The following Fedora 29 Security updates need testing:
Age URL
128
https://bodhi.fedoraproject.org/updates/FEDORA-2018-51ce232320
xerces-c27-2.7.0-28.fc29
57
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b89746cb9b
tomcat-9.0.13-1.fc29
11
https://bodhi.fedoraproject.org/updates/FEDORA-2019-ac70292cfc
rdesktop-1.8.4-2.fc29
10
https://bodhi.fedoraproject.org/updates/FEDORA-2019-614f1cd5a8
community-mysql-8.0.14-1.fc29
10
https://bodhi.fedoraproject.org/updates/FEDORA-2019-b0bd3c604a
mingw-poppler-0.67.0-3.fc29
9
https://bodhi.fedoraproject.org/updates/FEDORA-2019-f44f095639
pdns-recursor-4.1.9-1.fc29
9
https://bodhi.fedoraproject.org/updates/FEDORA-2019-73cbc02e14
perl-Email-Address-List-0.06-1.fc29
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-9ccbbfeae1
mingw-libconfuse-3.2.2-1.fc29
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cc827b7a1 podofo-0.9.6-5.fc29
mingw-podofo-0.9.6-7.fc29
The following Fedora 29 Critical Path updates have yet to be approved:
Age URL
59
https://bodhi.fedoraproject.org/updates/FEDORA-2018-3d43e7dd21
SLOF-0.1.git20180702-2.fc29
10
https://bodhi.fedoraproject.org/updates/FEDORA-2019-08018846dd lorax-29.26-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-0d0dab0484
iproute-4.20.0-1.fc29
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-896033e53f
python-packaging-19.0-1.fc29
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-3aa0fbffb4
ibus-1.5.19-16.fc29
The following builds have been pushed to Fedora 29 updates-testing
NetworkManager-openvpn-1.8.10-1.fc29
R-Bessel-0.5.5-1.fc29
R-R.rsp-0.43.1-1.fc29
R-future-1.11.1.1-1.fc29
R-gplots-3.0.1.1-1.fc29
R-repr-0.19.2-1.fc29
R-unitizer-1.4.6-1.fc29
abcde-2.9.3-1.fc29
abrt-server-info-page-1.7-1.fc29
amanda-3.5.1-16.fc29
ansible-2.7.7-1.fc29
aspell-0.60.6.1-25.fc29
aspell-es-1.11-16.fc29
aspell-pt_PT-20070510-15.fc29
aspell-sk-2.02-1.fc29
awesome-4.3-1.fc29
bouncycastle-1.61-1.fc29
buildbot-1.8.1-1.fc29
ccdciel-0.9.52-1.fc29
chirp-20190209-1.fc29
clamtk-5.27-1.fc29
cmdtest-0.32-1.fc29
cockpit-187-1.fc29
container-selinux-2.81-2.git484806a.fc29
cppcheck-1.87-1.fc29
crawl-0.23.0-1.fc29
curl-7.61.1-8.fc29
dmenu-4.9-1.fc29
easy-rsa-3.0.6-1.fc29
eclipse-jgit-5.2.0-4.fc29
eclipse-linuxtools-7.1.0-3.fc29
erlang-triq-1.3.0-1.fc29
fedpkg-1.36-2.fc29
flatpak-1.2.2-1.fc29
flatpak-builder-1.0.5-1.fc29
flatpak-module-tools-0.9.2-1.fc29
fuse-sshfs-3.5.1-1.fc29
generic-release-29-1.fc29
geolite2-20190205-1.fc29
ghostscript-9.26-1.fc29
globus-gram-job-manager-fork-3.0-3.fc29
globus-gram-job-manager-lsf-3.0-3.fc29
globus-gram-job-manager-pbs-3.0-3.fc29
globus-gram-job-manager-sge-3.0-3.fc29
gnome-control-center-3.30.3-1.fc29
gnome-desktop3-3.30.2.1-1.fc29
golang-github-hashicorp-hcl-1.0.0-1.fc29
golang-github-pkg-errors-0.8.1-1.fc29
greybird-3.22.10-1.fc29
gsi-openssh-7.9p1-5.fc29
gtk3-3.24.1-2.fc29
ibus-typing-booster-2.5.2-1.fc29
inkscape-0.92.4-4.fc29
inxi-3.0.31-1.fc29
jackson-annotations-2.9.8-1.fc29
jackson-bom-2.9.8-1.fc29
jackson-core-2.9.8-1.fc29
jackson-databind-2.9.8-1.fc29
jackson-dataformat-xml-2.9.8-1.fc29
jackson-dataformats-binary-2.9.8-1.fc29
jackson-dataformats-text-2.9.8-1.fc29
jackson-datatype-jdk8-2.9.8-1.fc29
jackson-datatype-joda-2.9.8-1.fc29
jackson-datatypes-collections-2.9.8-1.fc29
jackson-jaxrs-providers-2.9.8-1.fc29
jackson-module-jsonSchema-2.9.8-1.fc29
jackson-modules-base-2.9.8-1.fc29
jackson-parent-2.9.1.2-1.fc29
java-1.8.0-openjdk-1.8.0.201.b09-2.fc29
kernel-4.20.7-200.fc29
kernel-headers-4.20.7-200.fc29
knights-18.12.2-1.fc29
libdvdread-6.0.1-1.fc29
libffado-2.4.1-6.fc29
libidn2-2.1.1a-1.fc29
libpng-1.6.34-7.fc29
libproxy-0.4.15-10.fc29
libreoffice-6.1.5.2-1.fc29
libunicapgtk-0.9.8-21.fc29
lua-lgi-0.9.2-4.fc29
mandoc-1.14.4-1.fc29
mellowplayer-3.5.1-1.20190206git402e336.fc29
mingw-sqlite-3.26.0.0-1.fc29
mkvtoolnix-30.1.0-1.fc29
mod_auth_token-1.0.5-16.fc29
mosquitto-1.5.6-1.fc29
munin-2.0.45-1.fc29
mutt-1.11.3-1.fc29
nbd-3.19-1.fc29
ncdu-1.14-1.fc29
ncid-1.10.1-7.fc29
ndctl-64.1-1.fc29
net-snmp-5.8-6.fc29
netmask-2.4.4-1.fc29
nodejs-yarn-1.13.0-1.fc29
nss-pem-1.0.5-1.fc29
openjfx-8.0.202-5.b07.fc29
openssh-7.9p1-4.fc29
osbs-client-0.52-1.fc29
perl-Applify-0.15-2.fc29
perl-File-BOM-0.16-1.fc29
perl-MongoDB-2.0.3-1.fc29
perl-Perl-PrereqScanner-NotQuiteLite-0.9903-2.fc29
perl-Regexp-Trie-0.02-2.fc29
php-7.2.15-1.fc29
php-alcaeus-mongo-php-adapter-1.1.6-1.fc29
php-getid3-1.9.17-1.fc29
php-icewind-smb2-2.0.6-1.fc29
php-league-tactician-1.0.3-1.fc29
php-myclabs-php-enum-1.6.6-1.fc29
php-pecl-pcov-1.0.0-2.fc29
php-pecl-uopz-6.0.1-2.fc29
php-sensiolabs-security-checker-5.0.3-1.fc29
php-zendframework-zendservice-recaptcha-3.2.0-1.fc29
phpunit7-7.5.4-1.fc29
pocl-1.2-1.fc29
python-bugzilla-2.2.0-3.fc29
python-cliapp-1.20180121-1.fc29
python-impacket-0.9.18-3.fc29
python-markdown2-2.3.7-1.fc29
python-moksha-hub-1.5.16-1.fc29
python-passlib-1.7.1-1.fc29
python-prometheus_client-0.5.0-1.fc29
python-sushy-1.3.3-1.fc29
rpkg-1.57-6.fc29
rubygem-thread_order-1.1.1-1.fc29
shotwell-0.30.2-1.fc29
snapd-2.37.2-1.fc29
switchboard-plug-bluetooth-2.2.1-1.fc29
systemd-239-11.git4dc7dce.fc29
texi2html-5.0-11.fc29
texlive-2018-25.fc29
thunderbird-60.5.0-4.fc29
tideEditor-1.4.5-1.fc29
tnef-1.4.17-1.fc29
tracker-2.1.7-1.fc29
Details about builds:
================================================================================
NetworkManager-openvpn-1.8.10-1.fc29 (FEDORA-2019-a1352a243a)
NetworkManager VPN plugin for OpenVPN
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.10 release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Beniamino Galvani <bgalvani(a)redhat.com> - 1:1.8.10-1
- Update to 1.8.10 release
--------------------------------------------------------------------------------
================================================================================
R-Bessel-0.5.5-1.fc29 (FEDORA-2019-cfe441cf0f)
Bessel functions computations and approximations
--------------------------------------------------------------------------------
Update Information:
Initial package of Bessel for R
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1669766 - Review Request: R-Bessel - Bessel functions computations and
approximations
https://bugzilla.redhat.com/show_bug.cgi?id=1669766
--------------------------------------------------------------------------------
================================================================================
R-R.rsp-0.43.1-1.fc29 (FEDORA-2019-a73c9f9af7)
Dynamic Generation of Scientific Reports
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.43.1-1
- Update to latest version
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.43.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672831 - R-R.rsp-0.43.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672831
--------------------------------------------------------------------------------
================================================================================
R-future-1.11.1.1-1.fc29 (FEDORA-2019-90a73b4e2f)
Unified Parallel and Distributed Processing in R for Everyone
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.11.1.1-1
- Update to latest version
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.11.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1669773 - R-future-1.11.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1669773
--------------------------------------------------------------------------------
================================================================================
R-gplots-3.0.1.1-1.fc29 (FEDORA-2019-80481e3c14)
Various R Programming Tools for Plotting Data
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 3.0.1.1-1
- Update to latest version
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1669886 - R-gplots-3.0.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1669886
--------------------------------------------------------------------------------
================================================================================
R-repr-0.19.2-1.fc29 (FEDORA-2019-3bb8f6fdf0)
Serializable Representations
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.19.2-1
- Update to latest version
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.15.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673219 - R-repr-0.19.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1673219
--------------------------------------------------------------------------------
================================================================================
R-unitizer-1.4.6-1.fc29 (FEDORA-2019-ccf7a57f74)
Interactive R Unit Tests
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.4.6-1
- Update to latest version
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1669910 - R-unitizer-1.4.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1669910
--------------------------------------------------------------------------------
================================================================================
abcde-2.9.3-1.fc29 (FEDORA-2019-2928c2dc0f)
A Better CD Encoder
--------------------------------------------------------------------------------
Update Information:
* Replace non-portable sed code for generating offset list with some simple awk
instead. Should now work on FreeBSD again. * Deal with bizarre cdda2wav
behaviour when doing cdtext lookup - it writes the track information to *stdin*.
Closes Issue #89:
https://abcde.einval.com/bugzilla/show_bug.cgi?id=89 * Add a
warning in abcde.conf about mayb needing to install recode before using it in
mungefilename()
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 Dominik Mierzejewski <rpm(a)greysector.net> - 2.9.3-1
- update to 2.9.3 (#1672604)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672604 - abcde-2.9.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672604
--------------------------------------------------------------------------------
================================================================================
abrt-server-info-page-1.7-1.fc29 (FEDORA-2019-b79de694d2)
Web page with summary of ABRT services
--------------------------------------------------------------------------------
Update Information:
- Migrate to python3 for F28+ and RHEL8+
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Martin Kutlak <mkutlak(a)redhat.com> 1.7-1
- Migrate to python3 for F28+ and RHEL8+
- add releaser for f29
--------------------------------------------------------------------------------
================================================================================
amanda-3.5.1-16.fc29 (FEDORA-2019-9dca788639)
A network-capable tape backup solution
--------------------------------------------------------------------------------
Update Information:
Fixes an issue with index generation when backing up XFS filesystems.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Jason L Tibbitts III <tibbs(a)math.uh.edu> - 3.5.1-16
- Add patch to specify xfsrestore housekeeping dir during index generation
(#1671117)
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.5.1-15
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1671117 - Indexes for backups made with xfsdump have broken
https://bugzilla.redhat.com/show_bug.cgi?id=1671117
--------------------------------------------------------------------------------
================================================================================
ansible-2.7.7-1.fc29 (FEDORA-2019-635400aefa)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
Update to 2.7.7 bugfix release. See
https://github.com/ansible/ansible/blob/stable-2.7/changelogs/CHANGELOG-v...
for more details. ---- Update to 2.7.6 bugfix release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Kevin Fenzi <kevin(a)scrye.com> - 2.7.7-1
- Update to 2.7.7. Fixes bug #1673761
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jan 17 2019 Kevin Fenzi <kevin(a)scrye.com> - 2.7.6-1
- Update to 2.7.6.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673761 - ansible-2.7.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1673761
--------------------------------------------------------------------------------
================================================================================
aspell-0.60.6.1-25.fc29 (FEDORA-2019-4aefd63307)
Spell checker
--------------------------------------------------------------------------------
Update Information:
Workaround GCC 8 bug triggered by `-O2`.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 4 2019 Nikola Forr�� <nforro(a)redhat.com> - 12:0.60.6.1-25
- resolves: #1603421
workaround GCC 8 bug triggered by -O2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1603421 - aspell-sk: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603421
[ 2 ] Bug #1603415 - aspell-es: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603415
[ 3 ] Bug #1603418 - aspell-pt_PT: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603418
--------------------------------------------------------------------------------
================================================================================
aspell-es-1.11-16.fc29 (FEDORA-2019-4aefd63307)
Spanish dictionaries for Aspell
--------------------------------------------------------------------------------
Update Information:
Workaround GCC 8 bug triggered by `-O2`.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Nikola Forr�� <nforro(a)redhat.com> - 50:1.11-16
- rebuild with fixed aspell
resolves: #1603415
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
50:1.11-15
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1603421 - aspell-sk: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603421
[ 2 ] Bug #1603415 - aspell-es: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603415
[ 3 ] Bug #1603418 - aspell-pt_PT: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603418
--------------------------------------------------------------------------------
================================================================================
aspell-pt_PT-20070510-15.fc29 (FEDORA-2019-4aefd63307)
European Portuguese dictionaries for Aspell
--------------------------------------------------------------------------------
Update Information:
Workaround GCC 8 bug triggered by `-O2`.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Nikola Forr�� <nforro(a)redhat.com> - 50:20070510-15
- rebuild with fixed aspell
resolves: #1603418
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
50:20070510-14
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1603421 - aspell-sk: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603421
[ 2 ] Bug #1603415 - aspell-es: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603415
[ 3 ] Bug #1603418 - aspell-pt_PT: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603418
--------------------------------------------------------------------------------
================================================================================
aspell-sk-2.02-1.fc29 (FEDORA-2019-de1abe4d1d)
Slovak dictionaries for Aspell
--------------------------------------------------------------------------------
Update Information:
Rebuilt on fixed aspell package.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Aug 28 2018 J��n ONDREJ (SAL) <ondrejj(at)salstar.sk> - 2.02-1
- Update to upstream.
