The following Fedora 28 Security updates need testing:
Age URL
266
https://bodhi.fedoraproject.org/updates/FEDORA-2018-d510cfd7eb
jgraphx-3.6.0.0-6.fc28
215
https://bodhi.fedoraproject.org/updates/FEDORA-2018-d7aeaa74da
nodejs-brace-expansion-1.1.11-1.fc28
214
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc073fdc1a
nodejs-atob-2.1.1-1.fc28
207
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9dd3f7c013
unrtf-0.21.9-8.fc28
175
https://bodhi.fedoraproject.org/updates/FEDORA-2018-28e9841baf
docker-latest-1.13.1-37.git9cb56fd.fc28
90
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc4b7af297
xerces-c27-2.7.0-28.fc28
47
https://bodhi.fedoraproject.org/updates/FEDORA-2018-aadd3c2790
mupdf-1.14.0-6.fc28
42
https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28
42
https://bodhi.fedoraproject.org/updates/FEDORA-2018-aa3752ac3c
nginx-1.14.1-1.fc28
33
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b60fdc1998
net-snmp-5.8-3.fc28
33
https://bodhi.fedoraproject.org/updates/FEDORA-2018-70fe6a4d75
nagios-4.4.2-3.fc28
29
https://bodhi.fedoraproject.org/updates/FEDORA-2018-dbcb80405c
nbdkit-1.4.4-1.fc28
22
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86ef9e22 squid-4.4-1.fc28
19
https://bodhi.fedoraproject.org/updates/FEDORA-2018-2abadd4469
haproxy-1.8.15-1.fc28
19
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b18f9dd65b
tomcat-8.5.35-1.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-166b220ff1
tcpreplay-4.3.1-1.fc28
4
https://bodhi.fedoraproject.org/updates/FEDORA-2018-e4732930df beep-1.3-26.fc28
4
https://bodhi.fedoraproject.org/updates/FEDORA-2018-36320c03cd
electron-cash-3.3.4-1.fc28
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-4dc2ccb142
electrum-3.2.4-1.fc28
The following Fedora 28 Critical Path updates have yet to be approved:
Age URL
42
https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28
36
https://bodhi.fedoraproject.org/updates/FEDORA-2018-3222e7c914 radvd-2.17-11.fc28
33
https://bodhi.fedoraproject.org/updates/FEDORA-2018-c86898e4a7 gdb-8.1.1-4.fc28
33
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b60fdc1998
net-snmp-5.8-3.fc28
31
https://bodhi.fedoraproject.org/updates/FEDORA-2018-12c54ca4bf gjs-1.52.5-1.fc28
22
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9f541b469b
nfs-utils-2.3.3-1.rc2.fc28
21
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9963fc558e efivar-37-1.fc28
18
https://bodhi.fedoraproject.org/updates/FEDORA-2018-816dbc3486
osinfo-db-20181214-1.fc28
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bfd076926b
redhat-rpm-config-110-1.fc28
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-43c225890a libfm-1.3.1-1.fc28
pcmanfm-1.3.1-1.fc28
12
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4dddcb3e5e
highlight-3.48-1.fc28
11
https://bodhi.fedoraproject.org/updates/FEDORA-2018-e6538e58ce
ceph-12.2.10-1.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2018-3f302fce3c
krb5-1.16.1-23.fc28
The following builds have been pushed to Fedora 28 updates-testing
OpenMolcas-18.09-2.fc28
appcenter-3.1.0-1.fc28
chirp-20190102-1.fc28
distribution-gpg-keys-1.27-1.fc28
gnutls-3.6.5-1.fc28
golang-1.10.7-1.fc28
heaptrack-1.1.0-1.fc28
hplip-3.18.6-12.fc28
hwdata-0.319-1.fc28
lm_sensors-3.5.0-1.fc28
mariadb-connector-c-3.0.8-1.fc28
mellowplayer-3.5.0-1.20181227git40ef9dd.fc28
ngspice-30-1.fc28
nnn-2.2-1.fc28
otter-browser-1.0.01-1.fc28
perl-DateTime-TimeZone-2.23-1.fc28
perl-Email-Address-1.912-1.fc28
perl-ExtUtils-MakeMaker-CPANfile-0.09-1.fc28
perl-Net-UPnP-1.4.6-1.fc28
perl-PAR-Packer-1.041-5.fc28
phan-1.1.10-1.fc28
php-cs-fixer-2.13.2-1.fc28
php-horde-Horde-Browser-2.0.16-1.fc28
php-horde-Horde-Image-2.5.4-1.fc28
php-phpunitgoodpractices-polyfill-1.1.0-5.fc28
psi4-1.2.1-4.b167f47.fc28
pywbem-0.12.6-1.fc28
rsh-0.17-87.fc28
rsync-3.1.3-4.fc28
wget-1.20.1-1.fc28
xtide-2.15.1-7.fc28
Details about builds:
================================================================================
OpenMolcas-18.09-2.fc28 (FEDORA-2019-87a351b8c3)
A multiconfigurational quantum chemistry software package
--------------------------------------------------------------------------------
Update Information:
Update to 18.09 stable release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 18.09-2
- Fix python shebang.
