The following Fedora 29 Security updates need testing:
Age URL
115
https://bodhi.fedoraproject.org/updates/FEDORA-2019-49f80a78bc
mingw-sqlite-3.26.0.0-1.fc29
96
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fa5843e0e1
asterisk-16.2.1-1.fc29
82
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c84f291592
WALinuxAgent-2.2.38-1.fc29
77
https://bodhi.fedoraproject.org/updates/FEDORA-2019-7528388823
chicken-5.0.0-2.fc29
36
https://bodhi.fedoraproject.org/updates/FEDORA-2019-9839aded3f
python-gnupg-0.4.4-1.fc29
33
https://bodhi.fedoraproject.org/updates/FEDORA-2019-35cb5a4785
kubernetes-1.13.5-1.fc29
26
https://bodhi.fedoraproject.org/updates/FEDORA-2019-9454ce61b2
freeradius-3.0.19-3.fc29
14
https://bodhi.fedoraproject.org/updates/FEDORA-2019-96badf645f
thunderbird-60.7.0-1.fc29
12
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e5910c3ef2
libvirt-4.7.0-4.fc29
12
https://bodhi.fedoraproject.org/updates/FEDORA-2019-697de0501f
curl-7.61.1-11.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2ea119f414
buildbot-1.8.2-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-4c71ff167a mutt-1.12.0-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fbda9f1e49
python-urllib3-1.24.3-1.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-8c4b25b5ec php-7.2.19-2.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-f0435555ac
cyrus-imapd-3.0.10-1.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-c7187e6dc7
mod_http2-1.15.1-1.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-0ea42f074e
poppler-0.67.0-21.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-1b61a528dd
dovecot-2.3.6-3.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-24217abfdf
containernetworking-plugins-0.7.5-1.fc29
The following Fedora 29 Critical Path updates have yet to be approved:
Age URL
85
https://bodhi.fedoraproject.org/updates/FEDORA-2019-5329292fc2
fedfind-4.2.2-1.fc29 python-productmd-1.20-1.fc29
77
https://bodhi.fedoraproject.org/updates/FEDORA-2019-f4b2308023
iproute-5.0.0-2.fc29
42
https://bodhi.fedoraproject.org/updates/FEDORA-2019-201c9dce0a
libXt-1.1.5-11.20190424gitba4ec9376.fc29
36
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e6d2bef148
python2-2.7.16-2.fc29
36
https://bodhi.fedoraproject.org/updates/FEDORA-2019-d762a7ad70
kexec-tools-2.0.19-1.fc29
27
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e513e057d5
python-blivet-3.1.2-5.fc29
26
https://bodhi.fedoraproject.org/updates/FEDORA-2019-719c8264ca lorax-29.29-1.fc29
25
https://bodhi.fedoraproject.org/updates/FEDORA-2019-3b38d20c4a
alsa-lib-1.1.9-1.fc29 alsa-plugins-1.1.9-1.fc29 alsa-utils-1.1.9-1.fc29
15
https://bodhi.fedoraproject.org/updates/FEDORA-2019-28516f8c38
librepo-1.10.2-1.fc29
15
https://bodhi.fedoraproject.org/updates/FEDORA-2019-d2df59c6df
vim-8.1.1359-1.fc29
14
https://bodhi.fedoraproject.org/updates/FEDORA-2019-691a70723b fwupd-1.2.9-1.fc29
14
https://bodhi.fedoraproject.org/updates/FEDORA-2019-9be1aa31d1
dnf-plugins-core-4.0.7-1.fc29
14
https://bodhi.fedoraproject.org/updates/FEDORA-2019-96badf645f
thunderbird-60.7.0-1.fc29
12
https://bodhi.fedoraproject.org/updates/FEDORA-2019-b1f02f9ed4
p11-kit-0.23.16.1-1.fc29
12
https://bodhi.fedoraproject.org/updates/FEDORA-2019-697de0501f
curl-7.61.1-11.fc29
12
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e5910c3ef2
libvirt-4.7.0-4.fc29
11
https://bodhi.fedoraproject.org/updates/FEDORA-2019-8ab4452eca pcre-8.43-2.fc29
11
https://bodhi.fedoraproject.org/updates/FEDORA-2019-5ecb2e38c3
libidn2-2.2.0-1.fc29
9
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6edf6c9afc
xkeyboard-config-2.24-5.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-fbda9f1e49