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.01-17
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1603421 - aspell-sk: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603421
--------------------------------------------------------------------------------
================================================================================
awesome-4.3-1.fc29 (FEDORA-2019-27fc2b15d9)
Highly configurable, framework window manager for X. Fast, light and extensible
--------------------------------------------------------------------------------
Update Information:
Update AwesomeWM to 4.3. See
https://awesomewm.org/doc/api/documentation/89-NEWS.md.html for the list of
changes.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Thomas Moschny <thomas.moschny(a)gmx.de> - 4.3-1
- Update to 4.3.
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.2-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
bouncycastle-1.61-1.fc29 (FEDORA-2019-df57551f6d)
Bouncy Castle Cryptography APIs for Java
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 1.61-1
- Update to latest upstream release
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.60-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
buildbot-1.8.1-1.fc29 (FEDORA-2019-7e722314f3)
Build/test automation system
--------------------------------------------------------------------------------
Update Information:
Update to 1.8.1 to fix CVE-2019-7313
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Neal Gompa <ngompa13(a)gmail.com> - 1.8.1-1
- Update to 1.8.1
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672293 - CVE-2019-7313 buildbot: Improper neutralization of CRLF sequences
https://bugzilla.redhat.com/show_bug.cgi?id=1672293
--------------------------------------------------------------------------------
================================================================================
ccdciel-0.9.52-1.fc29 (FEDORA-2019-44e656654a)
CCD capture software
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.52
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Mattia Verga <mattia.verga(a)protonmail.com> - 0.9.52-1
- Update to 0.9.52
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.47-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
chirp-20190209-1.fc29 (FEDORA-2019-2c862cc5d2)
A tool for programming two-way radio equipment
--------------------------------------------------------------------------------
Update Information:
Update to 20190209. Changes for Build #551 [Dan Smith <dsmith(a)danplanet.com>]
Also make ft7100 not claim that its sub devices have sub devices This was
making run_tests fully _skip_ it by drilling through all the sub devices to an
empty list.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Richard Shaw <hobbes1069(a)gmail.com> - 20190209-1
- Update to 20190209.
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
20190120-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Jan 23 2019 Richard Shaw <hobbes1069(a)gmail.com> - 20190120-1
- Update to 20190120.
--------------------------------------------------------------------------------
================================================================================
clamtk-5.27-1.fc29 (FEDORA-2019-68de9c9107)
Easy to use graphical user interface for Clam anti virus
--------------------------------------------------------------------------------
Update Information:
Update to 5.27.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Dave M. <dave.nerd(a)gmail.com> - 5.27-1
- Updated to release 5.27.
--------------------------------------------------------------------------------
================================================================================
cmdtest-0.32-1.fc29 (FEDORA-2019-4792657f50)
Black-box testing for Unix command line tools
--------------------------------------------------------------------------------
Update Information:
Latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Michel Alexandre Salim <salimma(a)fedoraproject.org> - 0.32-1
- Update to 0.32
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.30-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.30-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1603664 - cmdtest: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1603664
[ 2 ] Bug #1548774 - cmdtest-0.32 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1548774
--------------------------------------------------------------------------------
================================================================================
cockpit-187-1.fc29 (FEDORA-2019-4122dba5d0)
Web Console for Linux servers
--------------------------------------------------------------------------------
Update Information:
- Machines: More operations for Storage Pools - Domains: More information about
the joined domain - Storage: The options for VDO volumes are explained -
Machines: Support for oVirt will be dropped in the future
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Marius Vollmer <mvollmer(a)redhat.com> - 187-1
- Machines: More operations for Storage Pools
- Domains: More information about the joined domain
- Storage: The options for VDO volumes are explained
- Machines: Support for oVirt will be dropped in the future
--------------------------------------------------------------------------------
================================================================================
container-selinux-2.81-2.git484806a.fc29 (FEDORA-2019-3d2fe7dd05)
SELinux policies for container runtimes
--------------------------------------------------------------------------------
Update Information:
New paths for containerd
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Dan Walsh <dwalsh(a)fedoraproject.org> - 2.81-1
- Add new labels for paths for containerd
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
2:2.80-2.git1b655d9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
cppcheck-1.87-1.fc29 (FEDORA-2019-d8e42e879b)
Tool for static C/C++ code analysis
--------------------------------------------------------------------------------
Update Information:
New upstream release adds 2 new checks, and config file for boost library.
improves whole program analysis, variable lifetime checking, parsing of
templates, type aliases. Also improves speed of analysis.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Steve Grubb <sgrubb(a)redhat.com> - 1.87-1
- Update to 1.87.
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.86-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1674148 - cppcheck-1.87 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1674148
--------------------------------------------------------------------------------
================================================================================
crawl-0.23.0-1.fc29 (FEDORA-2019-103550670a)
Roguelike dungeon exploration game
--------------------------------------------------------------------------------
Update Information:
- Release 0.23.0
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Antonio Trande <sagitter(a)fedoraproject.org> - 0.23.0-1
- Upstream release 0.23.0 (bz#1673723)
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.22.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1575324 - crawl crashes when loading game
https://bugzilla.redhat.com/show_bug.cgi?id=1575324
[ 2 ] Bug #1673723 - crawl-0.23.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1673723
--------------------------------------------------------------------------------
================================================================================
curl-7.61.1-8.fc29 (FEDORA-2019-43489941ff)
A utility for getting files from remote servers (FTP, HTTP, and others)
--------------------------------------------------------------------------------
Update Information:
- fix SMTP end-of-response out-of-bounds read (CVE-2019-3823) - fix NTLMv2
type-3 header stack buffer overflow (CVE-2019-3822) - fix NTLM type-2 out-of-
bounds buffer read (CVE-2018-16890)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Kamil Dudka <kdudka(a)redhat.com> - 7.61.1-8
- fix SMTP end-of-response out-of-bounds read (CVE-2019-3823)
- fix NTLMv2 type-3 header stack buffer overflow (CVE-2019-3822)
- fix NTLM type-2 out-of-bounds buffer read (CVE-2018-16890)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672906 - CVE-2019-3823 curl: SMTP end-of-response out-of-bounds read
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1672906
[ 2 ] Bug #1672905 - CVE-2019-3822 curl: NTLMv2 type-3 header stack buffer overflow
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1672905
[ 3 ] Bug #1672902 - CVE-2018-16890 curl: NTLM type-2 heap out-of-bounds buffer read
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1672902
--------------------------------------------------------------------------------
================================================================================
dmenu-4.9-1.fc29 (FEDORA-2019-901aac52c7)
Generic menu for X
--------------------------------------------------------------------------------
Update Information:
dmenu-4.9 is now available for Fedora. This release includes numerous small
enahncemens in caching and IME support.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Petr ��abata <contyk(a)redhat.com> - 4.9-1
- 4.9 bump
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 4.8-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672125 - dmenu-4.9 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672125
--------------------------------------------------------------------------------
================================================================================
easy-rsa-3.0.6-1.fc29 (FEDORA-2019-03364cc79f)
Simple shell based CA utility
--------------------------------------------------------------------------------
Update Information:
3.0.6
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 3 2019 Xavier Bachelot <xavier(a)bachelot.org> - 3.0.6-1
- Update to 3.0.6.
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.3-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
eclipse-jgit-5.2.0-4.fc29 (FEDORA-2019-df57551f6d)
Eclipse JGit
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Mat Booth <mat.booth(a)redhat.com> - 5.2.0-4
- Add missing requires for optional dep on bouncycastle
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.2.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
eclipse-linuxtools-7.1.0-3.fc29 (FEDORA-2019-df57551f6d)
Linux specific Eclipse plugins
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Mat Booth <mat.booth(a)redhat.com> - 7.1.0-3
- Rebuild against newer BC and Jackson
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.1.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
erlang-triq-1.3.0-1.fc29 (FEDORA-2019-f6dd7e3e9e)
A property-based testing library for Erlang
--------------------------------------------------------------------------------
Update Information:
* erlang-triq ver. 1.3.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.2.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
fedpkg-1.36-2.fc29 (FEDORA-2019-c87d6a582e)
Fedora utility for working with dist-git
--------------------------------------------------------------------------------
Update Information:
This is mostly a bugfix update with some improvements. Most notable changes are:
* support for flatpack namespace (flatpaks will be added as a separate namespace
in Fedora `dist-git`) * `fedpkg update` will work for containers Other
changes, bugfixes and enhancements consist of: * Added _update-docs_ script and
contributing guide * Couple of changes that fix _sdist_, Python 2.6
compatibility and unittests * Move argparse fix to `rpkg` * Add _severity=_
option to `fedpkg update` template * Use module distro instead of platform *
Help: Use _foo_ in foo examples, not _name_
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 Ond��ej Nosek <onosek(a)redhat.com> - 1.36-2
- New dependency: python-distro
* Mon Feb 4 2019 Ond��ej Nosek <onosek(a)redhat.com> - 1.36-1
- Added update-docs script (onosek)
- Sdist fix and Python 2.6 compatibility (onosek)
- Add support for a 'flatpaks' namespace (otaylor)
- Move argparse fix to rpkg - #299 (onosek)
- Fix update command related tests (cqi)
- Make update work for containers - #296 (lsedlar)
- Add 'severity=' option to 'fedpkg update' template (praiskup)
- Add contributing guide - #293 (lsedlar)
- Use module distro instead of platform - #278 (cqi)
- Add missing content to 1.35 release notes (cqi)
- Help: Use foo in foo examples, not name (miro)
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.35-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
flatpak-1.2.2-1.fc29 (FEDORA-2019-3f7fead16a)
Application deployment framework for desktop apps
--------------------------------------------------------------------------------
Update Information:
flatpak 1.2.2 release: * Ensure flatpak builds with older versions of glib and
appstream-glib. * build-commit-from: Fix the new --extra-id option. * build-
export: Allow disabling the sandboxing of the icon validator and do so during
the tests. * profile: Don't break if debug logging is enabled. * Better
handling of the appdata release attribute. * Don't install polkit agent when
not needed, avoiding some unnecessary log lines in some cases. * Fix the
output of the sandboxed icon validator not being visible. * builld-init: Allow
specifying a full ref for the sdk, which is used to select the branch name
when checking sdk extensions. flatpak-builder 1.0.5 release: * Add
--add/remove-tag options * Allow using a full ref as sdk and use the branch
from that.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 David King <amigadave(a)amigadave.com> - 1.2.2-1
- Update to 1.2.2
* Tue Feb 5 2019 Kalev Lember <klember(a)redhat.com> - 1.2.1-1
- Update to 1.2.1
--------------------------------------------------------------------------------
================================================================================
flatpak-builder-1.0.5-1.fc29 (FEDORA-2019-3f7fead16a)
Tool to build flatpaks from source
--------------------------------------------------------------------------------
Update Information:
flatpak 1.2.2 release: * Ensure flatpak builds with older versions of glib and
appstream-glib. * build-commit-from: Fix the new --extra-id option. * build-
export: Allow disabling the sandboxing of the icon validator and do so during
the tests. * profile: Don't break if debug logging is enabled. * Better
handling of the appdata release attribute. * Don't install polkit agent when
not needed, avoiding some unnecessary log lines in some cases. * Fix the
output of the sandboxed icon validator not being visible. * builld-init: Allow
specifying a full ref for the sdk, which is used to select the branch name
when checking sdk extensions. flatpak-builder 1.0.5 release: * Add
--add/remove-tag options * Allow using a full ref as sdk and use the branch
from that.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Kalev Lember <klember(a)redhat.com> - 1.0.5-1
- Update to 1.0.5
* Tue Feb 5 2019 Kalev Lember <klember(a)redhat.com> - 1.0.4-1
- Update to 1.0.4
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.3-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
flatpak-module-tools-0.9.2-1.fc29 (FEDORA-2019-095b7ce5c4)
Tools for maintaining Flatpak applications and runtimes as Fedora modules
--------------------------------------------------------------------------------
Update Information:
Version 0.9.2 * Fixes compatibility with Flatpak 1.2
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 fedora-toolbox <otaylor(a)redhat.com> - 0.9.2-1
- Version 0.9.2 - fix icon validation for Flatpak 1.2
--------------------------------------------------------------------------------
================================================================================
fuse-sshfs-3.5.1-1.fc29 (FEDORA-2019-200e6036d3)
FUSE-Filesystem to access remote filesystems via SSH
--------------------------------------------------------------------------------
Update Information:
* sshfs ver. 3.5.1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Peter Lemenkov <lemenkov(a)gmail.com> - 3.5.1-1
- Ver. 3.5.1
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.4.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1656826 - mv does not work on sshfs volumes (Numerical result out of range)
https://bugzilla.redhat.com/show_bug.cgi?id=1656826
--------------------------------------------------------------------------------
================================================================================
generic-release-29-1.fc29 (FEDORA-2019-b376a8352c)
Generic release files
--------------------------------------------------------------------------------
Update Information:
Fix presets to match fedora-release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Tom Callaway <spot(a)fedoraproject.org> - 29-1
- fix presets
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673660 - 90-default.preset is missing dbus service presets
https://bugzilla.redhat.com/show_bug.cgi?id=1673660
--------------------------------------------------------------------------------
================================================================================
geolite2-20190205-1.fc29 (FEDORA-2019-abebc6a8cf)
Free IP geolocation databases
--------------------------------------------------------------------------------
Update Information:
- Latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Carl George <carl(a)george.computer> - 20190205-1
- Latest upstream
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
20181204-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
ghostscript-9.26-1.fc29 (FEDORA-2019-077a3f23c0)
Interpreter for PostScript language & PDF
--------------------------------------------------------------------------------
Update Information:
- rebase to latest upstream version 9.26 - Security fix for CVE-2018-19478
CVE-2018-19134 CVE-2018-19477 CVE-2018-19476 CVE-2018-19475 CVE-2018-19409
CVE-2018-18284 CVE-2018-18073 CVE-2018-17961
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Martin Osvald <mosvald(a)redhat.com> - 9.26-1
- rebase to latest upstream version 9.26
- spec change to remove gsdoc.el due to upstream 8bc783cb586
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1656319 - CVE-2018-19478 ghostscript: Attempting to open a carefully crafted
PDF file results in long-running computation (699856) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1656319
[ 2 ] Bug #1656320 - CVE-2018-19134 ghostscript: Type confusion in setpattern (700141)
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1656320
[ 3 ] Bug #1658244 - [abrt] ghostscript: SkipPage(): gs killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1658244
[ 4 ] Bug #1654470 - CVE-2018-19477 ghostscript: access bypass in psi/zfjbig2.c (700168)
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1654470
[ 5 ] Bug #1654465 - CVE-2018-19476 ghostscript: access bypass in psi/zicc.c
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1654465
[ 6 ] Bug #1654460 - CVE-2018-19475 ghostscript: access bypass in psi/zdevice2.c
(700153) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1654460
[ 7 ] Bug #1652584 - CVE-2018-19409 ghostscript: Improperly implemented security check
in zsetdevice function in psi/zdevice.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1652584
[ 8 ] Bug #1642943 - CVE-2018-18284 ghostscript: 1Policy operator allows a sandbox
protection bypass [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1642943
[ 9 ] Bug #1642585 - CVE-2018-18073 ghostscript: Saved execution stacks can leak
operator arrays [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1642585
[ 10 ] Bug #1642579 - CVE-2018-17961 ghostscript: saved execution stacks can leak
operator arrays (incomplete fix for CVE-2018-17183) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1642579
[ 11 ] Bug #1663896 - GS fails to process many EPS files - Error: /nocurrentpoint in
--currentpoint--
https://bugzilla.redhat.com/show_bug.cgi?id=1663896
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-fork-3.0-3.fc29 (FEDORA-2019-de47878720)
Grid Community Toolkit - Fork Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Fix unexpanded macro in postun scriptlets.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.0-3
- Use ? with ldconfig macro
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-lsf-3.0-3.fc29 (FEDORA-2019-de47878720)
Grid Community Toolkit - LSF Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Fix unexpanded macro in postun scriptlets.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.0-3
- Use ? with ldconfig macro
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-pbs-3.0-3.fc29 (FEDORA-2019-de47878720)
Grid Community Toolkit - PBS Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Fix unexpanded macro in postun scriptlets.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.0-3
- Use ? with ldconfig macro
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
globus-gram-job-manager-sge-3.0-3.fc29 (FEDORA-2019-de47878720)
Grid Community Toolkit - Grid Engine Job Manager Support
--------------------------------------------------------------------------------
Update Information:
Fix unexpanded macro in postun scriptlets.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 3.0-3
- Use ? with ldconfig macro
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gnome-control-center-3.30.3-1.fc29 (FEDORA-2019-2eebd78890)
Utilities to configure the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
gnome-control-center 3.30.3 release with bug fixes and translation updates.