* Wed Jan 2 2019 Susi Lehtola <jussilehtola(a)fedoraproject.org> - 18.09-1
- Update to 18.09 stable release.
* Tue Sep 25 2018 Susi Lehtola <jussilehtola(a)fedoraproject.org> -
18.0-7.o180813.1752
- Remove HDF5 support because upstream code is non-portable and too hard to fix.
* Tue Sep 18 2018 Susi Lehtola <jussilehtola(a)fedoraproject.org> -
18.0-6.o180813.1752
- Fix pyparsing requirement on EPEL7.
--------------------------------------------------------------------------------
================================================================================
appcenter-3.1.0-1.fc28 (FEDORA-2019-380d98f25f)
Software Center from elementary
--------------------------------------------------------------------------------
Update Information:
Update to version 3.1.0. Release notes:
https://github.com/elementary/appcenter/releases/tag/3.1.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Fabio Valentini <decathorpe(a)gmail.com> - 3.1.0-1
- Update to version 3.1.0.
- Remove empty blacklist file.
--------------------------------------------------------------------------------
================================================================================
chirp-20190102-1.fc28 (FEDORA-2019-39e13e7b8e)
A tool for programming two-way radio equipment
--------------------------------------------------------------------------------
Update Information:
Changes for Build #544 [Vinny Stipo <v(a)xpctech.com>] FT-818ND US Model - I
think this patch may work, I can't test. Bug #6289 [Bruno Maire
<bruno(a)e48.ch>]
New Model #6259 Yaesu FT-7100
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Richard Shaw <hobbes1069(a)gmail.com> - 20190102-1
- Update to 20190102.
