The following Fedora 27 Security updates need testing: Age URL 72 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27 22 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c9395f9bec remctl-3.14-1.fc27 17 https://bodhi.fedoraproject.org/updates/FEDORA-2018-825d37b810 opencv-3.2.0-15.fc27 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d275e6ff0c scummvm-tools-2.0.0-1.fc27 scummvm-2.0.0-1.fc27 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ac1d9c2777 zsh-5.4.1-3.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a85044d389 ruby-2.4.4-88.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7025a5c25d community-mysql-5.7.22-1.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-a120d509ab knot-resolver-2.3.0-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8dc6395408 dpdk-17.08.2-1.fc27 4 https://bodhi.fedoraproject.org/updates/FEDORA-2018-04f6056c42 php-7.1.17-1.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-b9ad458866 drupal7-7.59-1.fc27 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ba93b3144 drupal8-8.4.8-1.fc27

The following Fedora 27 Critical Path updates have yet to be approved: Age URL 26 https://bodhi.fedoraproject.org/updates/FEDORA-2018-772fcd140c linux-firmware-20180402-83.git8c1e439c.fc27 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1c31f1eccd iptables-1.6.2-2.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-5eb5277f7d perl-Carp-1.42-395.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-559a2be9ad qt5-qtdeclarative-5.9.4-3.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-742b70ee19 redhat-rpm-config-78-1.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ee3e250248 mingw-libwebp-1.0.0-1.fc27 libwebp-1.0.0-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-047b4a7cd6 gpgme-1.10.0-4.fc27.1 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-94173a387f libnfs-1.11.0-1.fc27

The following builds have been pushed to Fedora 27 updates-testing

dehydrated-0.6.2-1.fc27 foxtrotgps-1.2.1-1.fc27 gnushogi-1.5-0.4.git5bb0b5b.fc27 hamlib-3.2-1.fc27 magic-8.2.60-1.fc27 perl-Dancer2-0.206000-1.fc27 selinux-policy-3.13.1-283.34.fc27 xviewer-1.8.0-2.fc27 yamllint-1.11.1-1.fc27

Details about builds:

================================================================================ dehydrated-0.6.2-1.fc27 (FEDORA-2018-4569d4b0a3) A client for signing certificates with an ACME server -------------------------------------------------------------------------------- Update Information:

dehyrated 0.6.2 (2018-04-25) ============================ Added ----- - New deploy_ocsp hook - Allow account registration with custom key Changed ------- - Don't walk certificate chain for ACMEv2 (certificate contains chain by default) - Improved documentation on wildcards Fixes ----- - Added workaround for compatibility with filesystem ACLs - Close unwanted external file- descriptors - Fixed JSON parsing on force-renewal - Fixed cleanup of challenge files/dns-entries on validation errors - A few more minor fixes -------------------------------------------------------------------------------- ChangeLog:

* Sun Apr 29 2018 Robert Scheck robert@fedoraproject.org - 0.6.2-1 - Resolves: rhbz#1572609 Updated to 0.6.2 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1572609 - dehydrated-0.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1572609 --------------------------------------------------------------------------------

================================================================================ foxtrotgps-1.2.1-1.fc27 (FEDORA-2018-2972cf930b) GTK+ mapping and GPS application -------------------------------------------------------------------------------- Update Information:

Update to 1.2.1 -------------------------------------------------------------------------------- ChangeLog:

* Sun Apr 29 2018 Peter Robinson pbrobinson@fedoraproject.org 1.2.1-1 - Update to 1.2.1 * Fri Feb 9 2018 Igor Gnatenko ignatenkobrain@fedoraproject.org - 1.2.0-9 - Escape macros in %changelog * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 1.2.0-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1564871 - foxtrotgps-1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1564871 --------------------------------------------------------------------------------

================================================================================ gnushogi-1.5-0.4.git5bb0b5b.fc27 (FEDORA-2018-3e2d391d65) Shogi, the Japanese version of chess -------------------------------------------------------------------------------- Update Information:

Initial release for f27. -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1119197 - Review Request: gnushogi - Shogi (Japanese Chess) AI engine https://bugzilla.redhat.com/show_bug.cgi?id=1119197 --------------------------------------------------------------------------------

================================================================================ hamlib-3.2-1.fc27 (FEDORA-2018-0f9b88403a) Run-time library to control radio transceivers and receivers -------------------------------------------------------------------------------- Update Information:

Update to hamlib 3.2. -------------------------------------------------------------------------------- ChangeLog:

* Tue Apr 3 2018 Richard Shaw hobbes1069@gmail.com - 3.2-1 - Update to 3.2. * Wed Feb 7 2018 Fedora Release Engineering releng@fedoraproject.org - 3.1-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Fri Dec 8 2017 Richard Shaw hobbes1069@gmail.com - 3.1-10 - Fix ambiguous Python 2 dependency declarations https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1562559 - hamlib-3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1562559 --------------------------------------------------------------------------------

================================================================================ magic-8.2.60-1.fc27 (FEDORA-2018-d8511ad131) A very capable VLSI layout tool -------------------------------------------------------------------------------- Update Information:

New version 8.2.60 is released. -------------------------------------------------------------------------------- ChangeLog:

* Sun Apr 29 2018 Mamoru TASAKA mtasaka@fedoraproject.org - 8.2.60-1 - 8.2.60 --------------------------------------------------------------------------------

================================================================================ perl-Dancer2-0.206000-1.fc27 (FEDORA-2018-59eb033684) Lightweight yet powerful web application framework -------------------------------------------------------------------------------- Update Information:

Dancer2 0.206000 addresses several potential security issues. There is a potential RCE with regards to Storable. Dancer2 adds session ID validation to the session engine so that session backends based on Storable can reject malformed session IDs that may lead to exploitation of the RCE. Parsing requests now uses HTTP::Entity::Parser which reduces the amount of code needed and does not require re-parsing the request body. -------------------------------------------------------------------------------- ChangeLog:

* Sun Apr 22 2018 Emmanuel Seyman emmanuel@seyman.fr - 0.206000-1 - Update to 0.206000 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1569981 - perl-Dancer2-0.206000 is available https://bugzilla.redhat.com/show_bug.cgi?id=1569981 --------------------------------------------------------------------------------

================================================================================ selinux-policy-3.13.1-283.34.fc27 (FEDORA-2018-aa26da1777) SELinux policy configuration -------------------------------------------------------------------------------- Update Information:

More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1076199 -------------------------------------------------------------------------------- ChangeLog:

* Fri Apr 27 2018 Lukas Vrabec lvrabec@redhat.com - 3.13.1-283.34 - Allow slapd_t domain to mmap slapd_var_run_t files - Allow virtd_t domain to relabel virt_var_lib_t files - Allow hsqldb_t domain to mmap own temp files - We have inconsistency in cgi templates with upstream, we use _content_t, but refpolicy use httpd__content_t. Created aliasses to make it consistence - Allow nfsd_t domain to read/write sysctl fs files - Allow conman to read system state - Allow zebra_t domain to bind on babel udp port - Allow freeipmi domain to read sysfs_t files - Allow targetd_t domain mmap lvm config files - Allow abrt_t domain to manage kdump crash files - Allow svirt_t domain mmap svirt_image_t files BZ(1514538) - Allow ftpd_t domain to chat with systemd - Allow systemd to use virtio console - Label /run/ebtables.lock as iptables_var_run_t - Allow udev_t domain to manage udev_rules_t char files. - Assign babel_port_t label to udp port 6696 - Add new interface lvm_map_config - Allow local_login_t reads of udev_var_run_t context * Wed Apr 18 2018 Lukas Vrabec lvrabec@redhat.com - 3.13.1-283.33 - Allow networkmanager domain to write to ecryptfs_t files BZ(1566706) - Allow l2tpd domain to stream connect to sssd BZ(1568160) - Dontaudit abrt_t to write to lib_t dirs BZ(1566784) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1501331 - None https://bugzilla.redhat.com/show_bug.cgi?id=1501331 [ 2 ] Bug #1568160 - l2tp vpn fails if selinux enabled https://bugzilla.redhat.com/show_bug.cgi?id=1568160 [ 3 ] Bug #1570292 - SELinux is preventing abrt-hook-ccpp from 'map' accesses on the Datei /home/frank/Android/android-sdk-linux/platform-tools/adb. https://bugzilla.redhat.com/show_bug.cgi?id=1570292 [ 4 ] Bug #1513806 - Improper SELinux domain on /etc/ld.so.cache after reboot (should be ld_so_cache_t but is etc_t) https://bugzilla.redhat.com/show_bug.cgi?id=1513806 [ 5 ] Bug #1553897 - AttributeError: 'NoneType' object has no attribute 'typeattributes' https://bugzilla.redhat.com/show_bug.cgi?id=1553897 [ 6 ] Bug #1566706 - SELinux is preventing openvpn from 'write' accesses on the file /home/.ecryptfs/christian/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6ejbCMtS4.IE8efAPRMBaToU--/ECRYPTFS_FNEK_ENCRYPTED.FWZFWi8DDjIxIETJF2l-TL1AxLIEtccM-J6eQw3bxBTS... https://bugzilla.redhat.com/show_bug.cgi?id=1566706 [ 7 ] Bug #1566784 - SELinux is preventing abrt-action-not from 'write' accesses on the directory /usr/lib64/python3.6/importlib/__pycache__. https://bugzilla.redhat.com/show_bug.cgi?id=1566784 [ 8 ] Bug #1514538 - libvirt + qemu + hugepages won't start with SElinux enabled https://bugzilla.redhat.com/show_bug.cgi?id=1514538 [ 9 ] Bug #1571080 - SELinux is preventing abrt-hook-ccpp from 'map' accesses on the Datei /usr/libexec/packagekitd. https://bugzilla.redhat.com/show_bug.cgi?id=1571080 --------------------------------------------------------------------------------

================================================================================ xviewer-1.8.0-2.fc27 (FEDORA-2018-c6807869d8) Fast and functional graphics viewer -------------------------------------------------------------------------------- Update Information:

....... ---- Update -------------------------------------------------------------------------------- ChangeLog:

* Sun Apr 29 2018 Leigh Scott leigh123linux@googlemail.com - 1.8.0-2 - Remove .la file * Sun Apr 29 2018 Leigh Scott leigh123linux@googlemail.com - 1.8.0-1 - New upstream release * Sun Mar 11 2018 Leigh Scott leigh123linux@googlemail.com - 1.6.1-1 - Free xview from gnome-desktop requirement * Tue Feb 20 2018 Leigh Scott leigh123linux@googlemail.com - 1.6.0-7 - Fix build with newer gnome-desktop3 - Fix scriplets * Sun Feb 11 2018 Bj��rn Esser besser82@fedoraproject.org - 1.6.0-6 - Rebuilt for gnome-desktop3 * Fri Feb 9 2018 Fedora Release Engineering releng@fedoraproject.org - 1.6.0-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Fri Nov 17 2017 Bj��rn Esser besser82@fedoraproject.org - 1.6.0-4 - Add required scriptlets for EPEL7 * Thu Nov 16 2017 Bj��rn Esser besser82@fedoraproject.org - 1.6.0-3 - Redistributable build on EPEL7 * Thu Nov 16 2017 Bj��rn Esser besser82@fedoraproject.org - 1.6.0-2 - Bootstrapping on EPEL7 -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1572413 - xviewer-1.8.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1572413 --------------------------------------------------------------------------------

================================================================================ yamllint-1.11.1-1.fc27 (FEDORA-2018-f49cbe8cf1) A linter for YAML files -------------------------------------------------------------------------------- Update Information:

Update to latest upstream version -------------------------------------------------------------------------------- ChangeLog:

* Sun Apr 29 2018 Adrien Verg�� adrienverge@gmail.com - 1.11.1-1 - Update to latest upstream version -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1564488 - yamllint-1.11.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1564488 --------------------------------------------------------------------------------