Display: - Various bugfixes Network: - Move AP list population into an idle
handler Power: - Fix device label alignment Thunderbolt: - Fix double free
in bolt client Universal Access: - Reverse Repeat Keys Speed direction
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Kalev Lember <klember(a)redhat.com> - 3.30.3-1
- Update to 3.30.3
--------------------------------------------------------------------------------
================================================================================
gnome-desktop3-3.30.2.1-1.fc29 (FEDORA-2019-56d8e9cc7b)
Library with common API for various GNOME modules
--------------------------------------------------------------------------------
Update Information:
gnome-desktop 3.30.2.1 release. - Various fixes for the thumbnailer sandbox
(#4, #81, #89, #90) - Fix use after free when generating preview icon (#87) -
Translation updates
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 Kalev Lember <klember(a)redhat.com> - 3.30.2.1-1
- Update to 3.30.2.1
- Sync package description with upstream README
--------------------------------------------------------------------------------
================================================================================
golang-github-hashicorp-hcl-1.0.0-1.fc29 (FEDORA-2019-912df5d57f)
HCL is a configuration language
--------------------------------------------------------------------------------
Update Information:
Update to first tagged version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.0.0-1
- Update to first tagged version
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
Forge-specific packaging variables
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Oct 23 2018 Nicolas Mailhot <nim(a)fedoraproject.org>
- 0-0.18
- redhat-rpm-config-123 triggers bugs in gosetup, remove it from Go spec files as it���s
just an alias
-
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.o...
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555807 - golang-github-hashicorp-hcl: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555807
--------------------------------------------------------------------------------
================================================================================
golang-github-pkg-errors-0.8.1-1.fc29 (FEDORA-2019-f01a015bb7)
Simple error handling primitives
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.8.1-1
- Update to latest version
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.8.0-0.5.git645ef00
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Oct 23 2018 Nicolas Mailhot <nim(a)fedoraproject.org>
- 0.8.0-0.4
- redhat-rpm-config-123 triggers bugs in gosetup, remove it from Go spec files as it���s
just an alias
-
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.o...
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.8.0-0.3.git645ef00
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1604218 - golang-github-pkg-errors: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604218
--------------------------------------------------------------------------------
================================================================================
greybird-3.22.10-1.fc29 (FEDORA-2019-3420f03cd3)
A clean minimalistic theme for Xfce, GTK+ 2 and 3
--------------------------------------------------------------------------------
Update Information:
Update to 3.22.10 with various bugfixes.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Kevin Fenzi <kevin(a)scrye.com> - 3.22.10-1
- Update to 3.22.10. Fixes bug #1674179
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.22.9-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1674179 - greybird-3.22.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1674179
--------------------------------------------------------------------------------
================================================================================
gsi-openssh-7.9p1-5.fc29 (FEDORA-2019-af3d726d38)
An implementation of the SSH protocol with GSI authentication
--------------------------------------------------------------------------------
Update Information:
CVE-2019-7639
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 7.9p1-5
- CVE-2019-7639
* Thu Feb 7 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 7.9p1-4
- Based on openssh-7.9p1-4.fc29
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.9p1-3.1
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673802 - Enabling PermitPAMUserChange allows to login with the correct
username and wrong password
https://bugzilla.redhat.com/show_bug.cgi?id=1673802
--------------------------------------------------------------------------------
================================================================================
gtk3-3.24.1-2.fc29 (FEDORA-2019-516cd0773c)
GTK+ graphical user interface library
--------------------------------------------------------------------------------
Update Information:
Revert changes that broke accessible window-related events.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Michael Catanzaro <mcatanzaro(a)gnome.org> - 3.24.1-2
- Revert changes that broke accessible window-related events
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-2.5.2-1.fc29 (FEDORA-2019-54ae005dc5)
A completion input method
--------------------------------------------------------------------------------
Update Information:
Update to 2.5.2 ---- Update to 2.5.1; Add option to automatically select the
best candidate
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mike FABIAN <mfabian(a)redhat.com> - 2.5.2-1
- Update to 2.5.2
- Fix test case for selecting non existing candidates for Fedora rawhide
- Update UnicodeData.txt to current Unicode 12.0 draft
- Update emoji data to Unicode 12.0 final for 2019
- Update emoji annotations from CLDR
- Initialize self.dictionary_sub_properties_prop_list = [] in self._init_properties()
(Resolves:
https://github.com/mike-fabian/ibus-typing-booster/issues/46)
- Fix test case for case mode change
- Improve filter for dictionary selection if langtable available
* Tue Jan 29 2019 Mike FABIAN <mfabian(a)redhat.com> - 2.5.1-1
- Update to 2.5.1
- Update translations from zanata (de, ja, fr, pl updated)
- Show also dictionary when ���Show status in auxiliary text��� is on
- Set notebook in setup tool to scrollable
- Make filter for dictionary selection work for language descriptions if langtable
available
- Show names of languages and territories in setup tool if langtable is available
- Add missing flag for csb_PL
- Add option to automatically select the best candidate
- Pressing Shift should not immediately change the case mode of the candidates
--------------------------------------------------------------------------------
================================================================================
inkscape-0.92.4-4.fc29 (FEDORA-2019-1d3f298c59)
Vector-based drawing program using SVG
--------------------------------------------------------------------------------
Update Information:
Drop gvfs dependency.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Gwyn Ciesla <gwync(a)protonmail.com> - 0.92.4-4
- Drop gvfs.
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.92.4-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jan 25 2019 Marek Kasik <mkasik(a)redhat.com> - 0.92.4-2
- Rebuild for poppler-0.73.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1528784 - inkscape should no longer require gvfs
https://bugzilla.redhat.com/show_bug.cgi?id=1528784
--------------------------------------------------------------------------------
================================================================================
inxi-3.0.31-1.fc29 (FEDORA-2019-825e6a4b88)
A full featured system information script
--------------------------------------------------------------------------------
Update Information:
Update to 3.0.31.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Vasiliy N. Glazov <vascom2(a)gmail.com> - 3.0.31-1
- Update to 3.0.31
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.0.29-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
jackson-annotations-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Core annotations for Jackson data processor
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-bom-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Bill of materials POM for Jackson projects
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-core-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Core part of Jackson
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-databind-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
General data-binding package for Jackson (2.x)
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release, fixes CVE-2018-14718 CVE-2018-147189
CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023
CVE-2018-14720 CVE-2018-14721
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-dataformat-xml-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Jackson extension component for reading and writing XML encoded data
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-dataformats-binary-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Jackson standard binary data format backends
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-dataformats-text-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Jackson standard text-format data format backends
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-datatype-jdk8-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Jackson module that adds supports for JDK 8 data types
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.6-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.6-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.7.6-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-datatype-joda-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Add-on module for Jackson to support Joda data-types
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-datatypes-collections-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Jackson datatypes: collections
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-jaxrs-providers-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Jackson JAX-RS providers
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-module-jsonSchema-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Jackson JSON Schema Module
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-modules-base-2.9.8-1.fc29 (FEDORA-2019-df57551f6d)
Jackson modules: Base
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.8-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.4-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jan 11 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.4-5
- Avoid running test that fails since Mockito 2.x
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
jackson-parent-2.9.1.2-1.fc29 (FEDORA-2019-df57551f6d)
Parent pom for all Jackson components
--------------------------------------------------------------------------------
Update Information:
Fixes CVE-2018-14718 CVE-2018-147189 CVE-2018-19360 CVE-2018-19361
CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and
CVE-2016-7051.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mat Booth <mat.booth(a)redhat.com> - 2.9.1.2-1
- Update to latest upstream release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.9.1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1555900 - jackson-datatype-jdk8: FTBFS in F28
https://bugzilla.redhat.com/show_bug.cgi?id=1555900
[ 2 ] Bug #1604397 - jackson-datatype-jdk8: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1604397
[ 3 ] Bug #1671098 - CVE-2018-12022 jackson-databind: polymorphic deserialization of
types from Jodd-db library [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671098
[ 4 ] Bug #1666490 - CVE-2018-19362 jackson-databind: improper polymorphic
deserialization in jboss-common-core class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666490
[ 5 ] Bug #1666486 - CVE-2018-19361 jackson-databind: improper polymorphic
deserialization in openjpa class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666486
[ 6 ] Bug #1666483 - CVE-2018-19360 jackson-databind: improper polymorphic
deserialization in axis2-transport-jms class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666483
[ 7 ] Bug #1666429 - CVE-2018-14721 jackson-databind: server-side request forgery (SSRF)
in axis2-jaxws class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666429
[ 8 ] Bug #1666424 - CVE-2018-14720 jackson-databind: exfiltration/XXE in some JDK
classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666424
[ 9 ] Bug #1666419 - CVE-2018-14719 jackson-databind: arbitrary code execution in
blaze-ds-opt and blaze-ds-core classes [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666419
[ 10 ] Bug #1666416 - CVE-2018-14718 jackson-databind: arbitrary code execution in
slf4j-ext class [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1666416
[ 11 ] Bug #1380206 - CVE-2016-7051 jackson-dataformat-xml: XmlMapper is vulnerable to
SSRF attack [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1380206
[ 12 ] Bug #1672925 - bouncycastle-1.61 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672925
[ 13 ] Bug #1667118 - CVE-2018-1000873 jackson-datatype-jsr310: jackson-modules-java8:
DoS due to an Improper Input Validation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1667118
[ 14 ] Bug #1671099 - CVE-2018-12023 jackson-databind: polymorphic deserialization of
types from Oracle JDBC driver [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671099
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-1.8.0.201.b09-2.fc29 (FEDORA-2019-8f2b27efce)
OpenJDK Runtime Environment 8
--------------------------------------------------------------------------------
Update Information:
January 2019 Oracle CPU update.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Andrew John Hughes <gnu.andrew(a)redhat.com> - 1:1.8.0.201.b09-2
- Add backport of JDK-8145096 (PR3693) to fix undefined behaviour issues on newer GCCs
* Tue Feb 5 2019 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:1.8.0.201.b09-1
- Update to aarch64-shenandoah-jdk8u201-b09.
* Tue Feb 5 2019 Nicolas De Amicis <deamicis(a)bluewin.ch> - 1:1.8.0.192.b12-1
- Added FX link of libglassgtk3.so
* Wed Jan 30 2019 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:1.8.0.192.b12-0
- Update to aarch64-shenandoah-jdk8u192-b12.