--------------------------------------------------------------------------------
================================================================================
distribution-gpg-keys-1.27-1.fc28 (FEDORA-2019-5efd39bbb1)
GPG keys of various Linux distributions
--------------------------------------------------------------------------------
Update Information:
updated Copr keys
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Miroslav Such�� <msuchy(a)redhat.com> 1.27-1
- update copr keys
--------------------------------------------------------------------------------
================================================================================
gnutls-3.6.5-1.fc28 (FEDORA-2019-24dc022a51)
A TLS protocol implementation
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2018-16868
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Anderson Sasaki <ansasaki(a)redhat.com> - 3.6.5-1
- Updated to upstream 3.6.5 release
- Fixed CVE-2018-16868 (#1659095)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1654929 - CVE-2018-16868 gnutls: Bleichenbacher-like side channel leakage in
PKCS#1 v1.5 verification and padding oracle verification
https://bugzilla.redhat.com/show_bug.cgi?id=1654929
--------------------------------------------------------------------------------
================================================================================
golang-1.10.7-1.fc28 (FEDORA-2019-c424e3bb72)
The Go Programming Language
--------------------------------------------------------------------------------
Update Information:
* Rebase to 1.10.7 * Security fix for CVE-2018-16875, CVE-2018-16874 and
CVE-2018-16873
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Jakub ��ajka <jcajka(a)redhat.com> - 1.10.7-1
- Rebase to 1.10.7
- Fix for CVE-2018-16875, CVE-2018-16874 and CVE-2018-16873
- Resolves: BZ#1659290, BZ#1659289, BZ#1659288
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1657563 - CVE-2018-16873 golang: "go get" command vulnerable to RCE
via import of malicious package
https://bugzilla.redhat.com/show_bug.cgi?id=1657563
[ 2 ] Bug #1657564 - CVE-2018-16874 golang: "go get" vulnerable to directory
traversal via malicious package
https://bugzilla.redhat.com/show_bug.cgi?id=1657564
[ 3 ] Bug #1657565 - CVE-2018-16875 golang: crypto/x509 allows for denial of service via
crafted TLS client certificate
https://bugzilla.redhat.com/show_bug.cgi?id=1657565
--------------------------------------------------------------------------------
================================================================================
heaptrack-1.1.0-1.fc28 (FEDORA-2019-d256eb3422)
A heap memory profiler for Linux
--------------------------------------------------------------------------------
Update Information:
Heaptrack 1.1.0 release.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Jan Grulich <jgrulich(a)redhat.com> - 1.1.0-1
- 1.1.0
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.0.0-10
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1582277 - heaptrack-1.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1582277
--------------------------------------------------------------------------------
================================================================================
hplip-3.18.6-12.fc28 (FEDORA-2019-96487fdb77)
HP Linux Imaging and Printing Project
--------------------------------------------------------------------------------
Update Information:
1661922 - build with old net-snmp for now
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Zdenek Dohnal <zdohnal(a)redhat.com> - 3.18.6-12
- 1661922 - new net-snmp is not in stable yet, but new hplip is - build with with old
net-snmp for now
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1661922 - hplip-3.18.6-11 uninstallable because of missing
libnetsnmp.so.35()(64bit)
https://bugzilla.redhat.com/show_bug.cgi?id=1661922
--------------------------------------------------------------------------------
================================================================================
hwdata-0.319-1.fc28 (FEDORA-2019-4a2458eb49)
Hardware identification and configuration data
--------------------------------------------------------------------------------
Update Information:
Updated pci, usb and vendor ids.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Vitezslav Crhonek <vcrhonek(a)redhat.com> - 0.319-1
- Updated pci, usb and vendor ids.
--------------------------------------------------------------------------------
================================================================================
lm_sensors-3.5.0-1.fc28 (FEDORA-2019-0494353779)
Hardware monitoring tools
--------------------------------------------------------------------------------
Update Information:
New version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Ond��ej Lyson��k <olysonek(a)redhat.com> - 3.5.0-1
- New version
- Resolves: rhbz#1653259
* Fri Sep 28 2018 Ond��ej Lyson��k <olysonek(a)redhat.com> -
3.4.0-18.20180522git70f7e08
- Drop unneeded build dependency on libsysfs-devel
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1653259 - lm_sensors-3-5-0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1653259
