The following Fedora 27 Security updates need testing:
Age URL
164
https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27
96
https://bodhi.fedoraproject.org/updates/FEDORA-2018-8dc6395408
dpdk-17.08.2-1.fc27
82
https://bodhi.fedoraproject.org/updates/FEDORA-2018-775d96b54b
blktrace-1.2.0-6.fc27
70
https://bodhi.fedoraproject.org/updates/FEDORA-2018-a10c1d234e
vim-syntastic-3.9.0-1.fc27
60
https://bodhi.fedoraproject.org/updates/FEDORA-2018-3b33f65b01
nodejs-brace-expansion-1.1.11-1.fc27
52
https://bodhi.fedoraproject.org/updates/FEDORA-2018-f7a1334c68
sox-14.4.2.0-22.fc27
51
https://bodhi.fedoraproject.org/updates/FEDORA-2018-a748acc219
unrtf-0.21.9-8.fc27
46
https://bodhi.fedoraproject.org/updates/FEDORA-2018-2d2179e7d0
python-XStatic-jquery-ui-1.12.0.1-2.fc27
28
https://bodhi.fedoraproject.org/updates/FEDORA-2018-f6ccdeb750
mailman-2.1.21-9.fc27
28
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc864bb9e1
openslp-2.0.0-15.fc27
26
https://bodhi.fedoraproject.org/updates/FEDORA-2018-2b053454a4
libvirt-3.7.0-6.fc27
22
https://bodhi.fedoraproject.org/updates/FEDORA-2018-df2593ee6a
docker-1.13.1-60.git9cb56fd.fc27
19
https://bodhi.fedoraproject.org/updates/FEDORA-2018-160b3d2f6c
docker-latest-1.13.1-37.git9cb56fd.fc27
19
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bee0aefb05
thunderbird-52.9.1-1.fc27
11
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9829c6ddcf
quazip-0.7.6-1.fc27
9
https://bodhi.fedoraproject.org/updates/FEDORA-2018-8738f5f4a7 ceph-12.2.7-1.fc27
7
https://bodhi.fedoraproject.org/updates/FEDORA-2018-47d2ad9eaf cups-2.2.4-11.fc27
7
https://bodhi.fedoraproject.org/updates/FEDORA-2018-73bd3d14a3
pam_yubico-2.26-1.fc27
7
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9ef52861b5
wireshark-2.6.2-1.fc27
3
https://bodhi.fedoraproject.org/updates/FEDORA-2018-e1f03d1f72
poppler-0.57.0-10.fc27
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-2cf8d705ad
seamonkey-2.49.4-1.fc27
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-ee076d0530
myrepos-1.20180726-1.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2018-0a61e79f56
dpkg-1.18.25-1.fc27
The following Fedora 27 Critical Path updates have yet to be approved:
Age URL
80
https://bodhi.fedoraproject.org/updates/FEDORA-2018-25d5c86330 libidn-1.34-2.fc27
mcabber-1.1.0-1.fc27.1 pidgin-2.13.0-1.fc27.1 python-slixmpp-1.3.0-5.fc27.1
58
https://bodhi.fedoraproject.org/updates/FEDORA-2018-33052e653e
iproute-4.16.0-1.fc27
41
https://bodhi.fedoraproject.org/updates/FEDORA-2018-200dba6b93
upower-0.99.8-1.fc27
26
https://bodhi.fedoraproject.org/updates/FEDORA-2018-2b053454a4
libvirt-3.7.0-6.fc27
19
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bee0aefb05
thunderbird-52.9.1-1.fc27
11
https://bodhi.fedoraproject.org/updates/FEDORA-2018-01441e6ea8
boost-1.64.0-7.fc27
11
https://bodhi.fedoraproject.org/updates/FEDORA-2018-1df6a39717
tigervnc-1.9.0-1.fc27
9
https://bodhi.fedoraproject.org/updates/FEDORA-2018-1312f831bc
pungi-4.1.26-2.fc27
9
https://bodhi.fedoraproject.org/updates/FEDORA-2018-8738f5f4a7 ceph-12.2.7-1.fc27
7
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cf1b3b7c45 avahi-0.7-13.fc27
gitso-0.6-19.fc27
7
https://bodhi.fedoraproject.org/updates/FEDORA-2018-47d2ad9eaf cups-2.2.4-11.fc27
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-66d5c87587
python-setuptools-37.0.0-2.fc27
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-8aed9eb598 vim-8.1.209-1.fc27
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-05a68ea22e
geoclue2-2.4.11-1.fc27
3
https://bodhi.fedoraproject.org/updates/FEDORA-2018-3f3e6d136e
perl-5.26.2-407.fc27
3