- Remove patches included upstream
- JDK-8031668/PR2842
- JDK-8148351/PR2842
- JDK-6260348/PR3066
- JDK-8061305/PR3335/RH1423421
- JDK-8188030/PR3459/RH1484079
- JDK-8205104/PR3539/RH1548475
- JDK-8185723/PR3553
- JDK-8186461/PR3557
- JDK-8201509/PR3579
- JDK-8075942/PR3602
- JDK-8203182/PR3603
- JDK-8206406/PR3610/RH1597825
- JDK-8206425
- JDK-8036003
- JDK-8201495/PR2415
- JDK-8150954/PR2866/RH1176206
- Re-generate patches (mostly due to upstream build changes)
- JDK-8073139/PR1758/RH1191652
- JDK-8143245/PR3548 (due to JDK-8202600)
- JDK-8197429/PR3546/RH1536622 (due to JDK-8189170)
- JDK-8199936/PR3533
- JDK-8199936/PR3591
- JDK-8207057/PR3613
- JDK-8210761/RH1632174 (due to JDK-8207402)
- PR3559 (due to JDK-8185723/JDK-8186461/JDK-8201509)
- PR3593 (due to JDK-8081202)
- RH1566890/CVE-2018-3639 (due to JDK-8189170)
- RH1649664 (due to JDK-8196516)
- Add 8160748 for AArch64 which is missing from upstream 8u version.
- Add port of 8189170 to AArch64 which is missing from upstream 8u version.
* Mon Jan 28 2019 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:1.8.0.191.b14-1
- Add 8131048 & 8164920 (PR3574/RH1498936) to provide a CRC32 intrinsic for PPC64.
* Thu Jan 24 2019 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:1.8.0.191.b14-0
- Introduce sa_arches for architectures with sa-jdi.jar and include aarch64
* Thu Jan 10 2019 Andrew Hughes <gnu.andrew(a)redhat.com> - 1:1.8.0.191.b14-0
- Update to aarch64-shenandoah-jdk8u191-b14.
- Adjust JDK-8073139/PR1758/RH1191652 to apply following 8155627 backport.
--------------------------------------------------------------------------------
================================================================================
kernel-4.20.7-200.fc29 (FEDORA-2019-93144c6642)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.20.7 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Justin M. Forbes <jforbes(a)fedoraproject.org> - 4.20.7-200
- Linux v4.20.7
--------------------------------------------------------------------------------
================================================================================
kernel-headers-4.20.7-200.fc29 (FEDORA-2019-93144c6642)
Header files for the Linux kernel for use by glibc
--------------------------------------------------------------------------------
Update Information:
The 4.20.7 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Justin M. Forbes <jforbes(a)fedoraproject.org> - 4.20.7-200
- Linux v4.20.7
--------------------------------------------------------------------------------
================================================================================
knights-18.12.2-1.fc29 (FEDORA-2019-50f86a1206)
A chess board for KDE
--------------------------------------------------------------------------------
Update Information:
18.12.2
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Gwyn Ciesla <limburgher(a)gmail.com> - 18.12.2-1
- 18.12.2
--------------------------------------------------------------------------------
================================================================================
libdvdread-6.0.1-1.fc29 (FEDORA-2019-ff3ceb2f0b)
A library for reading DVD video discs based on Ogle code
--------------------------------------------------------------------------------
Update Information:
* fix a regression on some DVDs, like Resident Evil * check
InternalUDFReadBlocksRaw I/O issues * fix issues with some DVDs burnt by Nero
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Dominik Mierzejewski <rpm(a)greysector.net> 6.0.1-1
- update to 6.0.1 (#1672721)
- drop upstreamed patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672721 - libdvdread-6.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672721
--------------------------------------------------------------------------------
================================================================================
libffado-2.4.1-6.fc29 (FEDORA-2019-a495593e5f)
Free firewire audio driver library
--------------------------------------------------------------------------------
Update Information:
Fixed the directory structure of the ffado package
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 2.4.1-6
- Added BR: python2-rpm-macros
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.4.1-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672797 - ffado installs python files in /ffado
https://bugzilla.redhat.com/show_bug.cgi?id=1672797
--------------------------------------------------------------------------------
================================================================================
libidn2-2.1.1a-1.fc29 (FEDORA-2019-89033102c0)
Library to support IDNA2008 internationalized domain names
--------------------------------------------------------------------------------
Update Information:
Libidn 2.1.1 (released 2019-02-08) ================================== * Revert
SONAME bump from release 2.1.0 * Fix NULL dereference in `idn2_register_u8()`
and `idn2_register_ul()` * Fix free of random value in `idn2_to_ascii_4i()` *
Improved fuzzer (which found the above issues) * Fix `printf()` crash in `test-
lookup.c` on Solaris * Check for valid unicode input in punycode encoder *
Avoid excessive CPU usage in punycode encoding with large inputs * Deprecate
`idn2_to_ascii_4i()` in favor of `idn2_to_ascii_4i2()` * Restrict output length
of `idn2_to_ascii_4i()` to 63 bytes Libidn 2.1.0 (released 2019-01-04)
================================== * Two exposed functions are no longer
exposed: `_idn2_punycode_encode()` and `_idn2_punycode_decode()` which were
meant to be used internally only. The output needs additional checks to be used
safely. This is the reason to for the SONAME bump, just in case. * Fix label
length check for `idn2_register_u8()` * Remove compiler warnings * Use gnulib-
python tool for bootstrapping if possible * Improve build system (several small
issues) * Add missing error messages to `idn2_strerror_name()` * Improve docs
and remove typos * Update gnulib
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Robert Scheck <robert(a)fedoraproject.org> 2.1.1a-1
- Upgrade to 2.1.1a (#1674002 #c1)
* Sat Feb 9 2019 Robert Scheck <robert(a)fedoraproject.org> 2.1.1-1
- Upgrade to 2.1.1 (#1674002, #1674023)
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.0.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1674023 - A new version of libidn2 has been released to fix a bug
https://bugzilla.redhat.com/show_bug.cgi?id=1674023
[ 2 ] Bug #1674002 - libidn2-2.1.1a is available
https://bugzilla.redhat.com/show_bug.cgi?id=1674002
--------------------------------------------------------------------------------
================================================================================
libpng-1.6.34-7.fc29 (FEDORA-2019-335c3ad86a)
A library of functions for manipulating PNG image format files
--------------------------------------------------------------------------------
Update Information:
Fix for **CVE-2019-7317**
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Nikola Forr�� <nforro(a)redhat.com> - 2:1.6.34-7
- Fix CVE-2019-7317 (#1672411)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672411 - CVE-2019-7317 libpng: use-after-free in png_image_free in png.c
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1672411
--------------------------------------------------------------------------------
================================================================================
libproxy-0.4.15-10.fc29 (FEDORA-2019-7285a847c4)
A library handling all the details of proxy configuration
--------------------------------------------------------------------------------
Update Information:
Update libproxy to build with mozjs60, matching with how gjs is built. This
should hopefully fix crashes that happened in gnome-weather when running outside
of GNOME (which ended up loading both mozjs52 and mozjs60 in the same process,
leading to symbol conflicts). This may also fix
https://bugzilla.redhat.com/show_bug.cgi?id=1647981; testing appreciated. If
you are testing this update, please note if you are using GNOME or another
desktop environment, to make sure we don't regress either case. I'll leave
autokarma disabled to get sufficient testing.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Kalev Lember <klember(a)redhat.com> - 0.4.15-10
- Build with mozjs60
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1647981 - libproxy-0.4.15-9.fc29.x86_64 core dump
https://bugzilla.redhat.com/show_bug.cgi?id=1647981
[ 2 ] Bug #1524507 - libproxy-mozjs causes gnome-weather to crash
https://bugzilla.redhat.com/show_bug.cgi?id=1524507
--------------------------------------------------------------------------------
================================================================================
libreoffice-6.1.5.2-1.fc29 (FEDORA-2019-fb354240c6)
Free Software Productivity Suite
--------------------------------------------------------------------------------
Update Information:
- latest 6.1 stable release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Caol��n McNamara <caolanm(a)redhat.com> - 1:6.1.5.2-1
- latest 6.1 release
--------------------------------------------------------------------------------
================================================================================
libunicapgtk-0.9.8-21.fc29 (FEDORA-2019-7d1394eff5)
Library to build graphical widgets for the unicap library
--------------------------------------------------------------------------------
Update Information:
- Avoid `/usr/@DATADIRNAME@/locale/` directory (#1657538)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Robert Scheck <robert(a)fedoraproject.org> 0.9.8-21
- Avoid /usr/@DATADIRNAME@/locale/ directory (#1657538)
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.8-20
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1657538 - @DATADIRNAME@
https://bugzilla.redhat.com/show_bug.cgi?id=1657538
--------------------------------------------------------------------------------
================================================================================
lua-lgi-0.9.2-4.fc29 (FEDORA-2019-27fc2b15d9)
Lua bindings to GObject libraries
--------------------------------------------------------------------------------
Update Information:
Update AwesomeWM to 4.3. See
https://awesomewm.org/doc/api/documentation/89-NEWS.md.html for the list of
changes.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Thomas Moschny <thomas.moschny(a)gmx.de> - 0.9.2-4
- Update BRs.
- Add one patch to fix a problem on s390x, and one to fix a warning in
the testsuite.
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.2-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
mandoc-1.14.4-1.fc29 (FEDORA-2019-a1fe63637e)
A suite of tools for compiling mdoc and man
--------------------------------------------------------------------------------
Update Information:
Initial package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673214 - Review Request: mandoc - A suite of tools for compiling mdoc and
man
https://bugzilla.redhat.com/show_bug.cgi?id=1673214
--------------------------------------------------------------------------------
================================================================================
mellowplayer-3.5.1-1.20190206git402e336.fc29 (FEDORA-2019-10f9994cf7)
Cloud music integration for your desktop
--------------------------------------------------------------------------------
Update Information:
- Update to 3.5.1-1.20190206git402e336 - Add patch for F30 %%{name}-suppress-
compiler-warnings.patch
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Martin Gansser <martinkg(a)fedoraproject.org> -
3.5.1-1.20190206git402e336
- Update to 3.5.1-1.20190206git402e336
- Add patch for F30 %{name}-suppress-compiler-warnings.patch
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
3.5.0-2.20181227git40ef9dd
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
mingw-sqlite-3.26.0.0-1.fc29 (FEDORA-2019-49f80a78bc)
MinGW Windows port of sqlite embeddable SQL database engine
--------------------------------------------------------------------------------
Update Information:
- update to 3.26.0.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Thomas Sailer <t.sailer(a)alumni.ethz.ch> - 3.26.0.0-1
- update to 3.26.0.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1659908 - CVE-2018-20346 mingw-sqlite: sqlite: Multiple flaws in sqlite which
can be triggered via corrupted internal databases (Magellan) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1659908
[ 2 ] Bug #1558808 - CVE-2018-8740 mingw-sqlite: sqlite: NULL pointer dereference with
databases with schema corrupted with CREATE TABLE AS allows for denial of service
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1558808
[ 3 ] Bug #1352440 - CVE-2016-6153 mingw-sqlite: sqlite: Tempdir selection vulnerability
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1352440
--------------------------------------------------------------------------------
================================================================================
mkvtoolnix-30.1.0-1.fc29 (FEDORA-2019-f3c00f6b99)
Matroska container manipulation utilities
--------------------------------------------------------------------------------
Update Information:
# Version 30.1.0 "Forever And More" 2019-01-05 ## Bug fixes * MKVToolNix GUI:
chapter editor: when opening a Matroska/WebM file that doesn't contain chapters
and later saving chapters back to them, the editor was truncating the file down
to a couple of KB in size. This was a regression introduced with the
implementation of #2439 in v30.0.0 Fixes #2476. # Version 30.0.0
"Interstellar" 2019-01-04 ## New features and enhancements * mkvextract: WAV
extractor: mkvextract will now write W64 files instead of WAV files if the file
name extension is `.w64` or if the final file size is bigger than 4 GB, the file
size limit for WAV files. Implements #2458. * MKVToolNix GUI: multiplexer: a new
button was added next to the "destination file" controls. Clicking it shows a
menu with the ten most recently used output directories. Selecting one of them
will change the destination file to the selected directory keeping the file
name. Implements #2468. * MKVToolNix GUI: multiplexer (preferences): the ten
most recently used values for the "relative output directory" and "fixed
output
directory" settings are now saved. The corresponding settings have been changed
into combo boxes allowing quick access to those recent values. * MKVToolNix GUI:
multiplexer (preferences): the predefined split sizes and durations can now be
customized in the preferences. * MKVToolNix GUI: chapter editor: added an option
in the "Chapter editor" menu for appending chapters from an existing file to
the
currently open editor tab. Part of the implementation of #2439. * MKVToolNix
GUI: chapter editor: added an action in the context menu for copying the
selected entry and all of its children to another open editor tab. Part of the
implementation of #2439. ## Bug fixes * mkvmerge: all files opened for writing
will now be flushed once before they're closed. This ensures the operating
system actually writes all cached data to disk preventing data loss in certain
situations such as power outages or buggy drivers in combination with suspending
the computer. Fixes #2469. * mkvmerge: AAC: under certain conditions 8 channel
audio files were taken for 7 channel ones. * MKVToolNix GUI: multiplexer:
removing a file added as an "additional part" will no longer cause a crash.
Fixes #2461. * source code: fixed compilation with Boost 1.69.0 after API-
breaking change to the `boost::tribool` class. Fixes #2460.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Dominik Mierzejewski <rpm(a)greysector.net> - 30.1.0-1
- update to 30.1.0
--------------------------------------------------------------------------------
================================================================================
mod_auth_token-1.0.5-16.fc29 (FEDORA-2019-9ba0edae32)
Token based URI access module for Apache
--------------------------------------------------------------------------------
Update Information:
- Update spec file to match recent guidelines - Add patch to update deprecated
autoconf macros - Add patch to apply LDFLAGS properly
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Bj��rn Esser <besser82(a)fedoraproject.org> - 1.0.5-16
- Update spec file to match recent guidelines
- Add patch to update deprecated autoconf macros
- Add patch to apply LDFLAGS properly
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.5-15
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
mosquitto-1.5.6-1.fc29 (FEDORA-2019-032b36306f)
An Open Source MQTT v3.1/v3.1.1 Broker
--------------------------------------------------------------------------------
Update Information:
Fixes for the following CVES: * CVE-2018-12546 * CVE-2018-12550 *
CVE-2018-12551 The list of other fixes addressed in version 1.5.6 is: Broker:
* Fixed comment handling for config options that have optional arguments. *
Improved documentation around bridge topic remapping. * Handle mismatched
handshakes (e.g. QoS1 PUBLISH with QoS2 reply) properly. * Fix spaces not being
allowed in the bridge remote_username option. Closes #1131. * Allow broker to
always restart on Windows when using log_dest file. Closes #1080. * Fix Will not
being sent for Websockets clients. Closes #1143. * Windows: Fix possible crash
when client disconnects. Closes #1137. * Fixed durable clients being unable to
receive messages when offline, when per_listener_settings was set to true.