--------------------------------------------------------------------------------
================================================================================
mariadb-connector-c-3.0.8-1.fc28 (FEDORA-2019-f7b29ff5da)
The MariaDB Native Client library (C driver)
--------------------------------------------------------------------------------
Update Information:
**MariaDB Connector C / C++ 3.0.8 ** Release notes:
https://mariadb.com/kb/en/mariadb-connector-c-308-release-notes/
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Michal Schorm <mschorm(a)redhat.com> - 3.0.8-1
- Rebase to 3.0.8
--------------------------------------------------------------------------------
================================================================================
mellowplayer-3.5.0-1.20181227git40ef9dd.fc28 (FEDORA-2019-d167f8a1da)
Cloud music integration for your desktop
--------------------------------------------------------------------------------
Update Information:
- Update to 3.5.0-1.20181227git40ef9dd - QBS is deprecated: swich back to CMake
- Moving to gitlab
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Martin Gansser <martinkg(a)fedoraproject.org> - 3.5.0-1
- Update to 3.5.0-1
- QBS is deprecated: swich back to CMake
- Moving to gitlab
--------------------------------------------------------------------------------
================================================================================
ngspice-30-1.fc28 (FEDORA-2019-513a22cc85)
A mixed level/signal circuit simulator
--------------------------------------------------------------------------------
Update Information:
New version 30 is released. Also, now shared library version of ngspice is also
provided.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 1 2019 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 30-1
- Update to 30
* Mon Dec 31 2018 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 29-2
- Build shared library (bug 1440904 and so on)
* Sun Dec 30 2018 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 29-1
- Update to 29
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 28-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1440904 - ngspice does not contain shared library
https://bugzilla.redhat.com/show_bug.cgi?id=1440904
--------------------------------------------------------------------------------
================================================================================
nnn-2.2-1.fc28 (FEDORA-2019-36b18526de)
The missing terminal file browser for X
--------------------------------------------------------------------------------
Update Information:
Release 2.2
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 2.2-1
- Release 2.2
--------------------------------------------------------------------------------
================================================================================
otter-browser-1.0.01-1.fc28 (FEDORA-2019-612ed21231)
Web browser controlled by the user, not vice-versa
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.01-1
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Martin Gansser <martinkg(a)fedoraproject.org> - 1.0.01-1
- Update to 1.0.01-1
* Tue Nov 13 2018 Caol��n McNamara <caolanm(a)redhat.com>
-0.9.99.3-0.2.rc12git63b7445
- rebuild for hunspell 1.7.0
--------------------------------------------------------------------------------
================================================================================
perl-DateTime-TimeZone-2.23-1.fc28 (FEDORA-2019-62d3fb74d7)
Time zone object base class and factory
--------------------------------------------------------------------------------
Update Information:
Updated to the latest version
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Jitka Plesnikova <jplesnik(a)redhat.com> - 2.23-1
- 2.23 bump (2018i Olson database)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1662879 - Upgrade perl-DateTime-TimeZone to 2.23
https://bugzilla.redhat.com/show_bug.cgi?id=1662879
--------------------------------------------------------------------------------
================================================================================
perl-Email-Address-1.912-1.fc28 (FEDORA-2019-8deebad756)
RFC 2822 Address Parsing and Creation (DEPRECATED)
--------------------------------------------------------------------------------
Update Information:
Update to 1.912, fixes CVE-2015-7686 and CVE-2018-12558.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Tom Callaway <spot(a)fedoraproject.org> - 1.912-1
- update to 1.912
- fixes CVE-2015-7686 and CVE-2018-12558
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.909-3
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 28 2018 Jitka Plesnikova <jplesnik(a)redhat.com> - 1.909-2
- Perl 5.28 rebuild
* Fri Apr 13 2018 Jitka Plesnikova <jplesnik(a)redhat.com> - 1.909-1
- 1.909 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1593319 - CVE-2018-12558 perl-Email-Address: Specially crafted input could
cause Denial of Service due to complex parse() method [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1593319