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4bb4de2d86
selinux-policy-3.13.1-284.37.fc27
3
https://bodhi.fedoraproject.org/updates/FEDORA-2018-e1f03d1f72
poppler-0.57.0-10.fc27
2
https://bodhi.fedoraproject.org/updates/FEDORA-2018-2bb229d1b3
breeze-icon-theme-5.48.0-2.fc27 extra-cmake-modules-5.48.0-2.fc27 kf5-5.48.0-3.fc27
kf5-attica-5.48.0-2.fc27 kf5-baloo-5.48.0-1.fc27 kf5-bluez-qt-5.48.0-2.fc27
kf5-frameworkintegration-5.48.0-1.fc27 kf5-kactivities-5.48.0-3.fc27
kf5-kactivities-stats-5.48.0-2.fc27 kf5-kapidox-5.48.0-2.fc27 kf5-karchive-5.48.0-2.fc27
kf5-kauth-5.48.0-2.fc27 kf5-kbookmarks-5.48.0-2.fc27 kf5-kcmutils-5.48.0-1.fc27
kf5-kcodecs-5.48.0-2.fc27 kf5-kcompletion-5.48.0-2.fc27 kf5-kconfig-5.48.0-2.fc27
kf5-kconfigwidgets-5.48.0-2.fc27 kf5-kcoreaddons-5.48.0-2.fc27 kf5-kcrash-5.48.0-2.fc27
kf5-kdbusaddons-5.48.0-2.fc27 kf5-kdeclarative-5.48.0-1.fc27 kf5-kded-5.48.0-1.fc27
kf5-kdelibs4support-5.48.0-2.fc27 kf5-kdesignerplugin-5.48.0-2.fc27
kf5-kdesu-5.48.0-2.fc27 kf5-kdewebkit-5.48.0-1.fc27 kf5-kdnssd-5.48.0-2.fc27
kf5-kdoctools-5.48.0-2.fc27 kf5-kemoticons-5.48.0-2.fc27 kf5-kfilemetadata-5.48.0-2.fc27
kf5-kglobalaccel-5.48.0-2.fc27 kf5-kguiad
dons-5.48.0-2.fc27 kf5-kholidays-5.48.0-2.fc27 kf5-khtml-5.48.0-1.fc27
kf5-ki18n-5.48.0-2.fc27 kf5-kiconthemes-5.48.0-2.fc27 kf5-kidletime-5.48.0-2.fc27
kf5-kimageformats-5.48.0-2.fc27 kf5-kinit-5.48.0-1.fc27 kf5-kio-5.48.0-1.fc27
kf5-kirigami2-5.48.0-2.fc27 kf5-kitemmodels-5.48.0-2.fc27 kf5-kitemviews-5.48.0-2.fc27
kf5-kjobwidgets-5.48.0-2.fc27 kf5-kjs-5.48.0-2.fc27 kf5-kjsembed-5.48.0-2.fc27
kf5-kmediaplayer-5.48.0-1.fc27 kf5-knewstuff-5.48.0-1.fc27
kf5-knotifications-5.48.0-2.fc27 kf5-knotifyconfig-5.48.0-1.fc27
kf5-kpackage-5.48.0-2.fc27 kf5-kparts-5.48.0-1.fc27 kf5-kpeople-5.48.0-2.fc27
kf5-kplotting-5.48.0-2.fc27 kf5-kpty-5.48.0-2.fc27 kf5-kross-5.48.0-1.fc27
kf5-krunner-5.48.0-2.fc27 kf5-kservice-5.48.0-2.fc27 kf5-ktexteditor-5.48.0-1.fc27
kf5-ktextwidgets-5.48.0-3.fc27 kf5-kunitconversion-5.48.0-2.fc27 kf5-kwallet-5.48.0-2.fc27
kf5-kwayland-5.48.0-2.fc27 kf5-kwidgetsaddons-5.48.0-2.fc27
kf5-kwindowsystem-5.48.0-2.fc27 kf5-kxmlgui-5.48.0-2.fc27 kf5-kxmlrpcclient-5.48.0-1.fc27
kf5-modemmanager-qt-5.48.0-2.fc27 kf5-networkmanager-qt-5.48.0-2.fc27
kf5-plasma-5.48.0-2.fc27 kf5-prison-5.48.0-2.fc27 kf5-purpose-5.48.0-1.fc27
kf5-solid-5.48.0-2.fc27 kf5-sonnet-5.48.0-2.fc27 kf5-syntax-highlighting-5.48.0-2.fc27
kf5-threadweaver-5.48.0-2.fc27 oxygen-icon-theme-5.48.0-2.fc27
qqc2-desktop-style-5.48.0-2.fc27
The following builds have been pushed to Fedora 27 updates-testing
CuraEngine-lulzbot-3.2.23-1.fc27
R-Rmpfr-0.7.1-1.fc27
R-fts-0.9.9.1-1.fc27
R-igraph-1.2.2-1.fc27
R-inline-0.3.15-1.fc27
R-openssl-1.0.2-1.fc27
R-polyclip-1.9.1-1.fc27
RBTools-1.0.1-1.fc27
atomic-reactor-1.6.33-2.fc27
clamav-0.100.1-4.fc27
cura-lulzbot-3.2.23-1.fc27
kernel-4.17.11-100.fc27
kernel-headers-4.17.11-1.fc27
lilypond-2.19.82-3.fc27
link-grammar-5.5.1-4.fc27
lulzbot-marlin-firmware-1.1.8.62-1.fc27
mingw-LibRaw-0.18.13-2.fc27
moodle-3.3.7-1.fc27
mozjs52-52.9.0-1.fc27
pcre2-10.31-8.fc27
perl-HTTP-Tiny-0.074-1.fc27
pythia8-8.2.35-4.fc27
python-uranium-lulzbot-3.2.23-1.fc27
Details about builds:
================================================================================
CuraEngine-lulzbot-3.2.23-1.fc27 (FEDORA-2018-394a827406)
Engine for processing 3D models into G-code instructions for 3D printers
--------------------------------------------------------------------------------
Update Information:
Update to Cura-Lulzbot 3.2.23. Fix CVE-2018-1000537
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Tom Callaway <spot(a)fedoraproject.org> - 1:3.2.23-1
