The following Fedora 26 Security updates need testing:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8e4c14eeec
php-onelogin-php-saml-2.10.5-1.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5899f809e links-2.14-1.fc26
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a8add6c46c
texlive-2016-33.20160520.fc26
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-68bd2a916e
python-sleekxmpp-1.3.2-1.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3456ba4c93
kernel-4.11.0-0.rc4.git0.1.fc26
The following Fedora 26 Critical Path updates have yet to be approved:
Age URL
10
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d0d830d7d2
iproute-4.10.0-2.fc26
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-90bcb067bf
fedora-release-26-0.6
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ff342c515a
xorg-x11-server-1.19.3-2.fc26
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-aabd95dc70
osinfo-db-20170326-1.fc26
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-83c2088f64 bluez-5.44-1.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1911772638 pcre-8.40-6.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2250620d8 vim-8.0.514-1.fc26
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-5963772d6f
network-manager-applet-1.8.0-0.1.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3456ba4c93
kernel-4.11.0-0.rc4.git0.1.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-10fc897ab1 audit-2.7.4-1.fc26
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a5303b2b8b gdbm-1.13-1.fc26
The following builds have been pushed to Fedora 26 updates-testing
ansible-2.2.2.0-1.fc26
atop-2.3.0-1.fc26
audit-2.7.4-1.fc26
bodhi-2.5.0-1.fc26
cassandra-3.9-7.fc26
emacs-common-ess-16.10-3.fc26
erlang-triq-0-0.3.git2c49739.fc26
erlang-webmachine-1.10.8-11.fc26
fatresize-1.0.3-4.git20161118.fc26
findbugs-contrib-6.8.4-1.fc26
fpc-3.0.2-1.fc26
gdbm-1.13-1.fc26
golang-github-ojii-gettext.go-0-0.1.gitb6dae1d.fc26
golang-gopkg-retry-v1-1-0.2.gitc09f6b8.fc26
java-1.8.0-openjdk-1.8.0.121-10.b14.fc26
kernel-4.11.0-0.rc4.git0.1.fc26
lazarus-1.6.4-2.fc26
legion-17.02.0-5.fc26
netpbm-10.78.00-1.fc26
numpy-1.12.1-1.fc26
oci-systemd-hook-0.1.7-1.git1788cf2.fc26
openvpn-2.4.1-2.fc26
perl-App-GitHooks-1.9.0-1.fc26
perl-Cpanel-JSON-XS-3.0231-1.fc26
perl-MRO-Compat-0.13-1.fc26
perl-MetaCPAN-Client-2.009001-1.fc26
php-horde-Horde-Core-2.28.2-1.fc26
php-sebastian-object-reflector-1.1.1-1.fc26
pylint-1.6.5-3.fc26
python-pystray-0.14.2-1.fc26
python-xlib-0.19-2.fc26
sos-3.4-1.fc26
thefuck-3.15-1.fc26
winetricks-20170326-1.fc26
ypbind-1.38-10.fc26
Details about builds:
================================================================================
ansible-2.2.2.0-1.fc26 (FEDORA-2017-e0404b6420)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
Update to upstream 2.2.2.0 release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1436461 - ansible-2.2.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1436461
--------------------------------------------------------------------------------
================================================================================
atop-2.3.0-1.fc26 (FEDORA-2017-bfb2c2c60f)
An advanced interactive monitor to view the load on system and process level
--------------------------------------------------------------------------------
Update Information:
2.3.0
http://www.atoptool.nl/downloadatop.php
--------------------------------------------------------------------------------
================================================================================
audit-2.7.4-1.fc26 (FEDORA-2017-10fc897ab1)
User space tools for 2.6 kernel auditing
--------------------------------------------------------------------------------
Update Information:
This release rounds out the auparse_nomalize support. There are now python
bindings for the normalizer API. Ausearch/report now has a "boot" option to ask
for events since boot. And the syscall table was updated for the 4.11 kernel.