[ 2 ] Bug #1662884 - Upgrade perl-Email-Address to 1.912
https://bugzilla.redhat.com/show_bug.cgi?id=1662884
--------------------------------------------------------------------------------
================================================================================
perl-ExtUtils-MakeMaker-CPANfile-0.09-1.fc28 (FEDORA-2019-b7a884b851)
CPANfile support for ExtUtils::MakeMaker
--------------------------------------------------------------------------------
Update Information:
This release corrects a test. We deliver it only to provide an up-to-date
version string.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Petr Pisar <ppisar(a)redhat.com> - 0.09-1
- 0.09 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1662885 - Upgrade perl-ExtUtils-MakeMaker-CPANfile to 0.09
https://bugzilla.redhat.com/show_bug.cgi?id=1662885
--------------------------------------------------------------------------------
================================================================================
perl-Net-UPnP-1.4.6-1.fc28 (FEDORA-2019-286b62d452)
Perl extension for UPnP
--------------------------------------------------------------------------------
Update Information:
This release fixes an abortion in ControlPoint::serach() when an HTTP request
fails.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Petr Pisar <ppisar(a)redhat.com> - 1:1.4.6-1
- 1.4.6 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1662955 - Upgrade perl-Net-UPnP to 1.4.6
https://bugzilla.redhat.com/show_bug.cgi?id=1662955
--------------------------------------------------------------------------------
================================================================================
perl-PAR-Packer-1.041-5.fc28 (FEDORA-2019-baf5a808b6)
PAR Packager
--------------------------------------------------------------------------------
Update Information:
This release restores compatibility with Perl 5.26.3.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Petr Pisar <ppisar(a)redhat.com> - 1.041-5
- Rebuild for Perl 5.26.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1470542 - PAR::Packer requires the same perl version it was built against
https://bugzilla.redhat.com/show_bug.cgi?id=1470542
--------------------------------------------------------------------------------
================================================================================
phan-1.1.10-1.fc28 (FEDORA-2019-e7115f1b5f)
A static analyzer for PHP
--------------------------------------------------------------------------------
Update Information:
30 Dec 2018, **Phan 1.1.10** **New features(Analysis):** + Add suggestions if
to `PhanUndeclaredConstant` issue messages about undeclared global constants, if
possible. (#2240) Suggestions include other global constants, variables, class
constants, properties, and function names. + Warn about `continue` and `break`
with no matching loop/switch scope. (#1869) New issue types:
`PhanContinueOrBreakTooManyLevels`, `PhanContinueOrBreakNotInLoop` + Warn about
`continue` statements targeting `switch` control structures (doing the same
thing as a `break`) (#1869) New issue types: `PhanContinueTargetingSwitch` +
Support inferring template types from array keys. int/string/mixed can be
inferred from `array<TKey,\someType>` when `@template TKey` is in the
class/function-like scope. + Phan can now infer template types from even more
categories of parameter types in constructors and regular functions/methods.
(#522) - infer `T` from `Closure(T):\OtherClass` and
`callable(T):\OtherClass` - infer `T` from `array{keyName:T}` - infer `TKey`
from `array<TKey,\OtherClass>` (as int, string, or mixed) **Bug fixes:** +
Refactor the way `@template` annotations are parsed on classes and function-
likes to avoid various edge cases (#2253) + Fix a bug causing Phan to fail to
analyze closures/uses of closures when used inline (e.g. in function calls)
--------------------------------------------------------------------------------
ChangeLog:
* Mon Dec 31 2018 Remi Collet <remi(a)remirepo.net> - 1.1.10-1
- update to 1.1.10
--------------------------------------------------------------------------------
================================================================================
php-cs-fixer-2.13.2-1.fc28 (FEDORA-2019-0136746276)
A tool to automatically fix PHP code style
--------------------------------------------------------------------------------
Update Information:
Changelog for v2.13.2 --------------------- * bug #3968 SelfAccessorFixer -
support FQCN (kubawerlos) * bug #3974 Psr4Fixer - class with anonymous class
(kubawerlos) * bug #3987 Run HeaderCommentFixer after
NoBlankLinesAfterPhpdocFixer (StanAngeloff) * bug #4009
TypeAlternationTransformer - Fix pipes in function call with constants being
classified incorrectly (ntzm, SpacePossum) * bug #4022 NoUnsetOnPropertyFixer -
refactor and bugfixes (kubawerlos) * bug #4036 ExplicitStringVariableFixer -
fixes for backticks and for 2 variables next to each other (kubawerlos,
Slamdunk) * bug #4038 CommentToPhpdocFixer - handling nested PHPDoc (kubawerlos)
* bug #4064 Ignore invalid mode strings, add option to remove the "b" flag.