- update to 3.2.23
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:3.2.21-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1595588 - CVE-2018-1000537 lulzbot-marlin-firmware: marlin: Buffer overflow
in cardreader.cpp [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1595588
--------------------------------------------------------------------------------
================================================================================
R-Rmpfr-0.7.1-1.fc27 (FEDORA-2018-c0e2ffb332)
R MPFR - Multiple Precision Floating-Point Reliable
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 31 2018 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.7.1-1
- Update to latest version
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.7.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
R-fts-0.9.9.1-1.fc27 (FEDORA-2018-a3a1ecbb13)
R Interface to 'tslib' (a Time Series Library in C++)
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 0.9.9.1-1
- Update to latest version
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.9-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
R-igraph-1.2.2-1.fc27 (FEDORA-2018-94231bc95e)
Network Analysis and Visualization
--------------------------------------------------------------------------------
Update Information:
Initial package of igraph for R
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1607718 - Review Request: R-igraph - Network Analysis and Visualization
https://bugzilla.redhat.com/show_bug.cgi?id=1607718
--------------------------------------------------------------------------------
================================================================================
R-inline-0.3.15-1.fc27 (FEDORA-2018-bfb6414d1b)
Functions to Inline C, C++, Fortran Function Calls from R
--------------------------------------------------------------------------------
Update Information:
Update to version 0.3.15
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 31 2018 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 0.3.15-1
- Update to version 0.3.15
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.14-5
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Wed Feb 7 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.14-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
R-openssl-1.0.2-1.fc27 (FEDORA-2018-9faef0d0e1)
Toolkit for Encryption, Signatures and Certificates Based on OpenSSL
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.0.2-1
- Update to latest version
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.1-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
R-polyclip-1.9.1-1.fc27 (FEDORA-2018-63e22bb78e)
Polygon Clipping
--------------------------------------------------------------------------------
Update Information:
Update to latest version
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Elliott Sales de Andrade <quantum.analyst(a)gmail.com> - 1.9.1-1
- Update to latest version
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.9.0-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
RBTools-1.0.1-1.fc27 (FEDORA-2018-f815a58759)
Tools for use with ReviewBoard
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.1 * Fixed tracking branch detection with Git
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Stephen Gallagher <sgallagh(a)redhat.com> - 1.0.1-1
- Update to RBTools 1.0.1
- Fixed tracking branch detection with Git
--------------------------------------------------------------------------------
================================================================================