--------------------------------------------------------------------------------
================================================================================
bodhi-2.5.0-1.fc26 (FEDORA-2017-4917bb3d50)
A modular framework that facilitates publishing software updates
--------------------------------------------------------------------------------
Update Information:
Update to 2.5.0 See
https://github.com/fedora-infra/bodhi/releases/tag/2.5.0
--------------------------------------------------------------------------------
================================================================================
cassandra-3.9-7.fc26 (FEDORA-2017-c33dfdc0a7)
Client utilities for cassandra
--------------------------------------------------------------------------------
Update Information:
remove thrift from 3.9 applying mainly upstream patch
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435948 - FTBFS: Cassandra fails to (re)build generated thrift files from
source
https://bugzilla.redhat.com/show_bug.cgi?id=1435948
--------------------------------------------------------------------------------
================================================================================
emacs-common-ess-16.10-3.fc26 (FEDORA-2017-c5dc0e0d28)
Emacs Speaks Statistics add-on package for Emacs
--------------------------------------------------------------------------------
Update Information:
Changes and New Features in 16.10: * ESS[R]: Syntax highlighting is now more
consistent. Backquoted names are not fontified as strings (since they
really are identifiers). Furthermore they are now correctly recognised
when they are function definitions or function calls. * ESS[R]:
Backquoted names and '%op%' operators are recognised as sexp. This is
useful for code navigation, e.g. with 'C-M-f' and 'C-M-b'. *
ESS[R]:
Integration of outline mode with roxygen examples fields. You can use
outline mode's code folding commands to fold the examples field. This is
especially nice to use with well documented packages with long examples
set. Set 'ess-roxy-fold-examples' to non-nil to automatically fold the
examples field when you open a buffer. * ESS[R]: New experimental feature:
syntax highlighting in roxygen examples fields. This is turned off by
default. Set 'ess-roxy-fontify-examples' to non-nil to try it out. *
ESS[R]: New package development command 'ess-r-devtools-ask' bound to
'C-c
C-w C-a'. It asks with completion for any devtools command that takes
'pkg' as argument. * ESS[R]: New command 'C-c C-e C-r' to reload the
inferior
process. Currently only implemented for R. The R method runs
'inferior-ess-r-reload-hook' on reloading. * ESS[R]:
'ess-r-package-mode' is
now activated in non-file buffers as well. Bug fixes in 16.10: *
ESS[R]: Fix broken (un)flagging for debugging inside packages * ESS[R]: Fixes
(and improvements) in Package development * ESS[R]: Completion no longer
produces '...=' inside 'list( )'. * ESS[R]: Better debugging and
tracing in
packages. * ESS[R]: Better detection of symbols at point. * ESS[R]: No
more spurious warnings on deletion of temporary files. * ESS[julia]: help and
completion work (better) * ESS[julia]: available via 'ess-remote' ----
Rebuild to fix FTBFS status in F26.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1423521 - emacs-common-ess: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1423521
[ 2 ] Bug #1387842 - emacs-common-ess-16.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1387842
[ 3 ] Bug #1435576 - Missing ess-julia.jl leads to backtrace
https://bugzilla.redhat.com/show_bug.cgi?id=1435576
--------------------------------------------------------------------------------
================================================================================
erlang-triq-0-0.3.git2c49739.fc26 (FEDORA-2017-df5668ed92)
A property-based testing library for Erlang
--------------------------------------------------------------------------------
Update Information:
* Fix FTBFS
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1423545 - erlang-triq: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1423545
--------------------------------------------------------------------------------
================================================================================
erlang-webmachine-1.10.8-11.fc26 (FEDORA-2017-1dbf276a00)
A REST-based system for building web applications
--------------------------------------------------------------------------------
Update Information:
* FTBFS in Rawhide
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1423546 - erlang-webmachine: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1423546
--------------------------------------------------------------------------------
================================================================================
fatresize-1.0.3-4.git20161118.fc26 (FEDORA-2017-ff208d4982)
FAT16/FAT32 resizer
--------------------------------------------------------------------------------
Update Information:
New package. Description: The FAT16/FAT32 non-destructive resizer.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1395955 - Review Request: fatresize - FAT16/FAT32 resizer
https://bugzilla.redhat.com/show_bug.cgi?id=1395955
--------------------------------------------------------------------------------
================================================================================
findbugs-contrib-6.8.4-1.fc26 (FEDORA-2017-73e80a6deb)
Extra findbugs detectors
--------------------------------------------------------------------------------
Update Information:
Update to new upstream version 6.8.4. New detectors: *
`SPP_NULL_CHECK_ON_MAP_SUBSET_ACCESSOR` * Method checks whether the
`keySet()`, `entrySet()` or `values()` collection of a `Map` is `null`
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1431470 - findbugs-contrib-6.8.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1431470
--------------------------------------------------------------------------------
================================================================================
fpc-3.0.2-1.fc26 (FEDORA-2017-fb0624d0f7)
Free Pascal Compiler
--------------------------------------------------------------------------------
Update Information:
Updated Free Pascal (fpc) to version 3.0.2 and Lazarus to version 1.6.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1424659 - fpc-3.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1424659
[ 2 ] Bug #1427854 - lazarus-1.6.4-0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1427854
--------------------------------------------------------------------------------
================================================================================
gdbm-1.13-1.fc26 (FEDORA-2017-a5303b2b8b)
A GNU set of database routines which use extensible hashing
--------------------------------------------------------------------------------
Update Information:
Update to latest gdbm 1.13 release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1431389 - gdbm-1.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1431389
--------------------------------------------------------------------------------
================================================================================
golang-github-ojii-gettext.go-0-0.1.gitb6dae1d.fc26 (FEDORA-2017-efef239752)
gettext in golang
--------------------------------------------------------------------------------
Update Information:
First package for Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435327 - Review Request: golang-github-ojii-gettext.go - gettext
functionality in Go
https://bugzilla.redhat.com/show_bug.cgi?id=1435327
--------------------------------------------------------------------------------
================================================================================
golang-gopkg-retry-v1-1-0.2.gitc09f6b8.fc26 (FEDORA-2017-ba970f5818)
Provides a framework for retrying actions
--------------------------------------------------------------------------------
Update Information:
First version of the package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435572 - Review Request: golang-gopkg-retry-v1 - Provides a framework for
retrying actions
https://bugzilla.redhat.com/show_bug.cgi?id=1435572
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-1.8.0.121-10.b14.fc26 (FEDORA-2017-bf9a6ca338)
OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:
Built against fixed GCC. No user-related change should be seen.
