The following Fedora 26 Security updates need testing:
Age URL
203
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7
docker-distribution-2.6.2-1.git48294d9.fc26
95
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3915878e18 ldns-1.7.0-4.fc26
49
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d75a88f263
monit-5.25.1-1.fc26
41
https://bodhi.fedoraproject.org/updates/FEDORA-2018-ccef1ced42 gimp-2.8.22-3.fc26
35
https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c
keycloak-httpd-client-install-0.8-1.fc26
34
https://bodhi.fedoraproject.org/updates/FEDORA-2018-0db545e976 ruby-2.4.3-86.fc26
22
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b166805347
transmission-2.92-12.fc26
22
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef
squid-4.0.23-1.fc26
21
https://bodhi.fedoraproject.org/updates/FEDORA-2018-f73abc5680
knot-resolver-1.5.3-1.fc26
15
https://bodhi.fedoraproject.org/updates/FEDORA-2018-c7c6160e65
thunderbird-52.6.0-1.fc26
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-ac2e276c76
tomcat-8.0.49-1.fc26
9
https://bodhi.fedoraproject.org/updates/FEDORA-2018-fff755ee8e jhead-3.00-7.fc26
8
https://bodhi.fedoraproject.org/updates/FEDORA-2018-7edc48be11
p7zip-16.02-10.fc26
8
https://bodhi.fedoraproject.org/updates/FEDORA-2018-60613721f6
ca-certificates-2018.2.22-1.0.fc26
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-337757e11f
plasma-workspace-5.10.5-6.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-6f08b79a09
golang-1.8.7-1.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-c54ced412e gcab-1.1-1.fc26
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b3de6c389e
torbrowser-launcher-0.2.9-1.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2018-f97cb1c9b0 krb5-1.15.2-7.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4367d984c1
sblim-sfcb-1.4.9-7.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2018-2bbf027370 exim-4.90.1-1.fc26
The following Fedora 26 Critical Path updates have yet to be approved:
Age URL
15
https://bodhi.fedoraproject.org/updates/FEDORA-2018-c7c6160e65
thunderbird-52.6.0-1.fc26
9
https://bodhi.fedoraproject.org/updates/FEDORA-2018-f0ad9c0f9c
pungi-4.1.22-2.fc26
8
https://bodhi.fedoraproject.org/updates/FEDORA-2018-60613721f6
ca-certificates-2018.2.22-1.0.fc26
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-27cb0cd918 ibus-1.5.17-6.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc14e16004 nss-3.35.0-1.0.fc26
nss-softokn-3.35.0-1.0.fc26 nss-util-3.35.0-1.0.fc26 nspr-4.18.0-1.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-3e5558f0ff
vim-8.0.1505-1.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-c54ced412e gcab-1.1-1.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-499a2df303
libappstream-glib-0.7.6-1.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9ef65cf422
perl-5.24.3-396.fc26
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bdea546d95
libinput-1.9.4-3.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2018-6fe397a796
lxpanel-0.9.3-4.D20180109git2ddf8dfc.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a
iproute-4.14.1-5.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2018-f97cb1c9b0 krb5-1.15.2-7.fc26
The following builds have been pushed to Fedora 26 updates-testing
cacti-1.1.35-1.fc26
curl-7.53.1-15.fc26
fedpkg-1.31-5.fc26
firefox-58.0.2-1.fc26
htop-2.1.0-1.fc26
lzip-1.20-1.fc26
microdns-0.0.8-1.fc26
mingw-OpenEXR-2.2.0-6.fc26
mingw-poppler-0.52.0-6.fc26
php-justinrainbow-json-schema5-5.2.7-1.fc26
pnmixer-0.7.2-1.fc26
python-pypandoc-1.4-1.fc26
python37-3.7.0-0.8.b1.fc26
sssd-1.16.0-6.fc26
vdr-epg-daemon-1.1.134-1.fc26
xtide-2.15.1-5.fc26
Details about builds:
================================================================================
cacti-1.1.35-1.fc26 (FEDORA-2018-9546ff066d)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- Update to 1.1.35 Release notes:
https://www.cacti.net/release_notes.php?version=1.1.35
--------------------------------------------------------------------------------
================================================================================
curl-7.53.1-15.fc26 (FEDORA-2018-85dd2a6ff9)
A utility for getting files from remote servers (FTP, HTTP, and others)
--------------------------------------------------------------------------------
Update Information:
- make NSS deallocate PKCS #11 objects early enough (#1510247)
--------------------------------------------------------------------------------
================================================================================
fedpkg-1.31-5.fc26 (FEDORA-2018-486299cae3)
Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
fix broken syntax in bash completion
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1544133 - fedpkg update from 1.30-4 to 1.31-1 broke bash completion
https://bugzilla.redhat.com/show_bug.cgi?id=1544133
--------------------------------------------------------------------------------
================================================================================
firefox-58.0.2-1.fc26 (FEDORA-2018-5cdc56766f)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream stable version. For changes see:
https://www.mozilla.org/en-US/firefox/58.0.2/releasenotes/
--------------------------------------------------------------------------------
================================================================================
htop-2.1.0-1.fc26 (FEDORA-2018-04b41a052b)
Interactive process viewer
--------------------------------------------------------------------------------
Update Information:
- Update to 2.1.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1541785 - Fedora does not install a ".desktop" file for htop.