atomic-reactor-1.6.33-2.fc27 (FEDORA-2018-2247cf60ff)
Improved builder for Docker images
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 31 2018 Clement Verna <cverna(a)fedoraproject.org> - 1.6.33-2
- Add patch to manage jsonschema version
* Mon Jul 30 2018 Clement Verna <cverna(a)fedoraproject.org> - 1.6.33-1
- New upstream release
- Drop patches
- Drop stop_autorebuild_if_disabled plugin
* Thu Jun 21 2018 Clement Verna <cverna(a)fedoraproject.org> - 1.6.31-3
- Adding patch fo docker-py compatibility
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 1.6.31-2
- Rebuilt for Python 3.7
* Tue May 15 2018 Clement Verna <cverna(a)fedoraproject.org> - 1.6.31-1
- Update to latest upstream
* Mon Feb 19 2018 Iryna Shcherbina <ishcherb(a)redhat.com> - 1.6.29-3
- Update Python 2 dependency declarations to new packaging standards
(See
https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
--------------------------------------------------------------------------------
================================================================================
clamav-0.100.1-4.fc27 (FEDORA-2018-c1c78a6e35)
End-user tools for the Clam Antivirus scanner
--------------------------------------------------------------------------------
Update Information:
Change the default location of configuration files in clamconf, binaries and man
pages, replacing with our default packaging (#859339). ---- Modify group of
/var/run/clamd.scan to virusgroup Add some SELinux notes from (#787434) Drop
pointless clamav-0.99.1-setsebool.patch Drop conditionalized build of noarch
Spec cleanups
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 S��rgio Basto <sergio(a)serjux.com> - 0.100.1-4
- Change the default location of configuration files in clamconf, binaries and
man pages, replacing with our default packaging (#859339).
* Sun Jul 29 2018 S��rgio Basto <sergio(a)serjux.com> - 0.100.1-3
- Modify group of /var/run/clamd.scan to virusgroup
- Add some SELinux notes from (#787434)
- Drop pointless clamav-0.99.1-setsebool.patch
- Drop conditionalized build of noarch
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.100.1-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #859339 - Clamdscan hardcoded to /etc/clamd.conf config
https://bugzilla.redhat.com/show_bug.cgi?id=859339
[ 2 ] Bug #787434 - Clamav does not create /var/run/clamd.scan/ with correct
permissions
https://bugzilla.redhat.com/show_bug.cgi?id=787434
--------------------------------------------------------------------------------
================================================================================
cura-lulzbot-3.2.23-1.fc27 (FEDORA-2018-394a827406)
3D printer control software
--------------------------------------------------------------------------------
Update Information:
Update to Cura-Lulzbot 3.2.23. Fix CVE-2018-1000537
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Tom Callaway <spot(a)fedoraproject.org> - 1:3.2.23-1
- update to 3.2.23
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:3.2.21-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 1:3.2.21-2
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1595588 - CVE-2018-1000537 lulzbot-marlin-firmware: marlin: Buffer overflow
in cardreader.cpp [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1595588
--------------------------------------------------------------------------------
================================================================================
kernel-4.17.11-100.fc27 (FEDORA-2018-49bda79bd5)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.17.11 stable update contains a number of important fixes across the tree.