Closes #1081. * Add log message for the case where a client is disconnected for
sending a topic with invalid UTF-8. Closes #1144. Library: * Fix TLS
connections not working over SOCKS. * Don't clear SSL context when TLS
connection is closed, meaning if a user provided an external SSL_CTX they have
less chance of leaking references.
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Peter Robinson <pbrobinson(a)fedoraproject.org> 1.5.6-1
- 1.5.6 release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.5-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
munin-2.0.45-1.fc29 (FEDORA-2019-005db71209)
Network-wide resource monitoring tool
--------------------------------------------------------------------------------
Update Information:
Upstream update to 2.0.45.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Kim B. Heino <b(a)bbbs.net> - 2.0.45-1
- Upgrade to 2.0.45
* Mon Jan 28 2019 Kim B. Heino <b(a)bbbs.net> - 2.0.44-2
- Add smart_ plugin config to 00-default
* Thu Dec 20 2018 Kim B. Heino <b(a)bbbs.net> - 2.0.44-1
- Upgrade to 2.0.44
--------------------------------------------------------------------------------
================================================================================
mutt-1.11.3-1.fc29 (FEDORA-2019-7bb21ad3f6)
A text mode mail user agent
--------------------------------------------------------------------------------
Update Information:
Upgrade to 1.11.3
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Matej Mu��ila <mmuzila(a)redhat.com> - 5:1.11.3-1
- Upgrade to 1.11.3
- Resolves #1659217
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
5:1.10.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1659217 - mutt does not correctly decode PGP emails
https://bugzilla.redhat.com/show_bug.cgi?id=1659217
[ 2 ] Bug #1660868 - mutt-1.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1660868
[ 3 ] Bug #1671851 - mutt-1.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1671851
--------------------------------------------------------------------------------
================================================================================
nbd-3.19-1.fc29 (FEDORA-2019-fab29b6708)
Network Block Device user-space tools (TCP version)
--------------------------------------------------------------------------------
Update Information:
New upstream version 3.19 (RHBZ#1671079).
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Richard W.M. Jones <rjones(a)redhat.com> - 3.19-1
- New upstream version 3.19 (RHBZ#1671079).
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.18-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sun Nov 4 2018 Robin Lee <cheeselee(a)fedoraproject.org> - 3.18-1
- Update to 3.18
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1671079 - nbd-3.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1671079
--------------------------------------------------------------------------------
================================================================================
ncdu-1.14-1.fc29 (FEDORA-2019-283fc2ed97)
Text-based disk usage viewer
--------------------------------------------------------------------------------
Update Information:
Update to 1.14. Changes in this release: * Add mtime display and sorting * Add
(limited) `--follow-symlinks` option * Display larger file counts in browser UI
* Add `-V`, `--version`, and `--help` alias flags * Fix crash when attempting to
sort an empty directory * Fix 100% CPU bug when ncdu loses the terminal * Fix
`--color=off` flag * Fix some typos
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 Richard Fearn <richardfearn(a)gmail.com> - 1.14-1
- Update to new upstream version 1.14 (#1672365)
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.13-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672365 - ncdu-1.14 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672365
--------------------------------------------------------------------------------
================================================================================
ncid-1.10.1-7.fc29 (FEDORA-2019-992da90f85)
Network Caller ID server, client and gateways
--------------------------------------------------------------------------------
Update Information:
removed ncid-mythtv.patch ---- added more makefiles changes in ncid-
makefiles.patch
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 John Chmielewski <jlcjohn(a)fedoraproject.org> - 1.10.1-7
- removed ncid-mythtv.patch
* Tue Feb 5 2019 John Chmielewski <jlcjohn(a)fedoraproject.org> - 1.10.1-6
- added more makefiles changes in ncid-makefiles.patch
- changed README.desktop to README-desktop
* Sat Feb 2 2019 John Chmielewski <jlcjohn(a)fedoraproject.org> - 1.10.1-5
- added ncid-mythtv.patch
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.10.1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jan 31 2019 John Chmielewski <jlcjohn(a)fedoraproject.org> - 1.10.1-3
- added ncid-makefiles.patch
* Mon Jan 28 2019 John Chmielewski <jlcjohn(a)fedoraproject.org> - 1.10.1-2
- Removed obsolete Group tags
- created default server modem port and lockfile
- created the ncid-gateway package
- creates the ncid-mythtv package again
- changed mythtvosd to mythutil in ncid-mythtv
- updated Source0 URL
- New upstream release.
* Fri Dec 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.10-2
- New upstream release.
--------------------------------------------------------------------------------
================================================================================
ndctl-64.1-1.fc29 (FEDORA-2019-01ba53f785)
Manage "libnvdimm" subsystem devices (Non-volatile Memory)
--------------------------------------------------------------------------------
Update Information:
release v64.1 ---- release v64
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Vishal Verma <vishal.l.verma(a)intel.com> - 64.1-1
- release v64.1
* Mon Feb 4 2019 Vishal Verma <vishal.l.verma(a)intel.com> - 64-1
- release v64
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 63-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672858 - ndctl-64.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1672858
[ 2 ] Bug #1671933 - ndctl-64 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1671933
--------------------------------------------------------------------------------
================================================================================
net-snmp-5.8-6.fc29 (FEDORA-2019-3ae06fb0a4)
A collection of SNMP protocol tools and libraries
--------------------------------------------------------------------------------
Update Information:
Fix address assigning from clientaddr option
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Josef Ridky <jridky(a)redhat.com> - 1:5.8-6
- fix IPv6 address assignment for clientaddr option (#1673272)
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1:5.8-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 14 2019 Bj��rn Esser <besser82(a)fedoraproject.org> - 1:5.8-4
- Rebuilt for libcrypt.so.2 (#1666033)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673272 - IPv6 address from clientaddr option is not assigned
https://bugzilla.redhat.com/show_bug.cgi?id=1673272
--------------------------------------------------------------------------------
================================================================================
netmask-2.4.4-1.fc29 (FEDORA-2019-0723b8f333)
Utility for determining network masks
--------------------------------------------------------------------------------
Update Information:
Security bugfix buffer overflow reported at upstream 2019-01-30; updated sources
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Francisco Javier Tsao Sant��n <tsao(a)gpul.org> - 2.4.4-1
- Security bugfix buffer overflow reported at upstream 2019-01-30; updated sources
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673809 - netmask: buffer overflow in error.c
https://bugzilla.redhat.com/show_bug.cgi?id=1673809
--------------------------------------------------------------------------------
================================================================================
nodejs-yarn-1.13.0-1.fc29 (FEDORA-2019-b475606e18)
Fast, reliable, and secure dependency management.
--------------------------------------------------------------------------------
Update Information:
Update to 1.13.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Zuzana Svetlikova <zsvetlik(a)redhat.com> - 1.13.0-1
- Update
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.9.2-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1612408 - nodejs-yarn-1.9.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1612408
--------------------------------------------------------------------------------
================================================================================
nss-pem-1.0.5-1.fc29 (FEDORA-2019-770bc0bbfc)
PEM file reader for Network Security Services (NSS)
--------------------------------------------------------------------------------
Update Information:
- update to latest upstream bugfix release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Kamil Dudka <kdudka(a)redhat.com> 1.0.5-1
- update to latest upstream bugfix release
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
openjfx-8.0.202-5.b07.fc29 (FEDORA-2019-9a53d59e9f)
Rich client application platform for Java
--------------------------------------------------------------------------------
Update Information:
Fix compilation flags (see bug 1667675) and GTK3 support added (libglassgtk3.so)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Feb 4 2019 Nicolas De Amicis <deamicis(a)bluewin.ch> - 8.0.202-5.b07
- Fix compilation flags (see bug 1667675)
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
8.0.202-4.b07
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jan 18 2019 Nicolas De Amicis <deamicis(a)bluewin.ch> - 8.0.202-3.b07
- Update to upstream version 8.0.202b07 and adding gtk3 support
(libglassgtk3.so)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1667675 - The program 'java' received an X Window System error
https://bugzilla.redhat.com/show_bug.cgi?id=1667675
--------------------------------------------------------------------------------
================================================================================
openssh-7.9p1-4.fc29 (FEDORA-2019-0576ad8060)
An open source implementation of SSH protocol version 2
--------------------------------------------------------------------------------
Update Information:
This update brings minor bugfixes and updates default configuration to have
lower priority than the configuration specified by users, finally allowing to
overwrite default configuration options.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Jakub Jelen <jjelen(a)redhat.com> - 7.9p1-4 + 0.10.3.6
- Log when a client requests an interactive session and only sftp is allowed
- Fix minor issues in ssh-copy-id
- Enclose redhat specific configuration with Match final block
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 7.9p1-3.2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1630166 - crypto-policies trump post-canonicalization ssh settings
https://bugzilla.redhat.com/show_bug.cgi?id=1630166
[ 2 ] Bug #1438326 - System-wide "Host *" block incompatible with
CanonicalizeHostname directive
https://bugzilla.redhat.com/show_bug.cgi?id=1438326
--------------------------------------------------------------------------------
================================================================================
osbs-client-0.52-1.fc29 (FEDORA-2019-28e90de972)
Python command line client for OpenShift Build Service
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 3 2018 Clement Verna <cverna(a)fedoraproject.org> - 0.52-1
- Update to latest upstream
--------------------------------------------------------------------------------
================================================================================
perl-Applify-0.15-2.fc29 (FEDORA-2019-c10826b35b)
Write object oriented perl scripts with ease
--------------------------------------------------------------------------------
Update Information:
The Applify module should keep all the noise away and let you write perl scripts
very easily. These scripts can even be unit tested even though they are defined
directly in the script file and not in a module.
--------------------------------------------------------------------------------
================================================================================
perl-File-BOM-0.16-1.fc29 (FEDORA-2019-606a1025e1)
Utilities for handling Byte Order Marks
--------------------------------------------------------------------------------
Update Information:
Updated to the latest release
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Jitka Plesnikova <jplesnik(a)redhat.com> - 0.16-1
- 0.16 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673009 - perl-File-BOM-0.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1673009
--------------------------------------------------------------------------------
================================================================================
perl-MongoDB-2.0.3-1.fc29 (FEDORA-2019-0ea1d68bd7)
A MongoDB Driver for Perl
--------------------------------------------------------------------------------
Update Information:
This release fixes parsing mobgodb+srv URI with ssl=true option.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Petr Pisar <ppisar(a)redhat.com> - 2.0.3-1
- 2.0.3 bump
- Disable tests that need a server on recent Fedoras
(<
https://fedoraproject.org/wiki/Changes/MongoDB_Removal>, bug #1673849)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673655 - perl-MongoDB-2.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1673655
--------------------------------------------------------------------------------
================================================================================
perl-Perl-PrereqScanner-NotQuiteLite-0.9903-2.fc29 (FEDORA-2019-2e81a7f560)
A tool to scan your Perl code for its prerequisites
--------------------------------------------------------------------------------
Update Information:
These are the first Fedora 29 builds of perl-Regexp-Trie and perl-Perl-
PrereqScanner-NotQuiteLite.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672274 - Review Request: perl-Regexp-Trie - Build trie-ized regexp
https://bugzilla.redhat.com/show_bug.cgi?id=1672274
[ 2 ] Bug #1672313 - Review Request: perl-Perl-PrereqScanner-NotQuiteLite - A tool to
scan your Perl code for its prerequisites
https://bugzilla.redhat.com/show_bug.cgi?id=1672313
--------------------------------------------------------------------------------
================================================================================
perl-Regexp-Trie-0.02-2.fc29 (FEDORA-2019-2e81a7f560)
Build trie-ized regexp
--------------------------------------------------------------------------------
Update Information:
These are the first Fedora 29 builds of perl-Regexp-Trie and perl-Perl-
PrereqScanner-NotQuiteLite.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1672274 - Review Request: perl-Regexp-Trie - Build trie-ized regexp
https://bugzilla.redhat.com/show_bug.cgi?id=1672274
[ 2 ] Bug #1672313 - Review Request: perl-Perl-PrereqScanner-NotQuiteLite - A tool to
scan your Perl code for its prerequisites
https://bugzilla.redhat.com/show_bug.cgi?id=1672313
--------------------------------------------------------------------------------
================================================================================
php-7.2.15-1.fc29 (FEDORA-2019-766f747c2b)
PHP scripting language for creating dynamic web sites
--------------------------------------------------------------------------------
Update Information:
**PHP version 7.2.15** (07 Feb 2019) **Core:** * Fixed bug php#77339
(__callStatic may get incorrect arguments). (Dmitry) * Fixed bug php#77494
(Disabling class causes segfault on member access). (Dmitry) * Fixed bug
php#77530 (PHP crashes when parsing `(2)::class`). (Ekin) **Curl:** * Fixed
bug php#76675 (Segfault with H2 server push). (Pedro Magalh��es) **GD:** *
Fixed bug php#73281 (imagescale(���, IMG_BILINEAR_FIXED) can cause black border).
(cmb) * Fixed bug php#73614 (gdImageFilledArc() doesn't properly draw pies).
(cmb) * Fixed bug php#77272 (imagescale() may return image resource on failure).
(cmb) * Fixed bug php#77391 (1bpp BMPs may fail to be loaded). (Romain D��oux,
cmb) * Fixed bug php#77479 (imagewbmp() segfaults with very large images). (cmb)
**ldap:** * Fixed bug php#77440 (ldap_bind using ldaps or
ldap_start_tls()=exception in libcrypto-1_1-x64.dll). (Anatol) **Mbstring:** *
Fixed bug php#77454 (mb_scrub() silently truncates after a null byte).