python-urllib3-1.24.3-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2b6e64e5ca samba-4.9.8-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-358468ed91
gnome-settings-daemon-3.30.2-2.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-06a2d1c7fb
anaconda-29.24.7-3.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-534728cfe8
crypto-policies-20190527-1.git0b3add8.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-b86c1cf99f
pungi-4.1.37-1.fc29
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-5f258252a4
openssh-7.9p1-6.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-0ea42f074e
poppler-0.67.0-21.fc29
6
https://bodhi.fedoraproject.org/updates/FEDORA-2019-4cefd3161a
nfs-utils-2.3.3-4.rc2.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-04b9c67922
selinux-policy-3.14.2-60.fc29
4
https://bodhi.fedoraproject.org/updates/FEDORA-2019-57cd1d7037
btrfs-progs-5.1-1.fc29
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2fc3e80abe
hwdata-0.324-1.fc29
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2fc5ffc4e2
openssl-1.1.1c-2.fc29
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-92bb1b64f6
igt-gpu-tools-1.23-1.20190531git4108c74.fc29 xorg-x11-drv-intel-2.99.917-42.20180618.fc29
The following builds have been pushed to Fedora 29 updates-testing
compose-utils-0.1.31-1.fc29
container-exception-logger-1.0.3-1.fc29
earlyoom-1.3-2.fc29
flat-remix-theme-0.0.20190604-1.fc29
flrig-1.3.45-1.fc29
gnome-chemistry-utils-0.14.17-17.fc29
gnumeric-1.12.45-1.fc29
goffice-0.10.45-1.fc29
js-jquery-file-upload-9.31.0-1.fc29
js-jquery-jstree-3.3.8-1.fc29
kernel-5.1.7-200.fc29
kernel-headers-5.1.7-200.fc29
libntirpc-1.7.4-1.fc29
mozilla-iot-gateway-0.8.1-2.fc29
nfs-ganesha-2.7.4-1.fc29
pam-u2f-1.0.8-1.fc29
perl-PPIx-QuoteLike-0.007-1.fc29
perl-podlators-4.12-1.fc29
php-phpmyadmin-sql-parser-4.3.2-1.fc29
php-twig2-2.11.2-1.fc29
phpMyAdmin-4.9.0.1-1.fc29
python-alembic-1.0.10-1.fc29
python-giacpy-0.6.8-1.fc29
python-metakernel-0.24.2-1.fc29
python38-3.8.0~b1-1.fc29
quilter-1.9.0-1.20190605git076ac9e.fc29
Details about builds:
================================================================================
compose-utils-0.1.31-1.fc29 (FEDORA-2019-e0e0f86a69)
Utilities for working with composes
--------------------------------------------------------------------------------
Update Information:
New upstream release with module support in `compose_utils.diff`.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 4 2019 Lubom��r Sedl���� <lsedlar(a)redhat.com> - 0.1.31-1
- New upstream release
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.1.27-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
container-exception-logger-1.0.3-1.fc29 (FEDORA-2019-9b446c7753)
Logging from a container to a host
--------------------------------------------------------------------------------
Update Information:
- Use a correct command name in helper (`container-exception-logger`) - Drop the
setuid wrapper - license is actually GPLv3+
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Martin Kutlak <mkutlak(a)redhat.com> 1.0.3-1
- Use a correct command name in helper (mkutlak(a)redhat.com)
- Drop the setuid wrapper (mkutlak(a)redhat.com)
- license is actually GPLv3+ (msuchy(a)redhat.com)
--------------------------------------------------------------------------------
================================================================================
earlyoom-1.3-2.fc29 (FEDORA-2019-3082237808)
Early OOM Daemon for Linux
--------------------------------------------------------------------------------
Update Information:
Forwarded version to compiled binary.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Vitaly Zaitsev <vitaly(a)easycoding.org> - 1.3-2
- Forwarded version to compiled binary.