Also of note, starting with this release, kernel-headers is built from a
different srpm. The contents should be the same, but there were some benefits to
breaking it from the kernel build. ---- The 4.17.10 stable kernel update
contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Justin M. Forbes <jforbes(a)fedoraproject.org> - 4.17.11-100
- Linux v4.17.11
- Turn off kernel-headers for the split
- Fix CVE-2018-14678 (rhbz 1608559 1608560)
* Wed Jul 25 2018 Justin M. Forbes <jforbes(a)fedoraproject.org> - 4.17.10-100
- Linux v4.17.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1608559 - CVE-2018-14678 xen: Uninitialized state in PV syscall return path
(XSA-274)
https://bugzilla.redhat.com/show_bug.cgi?id=1608559
--------------------------------------------------------------------------------
================================================================================
kernel-headers-4.17.11-1.fc27 (FEDORA-2018-49bda79bd5)
Header files for the Linux kernel for use by glibc
--------------------------------------------------------------------------------
Update Information:
The 4.17.11 stable update contains a number of important fixes across the tree.
Also of note, starting with this release, kernel-headers is built from a
different srpm. The contents should be the same, but there were some benefits to
breaking it from the kernel build. ---- The 4.17.10 stable kernel update
contains a number of important fixes across the tree.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1608559 - CVE-2018-14678 xen: Uninitialized state in PV syscall return path
(XSA-274)
https://bugzilla.redhat.com/show_bug.cgi?id=1608559
--------------------------------------------------------------------------------
================================================================================
lilypond-2.19.82-3.fc27 (FEDORA-2018-f005d2d82f)
A typesetting system for music notation
--------------------------------------------------------------------------------
Update Information:
Relocate vim files.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Gwyn Ciesla <limburgher(a)gmail.com> - 2.19.82-3
- Update vim file location.
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 2.19.82-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1599424 - Lilypond syntax files for vim not in vim81 folder
https://bugzilla.redhat.com/show_bug.cgi?id=1599424
--------------------------------------------------------------------------------
================================================================================
link-grammar-5.5.1-4.fc27 (FEDORA-2018-e7b5fc10ac)
A full-service natural language dependency parser
--------------------------------------------------------------------------------
Update Information:
5.5.1
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Gwyn Ciesla <limburgher(a)gmail.com> - 5.5.1-1
- 5.5.1.
* Sun Jul 22 2018 Niels de Vos <ndevos(a)redhat.com> - 5.5.0-4
- Add gcc-c++ to BuildRequires (#1604705)
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 5.5.0-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 5.5.0-2
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1609437 - link-grammar-5.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1609437
--------------------------------------------------------------------------------
================================================================================
lulzbot-marlin-firmware-1.1.8.62-1.fc27 (FEDORA-2018-394a827406)
Marlin firmware files for the Lulzbot family of 3D printers
--------------------------------------------------------------------------------
Update Information:
Update to Cura-Lulzbot 3.2.23. Fix CVE-2018-1000537
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Tom Callaway <spot(a)fedoraproject.org> - 1:1.1.8.62-1
- update to 1.1.8.62
* Fri Jul 13 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 1:1.1.8.59-3
- Security fix for CVE-2018-1000537
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
1:1.1.8.59-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1595588 - CVE-2018-1000537 lulzbot-marlin-firmware: marlin: Buffer overflow
in cardreader.cpp [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1595588
--------------------------------------------------------------------------------
================================================================================
mingw-LibRaw-0.18.13-2.fc27 (FEDORA-2018-baa8315daa)
Library for reading RAW files obtained from digital photo cameras
--------------------------------------------------------------------------------
Update Information:
Update to LibRaw-0.18.13, see
https://www.libraw.org/news/libraw-0-18-13 for
details. Fixes CVE-2018-5815, CVE-2018-5816.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 31 2018 Sandro Mani <manisandro(a)gmail.com> - 0.18.13-2
- Backport fix for CVE-2018-5816 (#1610158)
* Tue Jul 31 2018 Sandro Mani <manisandro(a)gmail.com> - 0.18.13-1
- Update to 0.18.13
- Backport fix for CVE-2018-5815 (#1610153)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1610156 - CVE-2018-5816 LibRaw: Integer overflow in
internal/dcraw_common.cpp:identify() allows for denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1610156