--------------------------------------------------------------------------------
================================================================================
kernel-4.11.0-0.rc4.git0.1.fc26 (FEDORA-2017-3456ba4c93)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Kernel 4.11-rc4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435719 - CVE-2017-7261 kernel: drm/vmwgfx: check that number of mip levels
is above zero
https://bugzilla.redhat.com/show_bug.cgi?id=1435719
--------------------------------------------------------------------------------
================================================================================
lazarus-1.6.4-2.fc26 (FEDORA-2017-fb0624d0f7)
Lazarus Component Library and IDE for Freepascal
--------------------------------------------------------------------------------
Update Information:
Updated Free Pascal (fpc) to version 3.0.2 and Lazarus to version 1.6.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1424659 - fpc-3.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1424659
[ 2 ] Bug #1427854 - lazarus-1.6.4-0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1427854
--------------------------------------------------------------------------------
================================================================================
legion-17.02.0-5.fc26 (FEDORA-2017-3fa9837032)
A data-centric parallel programming system
--------------------------------------------------------------------------------
Update Information:
Rebuilt for gasnet-1.28.2
--------------------------------------------------------------------------------
================================================================================
netpbm-10.78.00-1.fc26 (FEDORA-2017-4504411585)
A library for handling different graphics file formats
--------------------------------------------------------------------------------
Update Information:
New release of netpmb.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1436893 - netpbm-10.78.00 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1436893
--------------------------------------------------------------------------------
================================================================================
numpy-1.12.1-1.fc26 (FEDORA-2017-af3ba2759b)
A fast multidimensional array facility for Python
--------------------------------------------------------------------------------
Update Information:
1.12.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1436833 - numpy-1.12.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1436833
--------------------------------------------------------------------------------
================================================================================
oci-systemd-hook-0.1.7-1.git1788cf2.fc26 (FEDORA-2017-24b0c3f15d)
OCI systemd hook for docker
--------------------------------------------------------------------------------
Update Information:
oci-systemd-hook crashes if the docker config.json is too large. This bug was
discovered in RHEL
--------------------------------------------------------------------------------
================================================================================
openvpn-2.4.1-2.fc26 (FEDORA-2017-c07a04251a)
A full-featured SSL VPN solution
--------------------------------------------------------------------------------
Update Information:
Mainly a package maintenance update but does also fix a particular systemd unit
file issue with the old and deprecated openvpn@.service unit file.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435036 - openvpn-2.4.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1435036
[ 2 ] Bug #1435831 - openvpn@.service uses --daemon and --writepid
https://bugzilla.redhat.com/show_bug.cgi?id=1435831
--------------------------------------------------------------------------------
================================================================================
perl-App-GitHooks-1.9.0-1.fc26 (FEDORA-2017-ace39d634b)
Extensible plugins system for git hooks
--------------------------------------------------------------------------------
Update Information:
Updated to the latest version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435189 - Upgrade perl-App-GitHooks to 1.9.0
https://bugzilla.redhat.com/show_bug.cgi?id=1435189
--------------------------------------------------------------------------------
================================================================================
perl-Cpanel-JSON-XS-3.0231-1.fc26 (FEDORA-2017-e18bde094f)
JSON::XS for Cpanel, fast and correct serializing
--------------------------------------------------------------------------------
Update Information:
Current upstream maintenance release.
