues/826) **Closed issues:**
- Allow DateTime or Null
[\#779](https://github.com/schmittjoh/serializer/issues/779) **Merged pull
requests:** - Alow to use "object" var in expressions when deserializing
[\#827](https://github.com/schmittjoh/serializer/pull/827)
([
goetas](https://github.com/goetas))
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1508429 - php-jms-serializer-1.10.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1508429
--------------------------------------------------------------------------------
================================================================================
pymol-1.8.6-4.20170314svn4170.fc26 (FEDORA-2017-61e54e396e)
PyMOL Molecular Graphics System
--------------------------------------------------------------------------------
Update Information:
closes BZ 1359812, pull request
https://src.fedoraproject.org/rpms/pymol/pull-
request/1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1359812 - pymol: pymol requires both Python 2 and Python 3
https://bugzilla.redhat.com/show_bug.cgi?id=1359812
--------------------------------------------------------------------------------
================================================================================
qt5-qtbase-5.9.2-6.fc26 (FEDORA-2017-aa4cc10bde)
Qt5 - QtBase components
--------------------------------------------------------------------------------
Update Information:
Security fix for QDnsLookup crash on unix when DNS response is over 512 bytes,
see also
https://bugreports.qt.io/browse/QTBUG-64742
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1518958 - qt5-qtbase: qt: Out of bounds read in QDnsLookup in
src/network/kernel/qdnslookup_unix.cpp [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1518958
--------------------------------------------------------------------------------
================================================================================
qupzilla-2.2.2-1.fc26 (FEDORA-2017-e98506abb7)
Modern web browser
--------------------------------------------------------------------------------
Update Information:
An update of QupZilla to the latest upstream bugfix release, version 2.2.2: *
updated available user agent strings * added support for "font" option in
AdBlock * fix showing irrelevant domain completions in locationbar * fix showing
site icons on some systems * fix clearing visited links when clearing history *
fix using system network proxy configuration * fix saving window geometry when
closing app with Ctrl+Q shortcut * fix various issues with web page not being
focused after restoring session * fix AutoScroll plugin not being able to scroll
to all directions in some cases * add StartupWMClass to desktop file
--------------------------------------------------------------------------------
================================================================================
rsyslog-8.31.0-2.fc26 (FEDORA-2017-f95aa5ab0c)
Enhanced system logging and kernel message trapping daemon
--------------------------------------------------------------------------------
Update Information:
Dependency change in mongodb module. added: mongo-c-driver-devel snappy-devel
cyrus-sasl-devel removed: libmongo-client libmongo-client is depricated
--------------------------------------------------------------------------------
================================================================================
spglib-1.10.2-1.fc26 (FEDORA-2017-b87c69ab59)
C library for finding and handling crystal symmetries
--------------------------------------------------------------------------------
Update Information:
- Update to spglib-1.10.2 - Fix dependencies
--------------------------------------------------------------------------------
================================================================================
waiverdb-0.4.0-2.fc26 (FEDORA-2017-86eaa9019e)
Service for waiving results in ResultsDB
--------------------------------------------------------------------------------
Update Information:
Synchronize specfile with upstream.
--------------------------------------------------------------------------------
================================================================================
xen-4.8.2-9.fc26 (FEDORA-2017-16a414b3c5)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
another patch related to the [XSA-240, CVE-2017-15595] issue xen: various flaws
(#1525018) x86 PV guests may gain access to internally used page [XSA-248]
broken x86 shadow mode refcount overflow check [XSA-249] improper x86 shadow
mode refcount error handling [XSA-250] improper bug check in x86 log-dirty
handling [XSA-251] ---- xen: various flaws (#1518214) x86: infinite loop due
to missing PoD error checking [XSA-246] Missing p2m error checking in PoD code
[XSA-247]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1518656 - CVE-2017-17566 xsa248 xen: x86 PV guests may gain access to
internally used pages (XSA-248)
https://bugzilla.redhat.com/show_bug.cgi?id=1518656
[ 2 ] Bug #1518657 - CVE-2017-17563 xsa249 xen: broken x86 shadow mode refcount overflow
check (XSA-249)
https://bugzilla.redhat.com/show_bug.cgi?id=1518657
[ 3 ] Bug #1518658 - CVE-2017-17564 xsa250 xen: improper x86 shadow mode refcount error
handling (XSA-250)
https://bugzilla.redhat.com/show_bug.cgi?id=1518658
[ 4 ] Bug #1518659 - CVE-2017-17565 xsa251 xen: improper bug check in x86 log-dirty
handling (XSA-251)
https://bugzilla.redhat.com/show_bug.cgi?id=1518659
[ 5 ] Bug #1513335 - CVE-2017-17044 xsa246 xen: x86: infinite loop due to missing PoD
error checking (XSA-246)
https://bugzilla.redhat.com/show_bug.cgi?id=1513335
[ 6 ] Bug #1513336 - CVE-2017-17045 xsa247 xen: Missing p2m error checking in PoD code
(XSA-247)
https://bugzilla.redhat.com/show_bug.cgi?id=1513336
--------------------------------------------------------------------------------