(64796c6e69 at gmail dot com) **MySQLnd:** * Fixed bug php#75684 (In
mysqlnd_ext_plugin.h the plugin methods family has no external visibility).
(Anatol) **Opcache:** * Fixed bug php#77361 (configure fails on 64-bit AIX
when opcache enabled). (Kevin Adler) **OpenSSL:** * Fixed bug php#77390 (feof
might hang on TLS streams in case of fragmented TLS records). (Abyl Valg, Jakub
Zelenka) **PDO:** * Fixed bug php#77273 (array_walk_recursive corrupts value
types leading to PDO failure). (Nikita) **Sockets:** * Fixed bug php#76839
(socket_recvfrom may return an invalid 'from' address on MacOS). (Michael Meyer)
**Standard:** * Fixed bug php#77395 (segfault about array_multisort).
(Laruence) * Fixed bug php#77439 (parse_str segfaults when inserting item into
existing array). (Nikita)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Remi Collet <remi(a)remirepo.net> - 7.2.15-1
- Update to 7.2.15 -
http://www.php.net/releases/7_2_15.php
--------------------------------------------------------------------------------
================================================================================
php-alcaeus-mongo-php-adapter-1.1.6-1.fc29 (FEDORA-2019-d8e8f0b24d)
Mongo PHP Adapter
--------------------------------------------------------------------------------
Update Information:
**Version 1.1.6** (2019-02-08) All issues and pull requests under this release
may be found under the [
1.1.6](https://github.com/alcaeus/mongo-php-
adapter/issues?q=milestone%3A1.1.6) milestone. *
[#244](https://github.com/alcaeus/mongo-php-adapter/pull/244) fixes a null
acces when converting exceptions. * [#236](https://github.com/alcaeus/mongo-
php-adapter/pull/236) allows using `0` as key in documents. *
[#234](https://github.com/alcaeus/mongo-php-adapter/pull/234) removes an
invalid attribute from phpunit.xml.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Remi Collet <remi(a)remirepo.net> - 1.1.6-1
- update to 1.1.6
- drop patch merged upstream
- disable test suite and so mongodb-server build dependency
for
https://fedoraproject.org/wiki/Changes/MongoDB_Removal
--------------------------------------------------------------------------------
================================================================================
php-getid3-1.9.17-1.fc29 (FEDORA-2019-f6ae34b14f)
The PHP media file parser
--------------------------------------------------------------------------------
Update Information:
**Version 1.9.17** (2019-02-07) * bugfix (G:178) HandleAllTags should skip
"picture" * bugfix (G:177) error checking for reading more than PHP
memory_limit * bugfix (G:176) improved mp3 detection in remote-file demo *
bugfix (G:173) Add filepointer option to analyze/openfile function * bugfix
(G:170) Add support for WXXX (URL) and APIC (attached picture) subframes inside
ID3v2 chapters * bugfix: write.id3v2 year field * bugfix: mp3.APE permit
optional " dB" in ReplayGain tags * placeholder support for .xz file format
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Remi Collet <remi(a)remirepo.net> - 1.9.17-1
- update to 1.9.17
- add weak dependencies on suggested extension
--------------------------------------------------------------------------------
================================================================================
php-icewind-smb2-2.0.6-1.fc29 (FEDORA-2019-33f634b691)
php wrapper for smbclient and libsmbclient-php
--------------------------------------------------------------------------------
Update Information:
**Version 2.0.6** * Workaround behaviour of some servers that return
incorrect data from allinfo * Improved timezone detection
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Remi Collet <remi(a)remirepo.net> - 2.0.6-1
- update to 2.0.6
--------------------------------------------------------------------------------
================================================================================
php-league-tactician-1.0.3-1.fc29 (FEDORA-2019-0d5a571798)
A small, flexible command bus
--------------------------------------------------------------------------------
Update Information:
A small, flexible command bus. Handy for building service layers.
Documentation:
http://tactician.thephpleague.com/ Autoloader:
/usr/share/php/League/Tactician/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1663168 - Review Request: php-league-tactician - A small, flexible command
bus
https://bugzilla.redhat.com/show_bug.cgi?id=1663168
--------------------------------------------------------------------------------
================================================================================
php-myclabs-php-enum-1.6.6-1.fc29 (FEDORA-2019-fdf49e05a1)
PHP Enum implementation
--------------------------------------------------------------------------------
Update Information:
**Version 1.6.6** * Fix #84 Require ext-json explicitly in composer.json to
avoid bugs when the JSON extension is not installed ----- **Version 1.6.5** -
Fix #83: It is now possible to create a new Enum instance from another Enum
instance
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 Remi Collet <remi(a)remirepo.net> - 1.6.6-1
- update to 1.6.6
--------------------------------------------------------------------------------
================================================================================
php-pecl-pcov-1.0.0-2.fc29 (FEDORA-2019-0a4ac3d14b)
Code coverage driver
--------------------------------------------------------------------------------
Update Information:
A self contained php-code-coverage compatible driver for PHP7.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1671748 - Review Request: php-pecl-pcov - Code coverage driver
https://bugzilla.redhat.com/show_bug.cgi?id=1671748
--------------------------------------------------------------------------------
================================================================================
php-pecl-uopz-6.0.1-2.fc29 (FEDORA-2019-43b39ce966)
User Operations for Zend
--------------------------------------------------------------------------------
Update Information:
**Version 6.0.1** - Add `uopz.exit` configuration option, to allow the
execution of exit opcodes or not (default=0 to keep current behavior) - Improve
opcache optimizer compatibility - Display ini settings in module info ----
**Version 6.0.0** - **Breaking change** to `uopz_set_mock`: now behaves like
the old test-helpers new overload - Fixed redefine/undefine namespaced constants
- Fix flags being ignored when adding functions - Remove executor hook for
maximum compatibility ----- **RPM changes** - refresh package description
from upstream - update provided configuration with available options and link to
documentation
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Remi Collet <remi(a)remirepo.net> - 6.0.1-2
- update to 6.0.1
- update provided default configuration
- update package description from upstream
* Wed Jan 30 2019 Remi Collet <remi(a)remirepo.net> - 6.0.0-1
- update to 6.0.0
--------------------------------------------------------------------------------
================================================================================
php-sensiolabs-security-checker-5.0.3-1.fc29 (FEDORA-2019-2702088484)
A security checker for your composer.lock
--------------------------------------------------------------------------------
Update Information:
The SensioLabs Security Checker is a command line tool that checks if your
application uses dependencies with known security vulnerabilities. It uses the
Security Check Web service and the Security Advisories Database. Autoloader:
/usr/share/php/SensioLabs/Security/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1663245 - Review Request: php-sensiolabs-security-checker - A security
checker for your composer.lock
https://bugzilla.redhat.com/show_bug.cgi?id=1663245
--------------------------------------------------------------------------------
================================================================================
php-zendframework-zendservice-recaptcha-3.2.0-1.fc29 (FEDORA-2019-2e0faee316)
Zend Framework ReCaptcha component
--------------------------------------------------------------------------------
Update Information:
**Version 3.2.0** - 2019-02-07 **Added** -
[#14](https://github.com/zendframework/ZendService_ReCaptcha/pull/14) adds
support for PHP 7.3. **Removed** -
[#14](https://github.com/zendframework/ZendService_ReCaptcha/pull/14) removes
support for zend-stdlib v2, by explicitly requiring v3 releases. (zend-stdlib
v2 was an implicit dependency previously.)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Remi Collet <remi(a)remirepo.net> - 3.2.0-1
- update to 3.2.0
- add dependency on zend-stdlib 3.2.1
--------------------------------------------------------------------------------
================================================================================
phpunit7-7.5.4-1.fc29 (FEDORA-2019-86edb72b18)
The PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:
**Version 7.5.4** - 2019-02-07 **Fixed** * Fixed
[#3352](https://github.com/sebastianbergmann/phpunit/issues/3352): Using
`phpunit.phar` with PHPDBG does not work with `auto_globals_jit=On` * Fixed
[#3502](https://github.com/sebastianbergmann/phpunit/issues/3502): Numeric
`@ticket` or `@group` annotations no longer work ---- **Version 7.5.3** -
2019-02-01 **Fixed** * Fixed
[#3490](https://github.com/sebastianbergmann/phpunit/pull/3490): Exceptions in
`tearDownAfterClass()` kill PHPUnit **Deprecated** * The method
`assertArraySubset()` is now deprecated. There is no behavioral change in this
version of PHPUnit. Using this method will trigger a deprecation warning in
PHPUnit 8 and in PHPUnit 9 this method will be removed.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Remi Collet <remi(a)remirepo.net> - 7.5.4-1
- update to 7.5.4
* Fri Feb 1 2019 Remi Collet <remi(a)remirepo.net> - 7.5.3-1
- update to 7.5.3
--------------------------------------------------------------------------------
================================================================================
pocl-1.2-1.fc29 (FEDORA-2019-d507f3fa47)
Portable Computing Language - an OpenCL implementation
--------------------------------------------------------------------------------
Update Information:
Update to 1.2 release and rebuild to fix rhbz#1671819.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 27 2018 Igor Gnatenko <ignatenkobrain(a)fedoraproject.org> - 1.2-1
- Update to 1.2
* Tue Nov 27 2018 Igor Gnatenko <ignatenkobrain(a)fedoraproject.org> - 1.2~rc1-1
- Use tilde versioning
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1671819 - POCL package needs rebuilt using available current clang version
https://bugzilla.redhat.com/show_bug.cgi?id=1671819
--------------------------------------------------------------------------------
================================================================================
python-bugzilla-2.2.0-3.fc29 (FEDORA-2019-91a4d41173)
Python library for interacting with Bugzilla
--------------------------------------------------------------------------------
Update Information:
* Fix SafeConfigParser warnings
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Cole Robinson <crobinso(a)redhat.com> - 2.2.0-3
- Fix SafeConfigParser warnings
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.2.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-cliapp-1.20180121-1.fc29 (FEDORA-2019-258f903de2)
Python framework for Unix command line programs
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Sun Feb 3 2019 Michel Alexandre Salim <salimma(a)fedoraproject.org> - 1.20180121-1
- Update to 1.20180121
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.20160724-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
1.20160724-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1605630 - python-cliapp: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1605630
[ 2 ] Bug #1359556 - python-cliapp-1.20180121.orig is available
https://bugzilla.redhat.com/show_bug.cgi?id=1359556
--------------------------------------------------------------------------------
================================================================================
python-impacket-0.9.18-3.fc29 (FEDORA-2019-9bc1a83c87)
Collection of Python classes providing access to network packets
--------------------------------------------------------------------------------
Update Information:
Update to bugfix release. Update the EPEL packaging.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 Michal Ambroz <rebus _AT seznam.cz> - 0.9.18-3
- conditional dependencies for EPEL7 - python-flask and pyOpenSSL
* Mon Feb 4 2019 Michal Ambroz <rebus _AT seznam.cz> - 0.9.18-2
- add missing dependencies for EPEL7 - python2-setuptools
- patch setup.py to remove python_version to meet RHEL7 setuptools version
* Mon Feb 4 2019 Michal Ambroz <rebus _AT seznam.cz> - 0.9.18-1
- bump to version 0.9.18
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> -
0.9.17-0.4.20180308gite0af5bb
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-markdown2-2.3.7-1.fc29 (FEDORA-2019-095c760511)
A fast and complete Python implementation of Markdown
--------------------------------------------------------------------------------
Update Information:
## python-markdown2 2.3.7 - [pull #306] Drop support for legacy Python versions
- [pull #307] Fix syntax highlighting test cases that depend on Pygments output
- [pull #308] Add support for Python 3.7 - [pull #304] Add Wheel package support
- [pull #312] Fix toc_depth initialization regression - [pull #315] XSS fix
--------------------------------------------------------------------------------
ChangeLog:
* Sat Feb 9 2019 Thomas Moschny <thomas.moschny(a)gmx.de> - 2.3.7-1
- Update to 2.3.7.
- Simplify spec file.
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.3.6-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1536921 - CVE-2018-5773 python-markdown2: Unsanitized input in markdown()
method allows for cross-site scripting (XSS)
https://bugzilla.redhat.com/show_bug.cgi?id=1536921
--------------------------------------------------------------------------------
================================================================================
python-moksha-hub-1.5.16-1.fc29 (FEDORA-2019-7268edc5fb)
Hub components for Moksha
--------------------------------------------------------------------------------
Update Information:
https://github.com/mokshaproject/moksha/pull/70 ---- Weaken dep on service-
identity module to "Recommends".
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Ralph Bean <rbean(a)redhat.com> - 1.5.16-1
- new version
* Wed Feb 6 2019 Ralph Bean <rbean(a)redhat.com> - 1.5.15-4
- Make service-identity a weak dependency.
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.5.15-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1673212 - python-moksha-hub-1.5.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1673212
--------------------------------------------------------------------------------
================================================================================
python-passlib-1.7.1-1.fc29 (FEDORA-2019-fbbc1eef82)
Comprehensive password hashing framework supporting over 20 schemes
--------------------------------------------------------------------------------
Update Information:
Update to 1.7.1 *** ### Bugfixes * cisco_asa and cisco_pix: Fixed a number of
issues which under certain conditions caused prior releases to generate hashes
that were unverifiable on Cisco systems. * PasswordHash.hash() will now warn if
passed any settings keywords. This usage was deprecated in 1.7.0, but warning
wasn���t properly enabled. See Customizing the Configuration for the preferred way
to pass settings. * setup.py: Don���t append timestamp when run from an sdist.
This should fix some downstream build issues. * passlib.tests.test_totp: Test
suite now traps additional errors that datetime.utcfromtimestamp() may throw
under python 3, which should fix some test failures on architectures with rarer
ILP sizes. It also works around Python 3.6 bug 29100. ### Deprecations *
CryptContext: The harden_verify flag has been turned into a NOOP and deprecated.