--------------------------------------------------------------------------------
================================================================================
flat-remix-theme-0.0.20190604-1.fc29 (FEDORA-2019-dadaa4c756)
Pretty simple theme inspired on material design
--------------------------------------------------------------------------------
Update Information:
#### Description Flat Remix GTK theme is a pretty simple GTK window theme
inspired on material design following a modern design using "flat" colors with
high contrasts and sharp borders. Themes: * Flat Remix GTK * Flat Remix GTK
Dark * Flat Remix GTK Darker * Flat Remix GTK Darkest Variants: * Solid: Theme
without transparency * No Border: Darkest theme without white window border
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1706365 - Review Request: flat-remix-theme - Pretty simple theme inspired on
material design
https://bugzilla.redhat.com/show_bug.cgi?id=1706365
--------------------------------------------------------------------------------
================================================================================
flrig-1.3.45-1.fc29 (FEDORA-2019-909d49ad06)
Transceiver control program
--------------------------------------------------------------------------------
Update Information:
Version 1.3.45 * Maintenance release = - FT-891 - update - TT-550 - restore
tabs dialog visibility - sliders - add user configuration for sliders - modify
Win32 build scripts - combo/listbox controls - remove readonly attribute of
input box - RPC::XML methods - expose set/get for volum, mic, rfgain - Add
Kenwood TS790 backend
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Richard Shaw <hobbes1069(a)gmail.com> - 1.3.45-1
- Update to 1.3.45.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1717196 - flrig-1.3.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1717196
--------------------------------------------------------------------------------
================================================================================
gnome-chemistry-utils-0.14.17-17.fc29 (FEDORA-2019-5b2fcc8f10)
A set of chemical utilities
--------------------------------------------------------------------------------
Update Information:
An update to the latest gnumeric and goffice releases: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.45.html
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Julian Sikorski <belegdol(a)fedoraproject.org> - 0.14.17-17
- Rebuild for gnumeric-1.12.45
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1716664 - gnumeric-1.12.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1716664
[ 2 ] Bug #1716666 - goffice-0.10.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1716666
--------------------------------------------------------------------------------
================================================================================
gnumeric-1.12.45-1.fc29 (FEDORA-2019-5b2fcc8f10)
Spreadsheet program for GNOME
--------------------------------------------------------------------------------
Update Information:
An update to the latest gnumeric and goffice releases: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.45.html
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Julian Sikorski <belegdol(a)fedoraproject.org> - 1:1.12.45-1
- Update to 1.12.45
- Update python2 patch
- Drop obsolete .spec sections
- Bytecompile python files properly
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1716664 - gnumeric-1.12.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1716664
[ 2 ] Bug #1716666 - goffice-0.10.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1716666
--------------------------------------------------------------------------------
================================================================================
goffice-0.10.45-1.fc29 (FEDORA-2019-5b2fcc8f10)
G Office support libraries
--------------------------------------------------------------------------------
Update Information:
An update to the latest gnumeric and goffice releases: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.45.html
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 4 2019 Julian Sikorski <belegdol(a)fedoraproject.org> - 0.10.45-1
- Update to 0.10.45
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1716664 - gnumeric-1.12.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1716664
[ 2 ] Bug #1716666 - goffice-0.10.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1716666
--------------------------------------------------------------------------------
================================================================================
js-jquery-file-upload-9.31.0-1.fc29 (FEDORA-2019-5acf586a26)
File Upload widget for jQuery
--------------------------------------------------------------------------------
Update Information:
Update to [
9.31.0](https://github.com/blueimp/jQuery-File-
Upload/compare/v9.22.0...v9.31.0).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Randy Barlow <bowlofeggs(a)fedoraproject.org> - 9.31.0-1
- Update to 9.31.0 (#1700322).
-
https://github.com/blueimp/jQuery-File-Upload/compare/v9.22.0...v9.31.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1700322 - js-jquery-file-upload-9.31.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1700322
--------------------------------------------------------------------------------
================================================================================
js-jquery-jstree-3.3.8-1.fc29 (FEDORA-2019-a171291a47)
A jQuery tree plugin
--------------------------------------------------------------------------------
Update Information:
Update to [
3.3.8](https://github.com/vakata/jstree/compare/3.3.5...3.3.8).
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Randy Barlow <bowlofeggs(a)fedoraproject.org> - 3.3.8-1
- Update to 3.3.8 (#1703862).