(SpacePossum) * bug #4071 DX: do not insert Token when calling
removeLeadingWhitespace/removeTrailingWhitespace from Tokens (kubawerlos) * bug
#4073 IsNullFixer - fix function detection (kubawerlos) * bug #4074
FileFilterIterator - do not filter out files that need fixing (SpacePossum) *
bug #4076 EregToPregFixer - fix function detection (kubawerlos) * bug #4084
MethodChainingIndentation - fix priority with Braces (dmvdbrugge) * bug #4099
HeaderCommentFixer - throw exception on invalid header configuration
(SpacePossum) * bug #4100 PhpdocAddMissingParamAnnotationFixer - Handle variable
number of arguments and pass by reference cases (SpacePossum) * bug #4101
ReturnAssignmentFixer - do not touch invalid code (SpacePossum) * bug #4104
Change transformers order, fixing untransformed T_USE (dmvdbrugge) * bug #4107
Preg::split - fix for non-UTF8 subject (ostrolucky, kubawerlos) * bug #4109
NoBlankLines*: fix removing lines consisting only of spaces (kubawerlos,
keradus) * bug #4114 VisibilityRequiredFixer - don't remove comments
(kubawerlos) * bug #4116 OrderedImportsFixer - fix sorting without any grouping
(SpacePossum) * bug #4119 PhpUnitNoExpectationAnnotationFixer - fix extracting
content from annotation (kubawerlos) * bug #4127 LowercaseConstantsFixer - Fix
case with properties using constants as their name (srathbone) * bug #4134 [7.3]
SquareBraceTransformer - nested array destructuring not handled correctly
(SpacePossum) * bug #4153 PhpUnitFqcnAnnotationFixer - handle only PhpUnit
classes (kubawerlos) * bug #4169 DirConstantFixer - Fixes for PHP7.3 syntax
(SpacePossum) * bug #4181 MultilineCommentOpeningClosingFixer - fix handling
empty comment (kubawerlos) * bug #4186 Tokens - fix removal of leading/trailing
whitespace with empty token in collection (kubawerlos) * minor #3436 Add a
handful of integration tests (BackEndTea) * minor #3774
PhpUnitTestClassRequiresCoversFixer - Remove unneeded loop and use phpunit
indicator class (BackEndTea, SpacePossum) * minor #3778 DX: Throw an exception
if FileReader::read fails (ntzm) * minor #3916 New ruleset "@PhpCsFixer"
(gharlan) * minor #4007 Fixes cookbook for fixers (greeflas) * minor #4031
Correct FixerOptionBuilder::getOption return type (ntzm) * minor #4046 Token -
Added fast isset() path to token->equals() (staabm) * minor #4047 Token - inline
$other->getPrototype() to speedup equals() (staabm, keradus) * minor #4048
Tokens - inlined extractTokenKind() call on the hot path (staabm) * minor #4069
DX: Add dev-tools directory to gitattributes as export-ignore (alexmanno) *
minor #4070 Docs: Add link to a VS Code extension in readme (jakebathman) *
minor #4077 DX: cleanup - NoAliasFunctionsFixer - use FunctionsAnalyzer
(kubawerlos) * minor #4088 Add Travis test with strict types (kubawerlos) *
minor #4091 Adjust misleading sentence in CONTRIBUTING.md (ostrolucky) * minor
#4092 UseTransformer - simplify/optimize (SpacePossum) * minor #4095 DX: Use
::class (keradus) * minor #4096 DX: fixing typo (kubawerlos) * minor #4097 DX:
namespace casing (kubawerlos) * minor #4110 Enhancement: Update
localheinz/composer-normalize (localheinz) * minor #4115 Changes for upcoming
Travis' infra migration (sergeyklay) * minor #4122 DX: AppVeyor - Update
Composer download link (SpacePossum) * minor #4128 DX: cleanup -
AbstractFunctionReferenceFixer - use FunctionsAnalyzer (SpacePossum, kubawerlos)
* minor #4129 Fix: Symfony 4.2 deprecations (kubawerlos) * minor #4139 DX: Fix
CircleCI (kubawerlos) * minor #4142 [7.3] NoAliasFunctionsFixer -
mbregex_encoding' => 'mb_regex_encoding (SpacePossum) * minor #4143
PhpUnitTestCaseStaticMethodCallsFixer - Add PHPUnit 7.5 new assertions
(Slamdunk) * minor #4149 [7.3] ArgumentsAnalyzer - PHP7.3 support (SpacePossum)
* minor #4161 DX: CI - show packages installed via Composer (keradus) * minor