It will be removed in passlib 1.8 along with the already-deprecated
min_verify_time (issue 83). ### Other Changes * passlib.tests.utils: General
truncation policy details were hammered out, and additional hasher tests were
added to enforce them. * documentation: Various updates & corrections.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Bj��rn Esser <besser82(a)fedoraproject.org> - 1.7.1-1
- Update to 1.7.1 (#1620382)
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.7.0-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1620382 - python-passlib 1.7.1 available
https://bugzilla.redhat.com/show_bug.cgi?id=1620382
--------------------------------------------------------------------------------
================================================================================
python-prometheus_client-0.5.0-1.fc29 (FEDORA-2019-7b3d95e8d2)
The Python client for Prometheus
--------------------------------------------------------------------------------
Update Information:
Update to 0.5.0
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 mprahl <mprahl(a)redhat.com> - 0.5.0-1
- Update to 0.5.0
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.2.0-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Jan 14 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 0.2.0-4
- Subpackage python2-prometheus_client has been removed
See
https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal
--------------------------------------------------------------------------------
================================================================================
python-sushy-1.3.3-1.fc29 (FEDORA-2019-cb68f7cbf1)
Sushy is a Python library to communicate with Redfish based systems
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.3 to fix the UEFI boot mode issue
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Dmitry Tantsur <divius.inside(a)gmail.com> - 1.3.3-1
- Update to 1.3.3 to fix the UEFI boot mode issue
--------------------------------------------------------------------------------
================================================================================
rpkg-1.57-6.fc29 (FEDORA-2019-d1ab66bbfc)
Python library for interacting with rpm+git
--------------------------------------------------------------------------------
Update Information:
This release brings 2 minor changes: * there won't be _python-gobject-base_ and
_libmodulemd_ packages installed in epel7 * stops building _Python 2_ package on
_Fedora_ 30+
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Ond��ej Nosek <onosek(a)redhat.com> - 1.57-6
- Revert previous change.
Now python-gobject-base & libmodulemd are removed from epel7 and RHEL7
* Tue Feb 5 2019 Ond��ej Nosek <onosek(a)redhat.com> - 1.57-5
- python-gobject-base & libmodulemd also for epel7 and RHEL7
* Mon Feb 4 2019 Lubom��r Sedl���� <lsedlar(a)redhat.com> - 1.57-4
- Disable Py2 package on F30+
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.57-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
rubygem-thread_order-1.1.1-1.fc29 (FEDORA-2019-b8e9708b6b)
Test helper for ordering threaded code
--------------------------------------------------------------------------------
Update Information:
New version 1.1.1 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.1.1-1
- 1.1.1
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.0-7
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
shotwell-0.30.2-1.fc29 (FEDORA-2019-e91b8c5cb1)
A photo organizer for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
shotwell 0.30.2 release. * Fix maximize on Wayland when double-clicking on
title-bar * Do not hide the cursor when showing the slideshow settings dialog
* Fix compatibility with recent vala compilers * Fix crash when dismissing
file modifications on close * Fix issues with google and flickr not being able
to log in * Replace picasaweb publishing with Google Photos publishing *
Comply with Flick API TOS
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 Kalev Lember <klember(a)redhat.com> - 0.30.2-1
- Update to 0.30.2
- Use upstream screenshots for appdata
--------------------------------------------------------------------------------
================================================================================
snapd-2.37.2-1.fc29 (FEDORA-2019-49fa31e2e0)
A transactional software package manager
--------------------------------------------------------------------------------
Update Information:
Release 2.37.2 to Fedora
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Neal Gompa <ngompa13(a)gmail.com> - 2.37.2-1
- Release 2.37.2 to Fedora (RH#1667460)
* Wed Feb 6 2019 Michael Vogt <mvo(a)ubuntu.com>
- New upstream release 2.37.2
- cmd/snap, overlord/snapstate: silently ignore classic flag when a
snap is strictly confined
- snap-confine: remove special handling of /var/lib/jenkins
- cmd/snap-confine: handle death of helper process gracefully
- snap-confine: fix classic snaps for users with /var/lib/* homedirs
like jenkins/postgres
- packaging: disable systemd environment generator on 18.04
- tests: update smoke/sandbox test for armhf
- cmd/snap-confine: refactor and cleanup of seccomp loading
- snap-confine: increase locking timeout to 30s
- snap-confine: fix incorrect "sanity timeout 3s" message
- snap: fix hook autodiscovery for parallel installed snaps
- tests: iterate getting journal logs to support delay on boards on
daemon-notify test
- interfaces/apparmor: deny inet/inet6 in snap-update-ns profile
- interfaces: add u2f-devices interface
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.36.3-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Jan 29 2019 Michael Vogt <mvo(a)ubuntu.com>
- New upstream release 2.37.1
- cmd/snap-confine: add special case for Jenkins
- tests: workaround missing go dependencies in debian-9
- daemon, polkit: pid_t is signed
- interfaces: add display-control interface
- interfaces: add block-devices interface
- tests/main/searching: video section got renamed to photo-and-video
- interfaces/camera: allow reading vendor/etc info from
/run/udev/data/+usb
- interfaces/dbus: be less strict about alternations for well-known
names
- interfaces/home: allow dac_read_search with 'read: all'
- interfaces/pulseaudio: allow reading subdirectories of
/etc/pulse
- interfaces/system-observe: allow read on
/proc/locks
- tests: get test-snapd-dbus-{provider,consumer} from the beta
channel
- interfaces/apparmor: mock presence of overlayfs root
- packaging/{fedora,opensuse,ubuntu}: add /var/lib/snapd/lib/glvnd
* Wed Jan 16 2019 Michael Vogt <mvo(a)ubuntu.com>
- New upstream release 2.37
- snapd: fix race in TestSanityFailGoesIntoDegradedMode test
- cmd: fix snap-device-helper to deal correctly with hooks
- tests: various fixes for external backend
- interface: raw-usb: Adding ttyACM[0-9]* as many serial devices
have device node /dev/ttyACM[0-9]
- tests: fix enable-disable-unit-gpio test on external boards
- tests: define new "tests/smoke" suite and use that for
autopkgtests
- interfaces/builtin/opengl: allow access to NVIDIA VDPAU
library
- snapshotstate: don't task.Log without the lock
- overlord/configstate/configcore: support - and _ in cloud init
field names
- cmd/snap-confine: use makedev instead of MKDEV
- tests: review/fix the autopkgtest failures in disco
- systemd: allow only a single daemon-reload at the same time
- cmd/snap: only auto-enable unicode to a tty
- cmd/snap: right-align revision and size in info's channel map
- dirs, interfaces/builtin/desktop: system fontconfig cache path is
different on Fedora
- tests: fix "No space left on device" issue on amazon-linux
- store: undo workaround for timezone-less released-at
- store, snap, cmd/snap: channels have released-at
- snap-confine: fix incorrect use "src" var in mount-support.c
- release: support probing SELinux state
- release-tools: display self-help
- interface: add new `{personal,system}-files` interface
- snap: give Epoch an Equal method
- many: remove unused interface code
- interfaces/many: use 'unsafe' with docker-support change_profile
rules
- run-checks: stop running HEAD of staticcheck
- release: use sync.Once around lazy intialized state
- overlord/ifacestate: include interface name in the hotplug-
disconnect task summary
- spread: show free space in debug output
- cmd/snap: attempt to restore SELinux context of snap user
directories
- image: do not write empty etc/cloud
- tests: skip snapd snap on reset for core systems
- cmd/snap-discard-ns: fix umount(2) typo
- overlord/ifacestate: hotplug-remove-slot task handler
- overlord/ifacestate: handler for hotplug-disconnect task
- ifacestate/hotplug: updateDevice helper
- tests: reset snapd state on tests restore
- interfaces: return security setup errors
- overlord: make InstallMany work like UpdateMany, issuing a single
request to get candidates
- systemd/systemd.go: add missing tests for systemd.IsActive
- overlord/ifacestate: addHotplugSeqWaitTask helper
- cmd/snap-confine: refactor call to snap-update-ns --user-mounts
- tests: new backend used to run upgrade test suite
- travis: short circuit failures in static and unit tests travis job
- cmd: automatically fix localized <option>s to <option>
- overlord/configstate,features: expose features to snapd tools
- selinux: package to query SELinux status and verify/restore file
contexts
- wrappers: use new systemd.IsActive in core18 early boot
- cmd: add tests for lintArg and lintDesc
- httputil: retry on temporary net errors
- cmd/snap-confine: remove unused sc_discard_preserved_mount_ns
- wrappers: only restart service in core18 when they are active
- overlord/ifacestate: helpers for serializing hotplug changes
- packaging/{fedora,opensuse}: own /var/lib/snapd/cookie
- systemd: start snapd.autoimport.service in --no-block mode
- data/selinux: fix syntax error in definition of snappy_admin
interface
- snap/info: bind global plugs/slots to implicit hooks
- cmd/snap-confine: remove SC_NS_MNT_FILE
- spread: record each tests/upgrade job
- osutil: do not import dirs
- cmd/snap-confine: fix typo "a pipe"
- tests: make security-device-cgroups-{devmode,jailmode} work on arm
devices
- tests: force test-snapd-daemon-notify exit 0 when the interface is
not connected
- overlord/snapstate: run 'remove' hook before 'auto-disconnect'
- centos: enable SELinux support on CentOS 7
- apparmor: allow hard link to snap-specific semaphore files
- tests/lib/pkgdb: disable weak deps on Fedora
- release: detect too old apparmor_parser
- tests: improve how the log is checked to see if the system is
waiting for a reboot
- cmd, dirs, interfaces/apparmor: update distro identification to
support ID="archlinux"
- spread, tests: add Fedora 29
- cmd/snap-confine: refactor calling snapd tools into helper module
- apparmor: allow snap-update-ns access to common devices
- cmd/snap-confine: capture initialized per-user mount ns
- tests: reduce verbosity around package installation
- data: set KillMode=process for snapd
- cmd/snap: handle DNS error gracefully
- spread, tests: use checkpoints when dumping audit log
- tests/lib/prepare: make sure that SELinux context of repacked core
snap is controlled
- testutils: split checkers, tweak tests
- tests: fix for tests test-*-cgroup
- spread: show AVC audits when debugging, start auditd on Fedora
- spread: drop Fedora 27, add Fedora 29
- tests/lib/reset: restore context of removed snapd directories
- testutil: add File{Present,Absent} checkers
- snap: add new `snap run --trace-exec`
- tests: fix for failover test on how logs are checked
- snapctl: add "services"
- overlord/snapstate: use file timestamp to initialize timer
- cmd/libsnap: introduce and use sc_strdup
- interfaces: let NM access ifindex/ifupdown files
- overlord/snapstate: on refresh, check new rev can read current
- client, store: don't use store from client (use client from store)
- tests/main/parallel-install-store: verify installation of more
than one instance at a time
- overlord: don't write system key if security setup fails
- packaging/fedora/snapd.spec: fix bogus date in changelog
- snapstate: update fontconfig caches on install
- interfaces/apparmor/backend.go:411:38: regular expression does not
contain any meta characters (SA6004)
- asserts/header_checks.go:199:35: regular expression does not
contain any meta characters (SA6004)
- run staticcheck every time :-)
- tests/lib/systemd-escape/main.go:46:14: printf-style function with
dynamic first argument and no further arguments should use print-
style function instead (SA1006)
- tests/lib/fakestore/cmd/fakestore/cmd_run.go:66:15: the channel
used with signal.Notify should be buffered (SA1017)
- tests/lib/fakedevicesvc/main.go:55:15: the channel used with
signal.Notify should be buffered (SA1017)
- spdx/parser.go:30:1: only the first constant has an explicit type
(SA9004)
- overlord/snapstate/snapmgr.go:553:21: printf-style function with
dynamic first argument and no further arguments should use print-
style function instead (SA1006)
- overlord/patch/patch3.go:44:70: printf-style function with dynamic
first argument and no further arguments should use print-style
function instead (SA1006)
- cmd/snap/cmd_advise.go:200:2: empty branch (SA9003)
- osutil/udev/netlink/conn.go:120:5: ineffective break statement.