-
https://github.com/vakata/jstree/compare/3.3.5...3.3.8
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1703862 - js-jquery-jstree-3.3.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1703862
--------------------------------------------------------------------------------
================================================================================
kernel-5.1.7-200.fc29 (FEDORA-2019-492d24f0ef)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
Update to v5.1.7
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 4 2019 Jeremy Cline <jcline(a)redhat.com> - 5.1.7-200
- Linux v5.1.7
- Fix CVE-2019-12455 (rhbz 1716990 1717003)
- Fix CVE-2019-12454 (rhbz 1716996 1717003)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1717003 - CVE-2019-12454 CVE-2019-12455 kernel: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1717003
--------------------------------------------------------------------------------
================================================================================
kernel-headers-5.1.7-200.fc29 (FEDORA-2019-492d24f0ef)
Header files for the Linux kernel for use by glibc
--------------------------------------------------------------------------------
Update Information:
Update to v5.1.7
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 4 2019 Jeremy Cline <jcline(a)redhat.com> - 5.1.7-200
- Linux v5.1.7
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1717003 - CVE-2019-12454 CVE-2019-12455 kernel: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1717003
--------------------------------------------------------------------------------
================================================================================
libntirpc-1.7.4-1.fc29 (FEDORA-2019-6bc7635438)
New Transport Independent RPC Library
--------------------------------------------------------------------------------
Update Information:
libntirpc 1.7.4 GA
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Kaleb S. KEITHLEY <kkeithle at redhat.com> 1.7.4-1
- libntirpc 1.7.4 GA
--------------------------------------------------------------------------------
================================================================================
mozilla-iot-gateway-0.8.1-2.fc29 (FEDORA-2019-24ba1d4ba0)
Mozilla's Web of Things gateway
--------------------------------------------------------------------------------
Update Information:
Change home directory location for moz-iot-gateway user Add patch to not run
ldconfig in container
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Troy Dawson <tdawson(a)redhat.com> - 0.8.1-2
- Change home directory location for moz-iot-gateway user
- Add patch to not run ldconfig in container
--------------------------------------------------------------------------------
================================================================================
nfs-ganesha-2.7.4-1.fc29 (FEDORA-2019-02cd019281)
NFS-Ganesha is a NFS Server running in user space
--------------------------------------------------------------------------------
Update Information:
nfs-ganesha 2.7.4 GA
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Kaleb S. KEITHLEY <kkeithle at redhat.com> - 2.7.4-1
- nfs-ganesha 2.7.4 GA
* Fri May 17 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 2.7.3-4
- Avoid unversioned Python requires
* Thu May 16 2019 Kaleb S. KEITHLEY <kkeithle at redhat.com> - 2.7.3-3
- nfs-ganesha 2.7.3, enable utils w/ python2 on f30 and up
* Fri May 10 2019 Kaleb S. KEITHLEY <kkeithle at redhat.com> - 2.7.3-2
- nfs-ganesha 2.7.3, selinux bz#1706462
--------------------------------------------------------------------------------
================================================================================
pam-u2f-1.0.8-1.fc29 (FEDORA-2019-cd8f4b9568)
Implements PAM authentication over U2F
--------------------------------------------------------------------------------
Update Information:
New upstream release Fixes Debug file descriptor leak CVE-2019-1221 Fixes
insecure debug file handling CVE-2019-1220
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Seth Jennings <spartacus06(a)gmail.com> - 1.0.8-1
- New upstream release
- Fixes Debug file descriptor leak CVE-2019-1221
- Fixes insecure debug file handling CVE-2019-1220
- resolves: #1717326
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1717326 - Debug file descriptor leak CVE-2019-1221 and insecure debug file
handling CVE-2019-12209
https://bugzilla.redhat.com/show_bug.cgi?id=1717326
--------------------------------------------------------------------------------
================================================================================
perl-PPIx-QuoteLike-0.007-1.fc29 (FEDORA-2019-847fc9fe3d)
Parse Perl string literals and string-literal-like things
--------------------------------------------------------------------------------
Update Information:
This release prohibits a forbidden interpolation inside \N{���}, it fixes
examples, it allows PPIx::QuoteLike::Utils::__variables() method to accept