#4162 DX: Drop symfony/lts (keradus) * minor #4166 DX: do not use
AbstractFunctionReferenceFixer when no need to (kubawerlos) * minor #4168 DX:
FopenFlagsFixer - remove useless proxy method (SpacePossum) * minor #4171 Fix
CircleCI cache (kubawerlos) * minor #4173 [7.3] PowToExponentiationFixer - add
support for PHP7.3 (SpacePossum) * minor #4175 Fixing typo (kubawerlos) * minor
#4177 CI: Check that tag is matching version of PHP CS Fixer during deployment
(keradus) * minor #4180 Fixing typo (kubawerlos) * minor #4182 DX: update php-
cs-fixer file style (kubawerlos) * minor #4185 [7.3] ImplodeCallFixer - add
tests for PHP7.3 (kubawerlos) * minor #4187 [7.3] IsNullFixer - support PHP 7.3
(kubawerlos) * minor #4188 DX: cleanup (keradus) * minor #4189 Travis - add PHP
7.3 job (keradus) * minor #4190 Travis CI - fix config (kubawerlos) * minor
#4192 [7.3] MagicMethodCasingFixer - add tests for PHP 7.3 (kubawerlos) * minor
#4194 [7.3] NativeFunctionInvocationFixer - add tests for PHP 7.3 (kubawerlos) *
minor #4195 [7.3] SetTypeToCastFixer - support PHP 7.3 (kubawerlos) * minor
#4196 Update website (keradus) * minor #4197 [7.3] StrictParamFixer - support
PHP 7.3 (kubawerlos)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Remi Collet <remi(a)remirepo.net> - 2.13.2-1
- update to 2.13.2
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Browser-2.0.16-1.fc28 (FEDORA-2019-7e307ca4e2)
Horde Browser API
--------------------------------------------------------------------------------
Update Information:
**Horde_Browser 2.0.16** * [mjr] Fix uploads being disabled when
post_max_upload is set to 0 in php.ini.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Dec 28 2018 Remi Collet <remi(a)remirepo.net> - 2.0.16-1
- update to 2.0.16
- use range dependencies
--------------------------------------------------------------------------------
================================================================================
php-horde-Horde-Image-2.5.4-1.fc28 (FEDORA-2019-944ff52ce6)
Horde Image API
--------------------------------------------------------------------------------
Update Information:
**Horde_Image 2.5.4** * [mjr] SECURITY: Fix potential RCE in the text method
when using the Imagemagick backend. * [mjr] SECURITY: Sanitize image type
parameter (PR: 2, Fariskhi Vidyan). * [mjr] Fix issues with escaping single and
double quote characters in the text method when using the Imagemagick backend.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Remi Collet <remi(a)remirepo.net> - 2.5.4-1
- update to 2.5.4
- use range dependencies
--------------------------------------------------------------------------------
================================================================================
php-phpunitgoodpractices-polyfill-1.1.0-5.fc28 (FEDORA-2019-91ce580f0c)
Lacking future-compat polyfills for PHPUnit
--------------------------------------------------------------------------------
Update Information:
**phpunitgoodpractices/traits to 1.7.0** * Travis - add PHP 7.3 to matrix
(#40) * Support PHPUnit 7.4 and 7.5 (#39) * Update CS (#38)
--------------------------------------------------------------------------------
ChangeLog:
* Sat Dec 29 2018 Remi Collet <remi(a)remirepo.net> - 1.1.0-5
- update phpunitgoodpractices/traits to 1.7.0
--------------------------------------------------------------------------------
================================================================================
psi4-1.2.1-4.b167f47.fc28 (FEDORA-2019-6028ebe1b5)
An ab initio quantum chemistry package
--------------------------------------------------------------------------------
Update Information:
Add missing deepdiff dependency.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Susi Lehtola <jussilehtola(a)fedoraproject.org> -
1:1.2.1-4.b167f473git
- Add deepdiff requires.