https://bugzilla.redhat.com/show_bug.cgi?id=1541785
--------------------------------------------------------------------------------
================================================================================
lzip-1.20-1.fc26 (FEDORA-2018-9565fc33fd)
LZMA compressor with integrity checking
--------------------------------------------------------------------------------
Update Information:
1.20
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1545471 - lzip-1.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1545471
--------------------------------------------------------------------------------
================================================================================
microdns-0.0.8-1.fc26 (FEDORA-2018-90b401026b)
Minimal mDNS resolver and announcer library
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1545347 - Review Request: microdns - Minimal mDNS resolver and announcer
library
https://bugzilla.redhat.com/show_bug.cgi?id=1545347
--------------------------------------------------------------------------------
================================================================================
mingw-OpenEXR-2.2.0-6.fc26 (FEDORA-2018-f5d2f4ec0d)
MinGW Windows OpenEXR library
--------------------------------------------------------------------------------
Update Information:
This update fixes the following vulnerabilities: CVE-2017-9110 CVE-2017-9111
CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116
CVE-2017-12596
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1483880 - CVE-2017-12596 OpenEXR: heap-based buffer over-read in hufDecode
function
https://bugzilla.redhat.com/show_bug.cgi?id=1483880
[ 2 ] Bug #1455526 - CVE-2017-9110 OpenEXR: Out-of-bounds read in the hufDecode
function
https://bugzilla.redhat.com/show_bug.cgi?id=1455526
--------------------------------------------------------------------------------
================================================================================
mingw-poppler-0.52.0-6.fc26 (FEDORA-2018-e23d2dae46)
MinGW Windows Poppler library
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2017-15565.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1510977 - CVE-2017-15565 poppler: NULL pointer dereference in the
GfxImageColorMap::getGrayLine() function
https://bugzilla.redhat.com/show_bug.cgi?id=1510977
--------------------------------------------------------------------------------
================================================================================
php-justinrainbow-json-schema5-5.2.7-1.fc26 (FEDORA-2018-bb75a63257)
A library to validate a json schema
--------------------------------------------------------------------------------
Update Information:
**Version 5.2.7** * 495 Backports from 6.0 * 462 Typo fix * 465
override new phpcs rule (#465) * 466 Use PHPUnit\Framework\TestCase instead
of PHPUnit_Framework_TestCase * 489 Remove unused parameter * 488 Remove
unused private method * 479 No need to specify path to bin directory *
487 Use more appropriate assertions * 486 Remove unused argument from method
call * 485 Case mismatch * 483 Consistently indent with 2 spaces *
481 Add PHP 7.2 to build matrix * 480 No need to update composer itself
* 477 Implicitly enable no_unused_imports fixer * 478 Remove unused argument
* 490 Keep rules sorted in .php_cs.dist * 494 Apply defaults in $ref'ed
property / item definitions
--------------------------------------------------------------------------------
================================================================================
pnmixer-0.7.2-1.fc26 (FEDORA-2018-ab44bf363c)
Lightweight mixer applet
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream release 0.7.2 - switch to gtk+-3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1532950 - [abrt] pnmixer: snd_mixer_elem_set_callback(): pnmixer killed by
SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1532950
[ 2 ] Bug #1483193 - [abrt] pnmixer: snd_hctl_name(): pnmixer killed by signal 6
https://bugzilla.redhat.com/show_bug.cgi?id=1483193
[ 3 ] Bug #1483190 - [abrt] pnmixer: snd_mixer_detach(): pnmixer killed by signal 11
https://bugzilla.redhat.com/show_bug.cgi?id=1483190
[ 4 ] Bug #1295139 - uptate 0.7.2
https://bugzilla.redhat.com/show_bug.cgi?id=1295139
--------------------------------------------------------------------------------
================================================================================
python-pypandoc-1.4-1.fc26 (FEDORA-2018-10fffa8d0b)
Thin wrapper for pandoc
--------------------------------------------------------------------------------
Update Information:
Update to latest version, minor changes only.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1444581 - python-pypandoc-1.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1444581
--------------------------------------------------------------------------------
================================================================================
python37-3.7.0-0.8.b1.fc26 (FEDORA-2018-2fe50af53c)
Version 3.7 of the Python interpreter
--------------------------------------------------------------------------------
Update Information:
Fix missing ldconfig scriptlet ---- This is a beta preview of Python 3.7. See
the [release
announcement](https://www.python.org/downloads/release/python-
370b1/).
--------------------------------------------------------------------------------
================================================================================
sssd-1.16.0-6.fc26 (FEDORA-2018-562467e141)
System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1538643 - SSSD crashes when retrieving a Desktop Profile with no
specific host/hostgroup set Resolves: upstream#3621 - FleetCommander
integration must not require capability DAC_OVERRIDE ---- Resolves:
upstream#3618 - selinux_child segfaults in a docker container
--------------------------------------------------------------------------------
================================================================================
vdr-epg-daemon-1.1.134-1.fc26 (FEDORA-2018-40c45f153b)
A daemon to download EPG data from internet and manage it in a mysql database
--------------------------------------------------------------------------------
Update Information:
Update to 1.1.134 ---- Update to 1.1.132 ---- - Update to 1.1.131 - use
correct mariadb-API header file
--------------------------------------------------------------------------------
================================================================================
xtide-2.15.1-5.fc26 (FEDORA-2018-8fcc490b27)
Calculate tide all over the world
--------------------------------------------------------------------------------
Update Information:
Harmonics data is updated to 20180101.
--------------------------------------------------------------------------------