PPI::Element, PPIx::Regexp::Element, PPIx::QuoteLike, and PPIx::QuoteLike::Token
objects.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Petr Pisar <ppisar(a)redhat.com> - 0.007-1
- 0.007 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1715940 - perl-PPIx-QuoteLike-0.007 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1715940
--------------------------------------------------------------------------------
================================================================================
perl-podlators-4.12-1.fc29 (FEDORA-2019-e0b72241c2)
Format POD source into various output formats
--------------------------------------------------------------------------------
Update Information:
This release fixes tests.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Petr Pisar <ppisar(a)redhat.com> - 1:4.12-1
- 4.12 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1716020 - perl-podlators-4.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1716020
--------------------------------------------------------------------------------
================================================================================
php-phpmyadmin-sql-parser-4.3.2-1.fc29 (FEDORA-2019-33649e2e64)
A validating SQL lexer and parser with a focus on MySQL dialect
--------------------------------------------------------------------------------
Update Information:
Upstream announcement: Welcome to **phpMyAdmin 4.9.0.1**, a bugfix release that
includes important security fixes. This release fixes two security
vulnerabilities: * PMASA-2019-3 is an SQL injection flaw in the Designer
feature * PMASA-2019-4 is a CSRF attack that's possible through the 'cookie'
login form Upgrading is highly recommended for all users. Using the 'http'
auth_type instead of 'cookie' can mitigate the CSRF attack. The solution for
the CSRF attack does remove the former functionality to log in directly through
URL parameters (as mentioned in FAQ 4.8, such as
https://example.com/phpmyadmin/?pma_username=root&password=foo). Such behavior
was discouraged and is now removed. Other query parameters work as expected;
only pma_username and pma_password have been removed. This release also
includes fixes for many bugs, including: - Several issues with SYSTEM
VERSIONING tables - Fixed json encode error in export - Fixed JavaScript events
not activating on input (sql bookmark issue) - Show Designer combo boxes when
adding a constraint - Fix edit view - Fixed invalid default value for bit field
- Fix several errors relating to GIS data types - Fixed javascript error
PMA_messages is not defined - Fixed import XML data with leading zeros - Fixed
php notice, added support for 'DELETE HISTORY' table privilege (MariaDB >=
10.3.4) - Fixed MySQL 8.0.0 issues with GIS display - Fixed "Server charset" in
"Database server" tab showing wrong information - Fixed can not copy user on
Percona Server 5.7 - Updated sql-parser to version 4.3.2, which fixes several
parsing and linting problems There are many, many more bug fixes thanks to the
efforts of our developers, Google Summer of Code applicants, and other
contributors. The phpMyAdmin team ---- **phpmyadmin/sql-parser version
4.3.2** * Fix redundant whitespaces in build() outputs (#228) * Fix incorrect
error on DEFAULT keyword in ALTER operation (#229) * Fix incorrect outputs from
Query::getClause (#233) * Add support for reading an SQL file from stdin * Fix
for missing tokenize-query in Composer's vendor/bin/ directory * Fix for PHP
warnings with an incomplete CASE expression (#241) * Fix for error message with
multiple CALL statements (#223) * Recognize the question mark character as a
parameter (#242)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 4 2019 Remi Collet <remi(a)remirepo.net> - 4.3.2-1
- update to 4.3.2
- add php-phpmyadmin-sql-parser-tokenize-query command
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1717401 - CVE-2019-11768 phpmyadmin: specially crafted database name in the
designer feature can be used to trigger an SQL injection attack
https://bugzilla.redhat.com/show_bug.cgi?id=1717401
[ 2 ] Bug #1717402 - CVE-2019-12616 phpmyadmin: broken tag provided by attacker and
pointing at the victim's phpMyAdmin database can cause CSRF through the victim
https://bugzilla.redhat.com/show_bug.cgi?id=1717402
--------------------------------------------------------------------------------
================================================================================
php-twig2-2.11.2-1.fc29 (FEDORA-2019-6dd7e722b7)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 2.11.2** (2019-06-05) * fixed macro auto-import ---- **Version
2.11.1** (2019-06-04) * added support for "Twig\Markup" instances in the
"in"
test (again) * allowed string operators as variables names in assignments *
fixed support for macros defined in parent templates ---- **Version 2.11.0**
(2019-05-31) * added the possibility to register classes/interfaces as being