[ 2 ] Bug #1610151 - CVE-2018-5815 LibRaw: Integer overflow in
internal/dcraw_common.cpp:parse_qt() allows for denial of service
https://bugzilla.redhat.com/show_bug.cgi?id=1610151
--------------------------------------------------------------------------------
================================================================================
moodle-3.3.7-1.fc27 (FEDORA-2018-ebb1e572c0)
A Course Management System
--------------------------------------------------------------------------------
Update Information:
Multiple CVE fixes.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Gwyn Ciesla <limburgher(a)gmail.com> - 3.3.7-1
- 3.3.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1599817 - CVE-2018-10891 moodle: Quiz question bank import preview could
execute JavaScript [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1599817
[ 2 ] Bug #1599807 - CVE-2018-10890 moodle: Web service core_course_get_categories may
return invisible categories [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1599807
[ 3 ] Bug #1599816 - CVE-2018-10891 moodle: Quiz question bank import preview could
execute JavaScript [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1599816
[ 4 ] Bug #1599806 - CVE-2018-10890 moodle: Web service core_course_get_categories may
return invisible categories [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1599806
[ 5 ] Bug #1599800 - CVE-2018-10889 moodle: Privacy data exports include log data
[fedora-27]
https://bugzilla.redhat.com/show_bug.cgi?id=1599800
--------------------------------------------------------------------------------
================================================================================
mozjs52-52.9.0-1.fc27 (FEDORA-2018-ade812ef2a)
SpiderMonkey JavaScript library
--------------------------------------------------------------------------------
Update Information:
mozjs52 52.9.0, including various security, stability and regression fixes from
Firefox 52.9.0 ESR. For details, see
https://www.mozilla.org/en-
US/firefox/52.9.0/releasenotes/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 25 2018 Kalev Lember <klember(a)redhat.com> - 52.9.0-1
- Update to 52.9.0
* Mon Jun 11 2018 Ray Strode <rstrode(a)redhat.com> - 52.8.0-2
- safeguard against linking against bundled nss
Related: #1563708
--------------------------------------------------------------------------------
================================================================================
pcre2-10.31-8.fc27 (FEDORA-2018-ed57a71f31)
Perl-compatible regular expression library
--------------------------------------------------------------------------------
Update Information:
This release fixes backtracking atomic groups when they are not separated by
something with a backtracking point.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 31 2018 Petr Pisar <ppisar(a)redhat.com> - 10.31-8
- Fix backtracking atomic groups when they are not separated by something with
a backtracking point
--------------------------------------------------------------------------------
================================================================================
perl-HTTP-Tiny-0.074-1.fc27 (FEDORA-2018-58a4436322)
Small, simple, correct HTTP/1.1 client
--------------------------------------------------------------------------------
Update Information:
This release updates documentation and corrects tests.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 31 2018 Petr Pisar <ppisar(a)redhat.com> - 0.074-1
- 0.074 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1610065 - perl-HTTP-Tiny-0.074 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1610065
--------------------------------------------------------------------------------
================================================================================
pythia8-8.2.35-4.fc27 (FEDORA-2018-2b79ca1f20)
Pythia Event Generator for High Energy Physics
--------------------------------------------------------------------------------
Update Information:
Don't own toplevel __pycache__ directory
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 31 2018 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 8.2.35-4
- Don't own toplevel __pycache__ directory
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 8.2.35-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
python-uranium-lulzbot-3.2.23-1.fc27 (FEDORA-2018-394a827406)
A Python framework for building desktop applications (Lulzbot fork)
--------------------------------------------------------------------------------
Update Information:
Update to Cura-Lulzbot 3.2.23. Fix CVE-2018-1000537
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 30 2018 Tom Callaway <spot(a)fedoraproject.org> - 3.2.23-1
- update to 3.2.23
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.2.21-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jun 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 3.2.21-2
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1595588 - CVE-2018-1000537 lulzbot-marlin-firmware: marlin: Buffer overflow
in cardreader.cpp [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1595588
--------------------------------------------------------------------------------