Did you mean to break out of the outer loop? (SA4011)
- daemon/api.go:992:22: printf-style function with dynamic first
argument and no further arguments should use print-style function
instead (SA1006)
- cmd/snapd/main.go:94:5: ineffective break statement. Did you mean
to break out of the outer loop? (SA4011)
- cmd/snap/cmd_userd.go:73:15: the channel used with signal.Notify
should be buffered (SA1017)
- cmd/snap/cmd_help.go:102:7: io.Writer.Write must not modify the
provided buffer, not even temporarily (SA1023)
- release: probe apparmor features lazily
- overlord,daemon: mock security backends for testing
- cmd/libsnap: move apparmor-support to libsnap
- cmd: drop cruft from snap-discard-ns build rules
- cmd/snap-confine: use snap-discard-ns ns to discard stale
namespaces
- cmd/snap-confine: handle mounted shared /run/snapd/ns
- many: fix composite literals with unkeyed fields
- dirs, wrappers, overlord/snapstate: make completion + bases work
- tests: revert "tests: restore in restore, not prepare"
- many: validate title
- snap: make description maximum in runes, not bytes
- tests: discard mount namespaces in reset.sh
- tests/lib: sync cla check back from snapcraft
- Revert "cmd/snap, tests/main/snap-info: highlight the current
channel"
- daemon: remove enableInternalInterfaceActions
- mkversion: use "test -n" rather than "! test -z"
- run-checks: assorted fixes
- tests: restore in restore, not in prepare
- cmd/snap: fix missing newline in "snap keys" error message
- snap: epoch lists must contain no duplicate entries
- interfaces/avahi_observe: Fix typo in comment
- tests: add SPREAD_JOB to the description of
systemd_create_and_start_unit
- daemon, vendor: bump
github.com/coreos/go-systemd/activation,
handle API changes
- Revert "cmd/snap-confine: don't allow mapping lib{uuid,blkid}"
- packaging/fedora: use %_sysctldir macro
- cmd/snap-confine: remove unneeded unshare
- sanity: extend the kernel version check to cover CentOS/RHEL
kernels
- wrappers: remove all desktop files from a snap on removal
- snap: add an explicit check for `epoch: null` loading
- snap: check max description length in validate
- spread, tests: add CentOS support
- cmd/snap-confine: allow mapping more libc shards
- cmd/snap-discard-ns: add support for --from-snap-confine
- tests: make tinyproxy support systemd notify
- tests: fix shellcheck
- snap, store: rename `snap.Epoch`'s `Unset` to `IsZero`
- store: add a test for a non-zero epoch refresh (with epoch bump)
- store: v1 search doesn't send epoch, stop pretending it does
- snap: make any "0" epoch be Unset, and marshalled to {[0],[0]}
- overlord/snapstate: amend test should send local revision
- tests: use mock-gpio.py in enable-disable-units-gpio test
- snap: enforce minimal snap name len of 2
- cmd/libsnap: add sc_verify_snap_lock
- cmd/snap-update-ns: extra debugging of trespassing events
- userd: force zenity width if the text displayed is long
- overlord/snapstate, store: always send epochs
- cmd/snap-confine,snap-update-ns: discard quirks
- cmd/snap: add nanosleep to blacklisted syscalls when running with
--strace
- cmd/snap-update-ns, tests: clean trespassing paths
- nvidia, interfaces/builtin: OpenCL fixes
- ifacestate/hotplug: removeDevice helper
- cmd: install snap-discard-ns in "make hack"
- overlord/ifacestate: setup security backends phased by backends
first
- ifacestate/helpers: added SystemSnapName mapper helper method
- overlord/ifacestate: set hotplug-key of the connection when
connecting hotplug slots
- snapd: allow snap-update-ns to read /proc/version
- cmd: handle tumbleweed and leap in autogen.sh
- interfaces/tests: MockHotplugSlot test helper
- store,daemon: make UserInfo,LoginUser part of the store interface
- overlord/ifacestate: use remapper when checking if system snap is
installed
- tests: fix how pinentry is prepared for new gpg v 2.1 and 2.2
- packaging/arch: fix bash completions path
- interfaces/builtin: add device-buttons interface for accessing
events
- tests, fakestore: extend refresh tests with parallel installed
snaps
- snap, store, overlord/snapshotstate: drop epoch pointers
- snap: make Epoch default to {[0],[0]} on load from yaml
- data/completion: pass documented arguments to completion functions
- tests: skip opensuse from interfaces-openvswitch-support test
- tests: simple reproducer for snap try and hooks bug
- snapstate: do not allow classic mode for strict snaps
- snap: make Epoch's MarshalJSON not simplify
- store: remove unused currentSnap and currentSnapJSON
- many: some small doc comment fixes in recent hotplug code
- ifacestate/udevmonitor: added callback to signal end of
enumeration
- cmd/libsnap: add simplified feature flag checker
- interfaces/opengl: add additional accesses for cuda
- tests: add core18 only hooks test and fix running core18 only on
classic
- sanity, release, cmd/snap: refuse to try to do things on WSL.
- cmd: make coreSupportsReExec faster
- overlord/ifacestate: don't remove the dash when generating unique
slot name
- cmd/snap-seccomp: add full complement of ptrace constants
- cmd: update autogen.sh for opensuse
- interfaces/apparmor: allow access to /run/snap.$SNAP_INSTANCE_NAME
- spread.yaml: add more systems to the autopkgtest and qemu backends
- daemon: spool sideloaded snap into blob dir
overlord/snapstate: address review feedback
- packaging/opensuse: stop using golang-packaging
- overlord/snapshots: survive an unknown user
- wrappers: fix generating of service units with multiple `before`
dependencies
- data: run snapd.autoimport.service only after seeding
- cmd/snap: unhide --name parameter to snap install, tweak help
message
- packaging/fedora: Merge changes from Fedora Dist-Git
- tests/main/snap-service-after-before-install: verify after/before
in snap install
- overlord/ifacestate: mark connections disconnected by hotplug with
hotplug-gone
- ifacestate/ifacemgr: don't reload hotplug-gone connections on
startup
- tests: install dependencies during prepare
- tests,store,daemon: ensure proxy settings are honored in
auth/userinfo too
- tests: core 18 does not support classic confinement
- tests: add debug output for degraded test
- strutil: make VersionCompare faster
- overlord/snapshotstate/backend: survive missing directories
- overlord/ifacestate: use map[string]*connState when passing conns
around
- tests: move fedora 28 to manual
- overlord/snapshotstate/backend: be more verbose when
SNAPPY_TESTING=1
- tests: removing fedora 26 system from spread.yaml
- tests: linode execution is not needed anymore
- tests/lib: adjust to changed systemctl behaviour on debian-9
- tests: fixes and new backend for tests on nested suite
- strutil: let MatchCounter work with a nil regexp
- ifacestate/helpers: findConnsForHotplugKey helper
- many: move regexp.(Must)Compile out of non-init functions into
variables
- store: also make snaps downloaded via deltas 0600
- snap: use Lstat to determine snap size, remove
ReadSnapInfoExceptSize
- interfaces/builtin: add adb-support interface
- tests: fail if install_snap_local fails
- strutil: add extra test to CommaSeparatedList as suggested by
mborzecki
- cmd/snap, daemon, strutil: use CommaSeparatedList to split a CSL
- ifacestate: optimize disconnect hooks
- cmd/snap-update-ns: parse the -u <uid> command line option
- cmd/snap, tests: snapshots for all
- client, cmd/daemon: allow disabling keepalive, improve degraded
mode unit tests
- snap: only show "next" refresh time if its after the hold time
- overlord/snapstate: run tests for classic snaps even on systems
that don't support classic
- overlord/standby: fix a race between standby goroutine and stop
- cmd/snap-exec: don't fail on some try mode snaps
- cmd/snap, userd, testutil: tweak DBus tests to use private session
bus connection
- cmd: remove remnants of sc_should_populate_mount_ns
- client, daemon, cmd/snap: indicate that services are socket/timer
activated
- cmd/snap-seccomp: only look for PTRACE_GETFPX?REGS where available
- cmd/snap-confine: remove SC_NS_FAIL_GRACEFULLY
- snap/pack, cmd/snap: allow specifying the filename of 'snap pack'
- cmd/snap-discard-ns: add support for per-user mount namespaces
- cmd/snap-confine: remove stale mount profile along stale namespace
- data/apt: close stderr when calling snap in the apt install hook.
- tests/main: fixes for the new shellcheck
- testutil, cmd/snap: introduce and use testutil.EqualsWrapped and
fly
- tests: initial setup for testing current branch on nested vm and
hotplug management
- cmd: refactor IPC and lifecycle of the helper process
- tests/main/parallel-install-store: the store has caught up, do not
expect failures
- overlord/snapstate, snap, wrappers: start services in the right
order during install
- interfaces/browser-support, cmd/snap-seccomp: Allow read-only
ptrace, for the Breakpad crash reporter
- snap,client: use a different exit code for retryable errors
- overlord/ifacestate: don't conflict on own discard-snap tasks when
refreshing & doing garbage collection
- cmd/snap: tweak `snap services` output when there is no services
- interfaces/many: updates to support k8s worker nodes
- cmd/snap: gnome-software install via snap:// handler
- overlord/many: cleanup use of snapName vs. instanceName
- snapstate: add command-chain to supported featureset
- daemon, snap: mark screenshots as deprecated
- interfaces: fix decoding of json numbers for static/dynamic
attributes* ifstate: fix decoding of json numbers
- cmd/snap: try not to panic on error from "snap try"
- tests: new cosmic image for spread tests on gce
- interfaces/system-key: add parser mtime and only discover features
on write
- overlord/snapshotstate/backend: detect path to tar in unit tests
- tests/unit/gccgo: drop gccgo unit tests
- cmd: use relative file names in locking APIs
- interfaces: fix NormalizeInterfaceAttributes, add tests
- overlord/snapshotstate/backend: fall back on sudo when no runuser
- cmd/snap-confine: reduce verbosity of debug and error messages
- systemd: extend Status() to work for socket and timer units
- interfaces: typo 'allows' for consistency with other ifaces
- systemd,wrappers: don't start disabled services
- ifacestate: simplify task chaining in ifacestate.Connect
- tests: ensure that goa-daemon is off
- snap/pack, snap/squashfs: remove extra copy before mksquashfs
- cmd/snap: block 'snap help <cmd> --all'
- asserts, image: ensure kernel, gadget, base and required-snaps use
valid snap names
- apparmor: add unit test for probeAppArmorParser and simplify code
- interfaces/apparmor: conditionally add explicit deny rules for
ptrace
- po: sync translations from launchpad
- osutil: tweak handling of error adduser errors
- cmd: rename ns_group to mount_ns
- tests/main/interfaces-accounts-service: more debugging
- snap/pack, snap/squashfs: use type to determine mksquashfs args
- data/systemd, wrappers: tweak system-shutdown helper for core18
- tests: show list of processes when ifaces-accounts-service fails
- tests: do not run degraded test in autopkgtest env
- snap: overhaul validation error messages
- ifacestate/hooks: only create interface hook tasks if hooks exist
- osutil: workaround overlayfs on ubuntu 18.10
- interfaces/home: don't allow snaps to write to $HOME/bin
- interfaces: improve Attr error further
- snapstate: tweak GetFeatureFlagBool() to have a default argument
- many: cleanup remaining parallel installs TODOs
- image: improve validation of extra snaps
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1667460 - snapd-2.37.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1667460
--------------------------------------------------------------------------------
================================================================================
switchboard-plug-bluetooth-2.2.1-1.fc29 (FEDORA-2019-5887c66319)
Switchboard Bluetooth plug
--------------------------------------------------------------------------------
Update Information:
Update to version 2.2.1. Release notes:
https://github.com/elementary/switchboard-plug-bluetooth/releases/tag/2.2.1
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Fabio Valentini <decathorpe(a)gmail.com> - 2.2.1-1
- Update to version 2.2.1.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1669551 - switchboard-plug-bluetooth-2.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1669551
--------------------------------------------------------------------------------
================================================================================
systemd-239-11.git4dc7dce.fc29 (FEDORA-2019-1fb1547321)
System and Service Manager
--------------------------------------------------------------------------------
Update Information:
- Fix large memory usage by systemd-journald (#1665931) - Some minor fixes to
systemd-nspawn, udevadm, documentation and logging No need to log out or
reboot.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> -
239-11.git4dc7dce
- Revert one of the patches to reduce journald memory usage because of selinux troubles
* Thu Feb 7 2019 Zbigniew J��drzejewski-Szmek <zbyszek(a)in.waw.pl> -
239-10.git4dc7dce
- Fix large memory usage by systemd-journald (#1665931)
- Some minor fixes to systemd-nspawn, udevadm, documentation and logging
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1665931 - systemd-journald.service: crazy memory usage (24.5 GB VIRT, 170 MB
RES) RuntimeMaxUse=10M
https://bugzilla.redhat.com/show_bug.cgi?id=1665931
--------------------------------------------------------------------------------
================================================================================
texi2html-5.0-11.fc29 (FEDORA-2019-f184186475)
A highly customizable texinfo to HTML and other formats translator
--------------------------------------------------------------------------------
Update Information:
tetex-tex4ht changed to texlive-tex4ht
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Troy Dawson <tdawson(a)redhat.com> - 5.0-11
- tetex-tex4ht changed to texlive-tex4ht
- BuildRequire gcc-c++
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.0-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.0-9
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1606513 - texi2html: FTBFS in Fedora rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1606513
--------------------------------------------------------------------------------
================================================================================
texlive-2018-25.fc29 (FEDORA-2019-ee186b8961)
TeX formatting system
--------------------------------------------------------------------------------
Update Information:
- add dependency on translations.sty to texlive-xsim (bz1637642) - handle
upgrades for uantwerpendocs (bz1644398)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 8 2019 Tom Callaway <spot(a)fedoraproject.org> - 8:2018-25
- add dependency on translations.sty to texlive-xsim (bz1637642)
- handle upgrades for uantwerpendocs (bz1644398)
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 8:2018-24
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1644398 - texlive-uantwerpendocs conflict when upgrading to fedora 29
https://bugzilla.redhat.com/show_bug.cgi?id=1644398
[ 2 ] Bug #1637642 - texlive-xsim should depend on texlive-translations
https://bugzilla.redhat.com/show_bug.cgi?id=1637642
--------------------------------------------------------------------------------
================================================================================
thunderbird-60.5.0-4.fc29 (FEDORA-2019-526ef126cd)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
- Updated to latest version (60.5.0) -
https://www.thunderbird.net/en-
US/thunderbird/60.5.0/releasenotes/ - Backported Wayland patches from Firefox
65.0
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 Martin Stransky <stransky(a)redhat.com> - 60.5.0-4
- Use MOZ_ENABLE_WAYLAND for Wayland launcher.
* Tue Feb 5 2019 Martin Stransky <stransky(a)redhat.com> - 60.5.0-3
- Updated Wayland patches
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 60.5.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Jan 30 2019 Martin Stransky <stransky(a)redhat.com> - 60.5.0-1
- Update to 60.5.0
--------------------------------------------------------------------------------
================================================================================
tideEditor-1.4.5-1.fc29 (FEDORA-2019-29e8eb1c86)
Editor for Tide Constituent Database (TCD) files
--------------------------------------------------------------------------------
Update Information:
New version 1.4.5 is released.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 5 2019 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 1.4.5-1
- 1.4.5
* Sun Feb 3 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.4.4-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
tnef-1.4.17-1.fc29 (FEDORA-2019-b132b8ff1a)
Extract files from email attachments like WINMAIL.DAT
--------------------------------------------------------------------------------
Update Information:
Update to release 1.4.17
--------------------------------------------------------------------------------
ChangeLog:
* Thu Feb 7 2019 David Timms <iinet.net.au@dtimms> - 1.4.17-1
- Update to release 1.4.17.
--------------------------------------------------------------------------------
================================================================================
tracker-2.1.7-1.fc29 (FEDORA-2019-9e3011f6dd)
Desktop-neutral metadata database and search tool
--------------------------------------------------------------------------------
Update Information:
tracker 2.1.7 release. * Fix build order with libtracker-sparql generated
headers * Fix ontology update with SQLite 3.25 * Fix build with Vala 0.43
--------------------------------------------------------------------------------
ChangeLog:
* Wed Feb 6 2019 Kalev Lember <klember(a)redhat.com> - 2.1.7-1
- Update to 2.1.7
* Wed Jan 23 2019 Kalev Lember <klember(a)redhat.com> - 2.1.6-1
- Update to 2.1.6
--------------------------------------------------------------------------------