safe for the escaper ("EscaperExtension::addSafeClass()") * deprecated
CoreExtension::setEscaper() and CoreExtension::getEscapers() in favor of the
same methods on EscaperExtension * macros are now auto-imported in the template
they are defined (under the ``_self`` variable) * added support for macros on
"is defined" tests * fixed macros "import" when using the same name
in the
parent and child templates * fixed recursive macros * macros imported
"globally" in a template are now available in macros without re-importing them
* fixed the "filter" filter when the argument is \Traversable but does not
implement \Iterator (\SimpleXmlElement for instance) * fixed a PHP fatal error
when calling a macro imported in a block in a nested block * fixed a PHP fatal
error when calling a macro imported in the template in another macro * fixed
wrong error message on "import" and "from"
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Remi Collet <remi(a)remirepo.net> - 2.11.2-1
- update to 2.11.2
* Tue Jun 4 2019 Remi Collet <remi(a)remirepo.net> - 2.11.1-1
- update to 2.11.1
* Mon Jun 3 2019 Remi Collet <remi(a)remirepo.net> - 2.11.0-1
- update to 2.11.0
--------------------------------------------------------------------------------
================================================================================
phpMyAdmin-4.9.0.1-1.fc29 (FEDORA-2019-33649e2e64)
Handle the administration of MySQL over the World Wide Web
--------------------------------------------------------------------------------
Update Information:
Upstream announcement: Welcome to **phpMyAdmin 4.9.0.1**, a bugfix release that
includes important security fixes. This release fixes two security
vulnerabilities: * PMASA-2019-3 is an SQL injection flaw in the Designer
feature * PMASA-2019-4 is a CSRF attack that's possible through the 'cookie'
login form Upgrading is highly recommended for all users. Using the 'http'
auth_type instead of 'cookie' can mitigate the CSRF attack. The solution for
the CSRF attack does remove the former functionality to log in directly through
URL parameters (as mentioned in FAQ 4.8, such as
https://example.com/phpmyadmin/?pma_username=root&password=foo). Such behavior
was discouraged and is now removed. Other query parameters work as expected;
only pma_username and pma_password have been removed. This release also
includes fixes for many bugs, including: - Several issues with SYSTEM
VERSIONING tables - Fixed json encode error in export - Fixed JavaScript events
not activating on input (sql bookmark issue) - Show Designer combo boxes when
adding a constraint - Fix edit view - Fixed invalid default value for bit field
- Fix several errors relating to GIS data types - Fixed javascript error
PMA_messages is not defined - Fixed import XML data with leading zeros - Fixed
php notice, added support for 'DELETE HISTORY' table privilege (MariaDB >=
10.3.4) - Fixed MySQL 8.0.0 issues with GIS display - Fixed "Server charset" in
"Database server" tab showing wrong information - Fixed can not copy user on
Percona Server 5.7 - Updated sql-parser to version 4.3.2, which fixes several
parsing and linting problems There are many, many more bug fixes thanks to the
efforts of our developers, Google Summer of Code applicants, and other
contributors. The phpMyAdmin team ---- **phpmyadmin/sql-parser version
4.3.2** * Fix redundant whitespaces in build() outputs (#228) * Fix incorrect
error on DEFAULT keyword in ALTER operation (#229) * Fix incorrect outputs from
Query::getClause (#233) * Add support for reading an SQL file from stdin * Fix
for missing tokenize-query in Composer's vendor/bin/ directory * Fix for PHP
warnings with an incomplete CASE expression (#241) * Fix for error message with
multiple CALL statements (#223) * Recognize the question mark character as a
parameter (#242)
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jun 4 2019 Remi Collet <remi(a)remirepo.net> - 4.9.0.1-1
- update to 4.9.0.1 (2019-06-04, important security fixes)
- raise dependency on phpmyadmin/sql-parser version 4.3.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1717401 - CVE-2019-11768 phpmyadmin: specially crafted database name in the
designer feature can be used to trigger an SQL injection attack
https://bugzilla.redhat.com/show_bug.cgi?id=1717401
[ 2 ] Bug #1717402 - CVE-2019-12616 phpmyadmin: broken tag provided by attacker and
pointing at the victim's phpMyAdmin database can cause CSRF through the victim
https://bugzilla.redhat.com/show_bug.cgi?id=1717402
--------------------------------------------------------------------------------
================================================================================
python-alembic-1.0.10-1.fc29 (FEDORA-2019-ef33a4a25e)
Database migration tool for SQLAlchemy
--------------------------------------------------------------------------------
Update Information:
Update to
[
1.0.10](https://alembic.sqlalchemy.org/en/latest/changelog.html#change-1.....