* Sun Dec 9 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 1:1.2.1-3.b167f47
- Require python3-numpy instead of python2-numpy
--------------------------------------------------------------------------------
================================================================================
pywbem-0.12.6-1.fc28 (FEDORA-2019-ed25479c85)
Python WBEM client interface and related utilities
--------------------------------------------------------------------------------
Update Information:
Upgrade to new release 0.12.6.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Dec 26 2018 Gris Ge <fge(a)redhat.com> - 0.12.6-1
- Upgrade to 0.12.6
* Tue Jul 24 2018 Gris Ge <fge(a)redhat.com> - 0.12.4-1
- Upgrade to 0.12.4
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.12.3-6
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jul 2 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 0.12.3-5
- Rebuilt for Python 3.7
* Tue Jun 26 2018 Gris Ge <fge(a)redhat.com> - 0.12.3-4
- iAdd missing dependency -- python3-devel
* Tue Jun 26 2018 Gris Ge <fge(a)redhat.com> - 0.12.3-3
- Rebuild again with --target=f29-python.
* Thu Jun 21 2018 Gris Ge <fge(a)redhat.com> - 0.12.3-2
- Rebuilt for Python 3.7
--------------------------------------------------------------------------------
================================================================================
rsh-0.17-87.fc28 (FEDORA-2019-849e1075e8)
Clients for remote access commands (rsh, rlogin, rcp)
--------------------------------------------------------------------------------
Update Information:
Fix for bug #1503119
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Michal Ruprich <mruprich(a)redhat.com> - 0.17-87
- Fix for rhbz#1503119
- Fixing bogus date in changelog
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1503119 - rexecd Could not allocate space for cmdbuf
https://bugzilla.redhat.com/show_bug.cgi?id=1503119
--------------------------------------------------------------------------------
================================================================================
rsync-3.1.3-4.fc28 (FEDORA-2019-6ae95964c0)
A program for synchronizing files over a network
--------------------------------------------------------------------------------
Update Information:
Fix for rhbz#1586346 - rsyncd.service fails to start at boot if address is
configured
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Michal Ruprich <mruprich(a)redhat.com> - 3.1.3-4
- Fix for rhbz#1586346 - rsyncd.service fails to start at boot if address is configured
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1586346 - rsyncd.service fails to start at boot if address is configured
https://bugzilla.redhat.com/show_bug.cgi?id=1586346
--------------------------------------------------------------------------------
================================================================================
wget-1.20.1-1.fc28 (FEDORA-2019-d1b5cf0055)
A utility for retrieving files using the HTTP or FTP protocols
--------------------------------------------------------------------------------
Update Information:
Update to upstream release 1.20.1 to fix CVE-2018-20483.
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Tomas Hozza <thozza(a)redhat.com> - 1.20.1-1
- Update to 1.20.1
- Fix CVE-2018-20483
* Thu Dec 6 2018 Tomas Hozza <thozza(a)redhat.com> - 1.20-1
- Update to 1.20
- --secure-protocol=TLSv1_3 now works (#1623994)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1662705 - CVE-2018-20483 wget: Information exposure in set_file_metadata
function in xattr.c
https://bugzilla.redhat.com/show_bug.cgi?id=1662705
--------------------------------------------------------------------------------
================================================================================
xtide-2.15.1-7.fc28 (FEDORA-2019-aad356284a)
Calculate tide all over the world
--------------------------------------------------------------------------------
Update Information:
Update harmonics data to 20181227
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jan 2 2019 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 2.15.1-7
- harmonics data update (20181227)
* Sun Jul 15 2018 Mamoru TASAKA <mtasaka(a)fedoraproject.org> - 2.15.1-6
- F-29: mass rebuild
--------------------------------------------------------------------------------