--------------------------------------------------------------------------------
================================================================================
perl-MRO-Compat-0.13-1.fc26 (FEDORA-2017-6d2ed6c994)
Mro::* interface compatibility for Perls < 5.9.5
--------------------------------------------------------------------------------
Update Information:
Current upstream maintenance release.
--------------------------------------------------------------------------------
================================================================================
perl-MetaCPAN-Client-2.009001-1.fc26 (FEDORA-2017-8dc75a18c4)
A comprehensive, DWIM-featured client to the MetaCPAN API
--------------------------------------------------------------------------------
Update Information:
Current upstream maintenance release.
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Core-2.28.2-1.fc26 (FEDORA-2017-bc74c43457)
Horde Core Framework libraries
--------------------------------------------------------------------------------
Update Information:
**Horde_Core 2.28.2** * [jan] Fix unpacking encrypted session data ("User not
authorized for ..." log messages). * [jan] Throw an exception when accessing a
non-existing API through the registry.
--------------------------------------------------------------------------------
================================================================================
php-sebastian-object-reflector-1.1.1-1.fc26 (FEDORA-2017-6f5806920b)
Allows reflection of object attributes
--------------------------------------------------------------------------------
Update Information:
**Version 1.1.1** - 2017-03-29 * Fixed
[#1](https://github.com/sebastianbergmann/object-reflector/issues/1): Attributes
that with non-string names are not handled correctly
--------------------------------------------------------------------------------
================================================================================
pylint-1.6.5-3.fc26 (FEDORA-2017-b8d3792a3e)
Analyzes Python code looking for bugs and signs of poor quality
--------------------------------------------------------------------------------
Update Information:
- Split python2 modules into sub-packages - Make python3 the default for scripts
on Fedora 26+ - Enable python3 build for EPEL - Include python3-pylint-gui
pycache files in gui package (bug #1422609)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1431835 - packaging issues
https://bugzilla.redhat.com/show_bug.cgi?id=1431835
[ 2 ] Bug #1422609 - python3-pylint-gui doesn't contain __pycache__ files
https://bugzilla.redhat.com/show_bug.cgi?id=1422609
--------------------------------------------------------------------------------
================================================================================
python-pystray-0.14.2-1.fc26 (FEDORA-2017-5d5f958788)
Provides system tray integration
--------------------------------------------------------------------------------
Update Information:
* Initial rpm-release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1436347 - Review Request: python-pystray - Provides system tray integration
https://bugzilla.redhat.com/show_bug.cgi?id=1436347
--------------------------------------------------------------------------------
================================================================================
python-xlib-0.19-2.fc26 (FEDORA-2017-1b236dd1b3)
X client library for Python
--------------------------------------------------------------------------------
Update Information:
* Update to 0.19 release
--------------------------------------------------------------------------------
================================================================================
sos-3.4-1.fc26 (FEDORA-2017-18edba8d64)
A set of tools to gather troubleshooting information from a system
--------------------------------------------------------------------------------
Update Information:
Rebased on upstream 3.4. For highlights, important fixes, or notable
enhancements please see upstream announcement:
https://github.com/sosreport/sos/releases/tag/3.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1427445 - sosreport 3.3 says: sosreport (version 3.2)
https://bugzilla.redhat.com/show_bug.cgi?id=1427445
[ 2 ] Bug #1436969 - sos 3.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1436969
--------------------------------------------------------------------------------
================================================================================
thefuck-3.15-1.fc26 (FEDORA-2017-31f34a4cc7)
App that corrects your previous console command
--------------------------------------------------------------------------------
Update Information:
Updated to thefuck 3.15
--------------------------------------------------------------------------------
================================================================================
winetricks-20170326-1.fc26 (FEDORA-2017-6e6fb25da5)
Work around common problems in Wine
--------------------------------------------------------------------------------
Update Information:
version 20170326 - - convert to sha256 - misc minor fixes, see full changelog:
https://github.com/Winetricks/winetricks/compare/20170207...20170326
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1432052 - winetricks-20170327 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1432052
--------------------------------------------------------------------------------
================================================================================
ypbind-1.38-10.fc26 (FEDORA-2017-3636d8e4f2)
The NIS daemon which binds NIS clients to an NIS domain
--------------------------------------------------------------------------------
Update Information:
Add a Wants dependency on nss-user-lookup.target (#1282440)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1282440 - ypbind.service should be loaded before nss-user-lookup.target
https://bugzilla.redhat.com/show_bug.cgi?id=1282440
--------------------------------------------------------------------------------