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Randy Barlow <bowlofeggs(a)fedoraproject.org> - 1.0.10-1
- Update to 1.0.10 (#1700050).
-
https://alembic.sqlalchemy.org/en/latest/changelog.html#change-1.0.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1700050 - python-alembic-1.0.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1700050
--------------------------------------------------------------------------------
================================================================================
python-giacpy-0.6.8-1.fc29 (FEDORA-2019-dbe5dc1939)
Python binding for Giac
--------------------------------------------------------------------------------
Update Information:
- Release 0.6.8
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Antonio Trande <sagitterATfedoraproject.org> - 0.6.8-1
- Release 0.6.8
* Sat Feb 2 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.7-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Oct 10 2018 Antonio Trande <sagitterATfedoraproject.org> - 0.6.7-1
- Release 0.6.7
* Mon Aug 27 2018 Antonio Trande <sagitterATfedoraproject.org> - 0.6.6-5
- Fix Cython requests
* Mon Aug 27 2018 Antonio Trande <sagitterATfedoraproject.org> - 0.6.6-4
- Deprecate Python2 on fedora 30+
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1717424 - python-giacpy-0.6.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1717424
--------------------------------------------------------------------------------
================================================================================
python-metakernel-0.24.2-1.fc29 (FEDORA-2019-22afc255f6)
Metakernel for Jupyter
--------------------------------------------------------------------------------
Update Information:
New version 0.24.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 0.24.2-1
- Update to version 0.24.2
- Drop patch python-metakernel-Fix-TypeError.patch (accepted upstream)
* Wed Jun 5 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 0.24.1-1
- Update to version 0.24.1
- Drop metakernel-bash packages (upstream removed sources)
- Tests are now using pytest instead of nose
- Fix a TypeError
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1716142 - python-metakernel-0.24.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1716142
[ 2 ] Bug #1717340 - python-metakernel-0.24.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1717340
--------------------------------------------------------------------------------
================================================================================
python38-3.8.0~b1-1.fc29 (FEDORA-2019-e77f7dbb32)
Version 3.8 of the Python interpreter
--------------------------------------------------------------------------------
Update Information:
###This is a beta preview of Python 3.8 Python 3.8 is still in development.
This release, [
3.8.0b1](https://www.python.org/downloads/release/python-380b1/)
is the first of four planned beta release previews. Beta release previews are
intended to give the wider community the opportunity to test new features and
bug fixes and to prepare their projects to support the new feature release. ###
Call to action We strongly encourage maintainers of third-party Python projects
to **test with 3.8** during the beta phase and report issues found to the Python
bug tracker as soon as possible. While the release is planned to be feature
complete entering the beta phase, it is possible that features may be modified
or, in rare cases, deleted up until the start of the release candidate phase
(2019-09-30). Our goal is have no ABI changes after beta 3 and no code changes
after 3.8.0rc1, the release candidate. To achieve that, it will be extremely
important to get as much exposure for 3.8 as possible during the beta phase.
Please keep in mind that this is a preview release and its use is **only
recommended for testing**.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 3.8.0~b1-1
- Update to 3.8.0b1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1716995 - python3.8-config does not understand --embed
https://bugzilla.redhat.com/show_bug.cgi?id=1716995
--------------------------------------------------------------------------------
================================================================================
quilter-1.9.0-1.20190605git076ac9e.fc29 (FEDORA-2019-82ce29e885)
Focus on your writing
--------------------------------------------------------------------------------
Update Information:
Update to 1.9.0-20190605git076ac9e
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 5 2019 Artem Polishchuk <ego.cordatus(a)gmail.com> -
1.9.0-1.20190605git076ac9e
- Update to 1.9.0-20190605git076ac9e
--------------------------------------------------------------------------------