The following Fedora 27 Security updates need testing: Age URL 41 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1ec1cd6db3 bro-2.5.3-1.fc27 27 https://bodhi.fedoraproject.org/updates/FEDORA-2018-52d79f4f36 dovecot-2.2.34-1.fc27 22 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e38f759144 python-bleach-2.1.3-1.fc27 22 https://bodhi.fedoraproject.org/updates/FEDORA-2018-8ff86925c3 memcached-1.5.6-1.fc27 15 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c923533479 webkitgtk4-2.20.0-1.fc27 13 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6db2f7a02e python-paramiko-2.3.2-1.fc27 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7c2e0a998d acpica-tools-20180209-1.fc27 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ad652798b8 mosquitto-1.4.15-1.fc27 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-50f0da5d38 tomcat-8.0.50-1.fc27 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-223d8fc52a java-1.8.0-openjdk-aarch32-1.8.0.161-1.180220.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c442aad4dc exempi-2.4.5-1.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-2f9d3604d6 librelp-1.2.15-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1217b02061 bchunk-1.2.2-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-12f92ff831 php-7.1.16-1.fc27
The following Fedora 27 Critical Path updates have yet to be approved: Age URL 27 https://bodhi.fedoraproject.org/updates/FEDORA-2018-1c31f1eccd iptables-1.6.2-2.fc27 libnftnl-1.0.9-2.fc27 nftables-0.8.2-2.fc27 15 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c923533479 webkitgtk4-2.20.0-1.fc27 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-55a6726164 PackageKit-1.1.9-2.fc27 gnome-software-3.28.0-4.fc27 libappstream-glib-0.7.7-2.fc27 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-95dac71a1c pcre-8.42-1.fc27 8 https://bodhi.fedoraproject.org/updates/FEDORA-2018-e344a6d79b xfce4-settings-4.12.3-1.fc27 7 https://bodhi.fedoraproject.org/updates/FEDORA-2018-adbc1da28c pcre2-10.31-4.fc27 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c442aad4dc exempi-2.4.5-1.fc27 3 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3480b01a6d osinfo-db-20180325-1.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3255279d3d satyr-0.25-2.fc27 1 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3563dbdf5e util-linux-2.30.2-3.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4e2a6c0c93 libtirpc-1.0.3-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7128949eb5 enca-1.19-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-26de7be74c libreport-2.9.3-3.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-19ec646f1a libsolv-0.6.34-1.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ec27b84fde llvm-5.0.1-6.fc27 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-9b0c11f605 appstream-data-27-10.fc27
The following builds have been pushed to Fedora 27 updates-testing
R-Rmpfr-0.7.0-1.fc27 R-corpus-0.10.0-1.fc27 R-getPass-0.2.2-1.fc27 aime-8.20180223-1.fc27 babl-0.1.44-1.fc27 cmake-3.11.0-1.fc27 drupal7-7.58-1.fc27 drupal8-8.4.6-1.fc27 exo-0.12.0-3.fc27 firefox-pkcs11-loader-3.13.0-7.fc27 gegl03-0.3.30-1.fc27 gnome-boxes-3.26.2-4.fc27 greybird-3.22.8-1.fc27 kid3-3.6.0-1.fc27 libid3tag-0.15.1b-25.fc27 libuv-1.19.2-1.fc27 mame-0.196-1.fc27 nodejs-8.11.0-1.fc27 openmeeg-2.4-0.1.20180323gitee565c4.fc27 paintown-3.6.1-0.1.20180113git8a71ac8.fc27 passwd-0.80-1.fc27 pcp-4.0.1-1.fc27 perl-Config-Model-Tester-3.004-1.fc27 perl-HTTP-Message-6.16-1.fc27 perl-Perl-Tidy-Sweetened-1.14-1.fc27 publicsuffix-list-20180328-1.fc27 python-QtPy-1.4.0-1.fc27 python-social-auth-app-flask-1.0.0-1.fc27 python-social-auth-app-flask-sqlalchemy-1.0.1-1.fc27 python-social-auth-core-1.7.0-1.fc27 python-social-auth-storage-sqlalchemy-1.1.0-1.fc27 qbs-1.11.0-1.fc27 qt-creator-4.6.0-1.fc27 qutebrowser-1.2.1-1.fc27 rho-0.0.33-1.fc27 spyder-3.2.8-1.fc27 starcal-3.0.7-1.fc27 tzdata-2018d-1.fc27 webextension-token-signing-1.0.6-5.fc27 xfce4-screenshooter-1.9.1-1.fc27 xfce4-terminal-0.8.7.3-2.fc27
Details about builds:
================================================================================ R-Rmpfr-0.7.0-1.fc27 (FEDORA-2018-58468d500b) R MPFR - Multiple Precision Floating-Point Reliable -------------------------------------------------------------------------------- Update Information:
Initial package of Rmpfr for R -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1561356 - Review Request: R-Rmpfr - R MPFR - Multiple Precision Floating-Point Reliable https://bugzilla.redhat.com/show_bug.cgi?id=1561356 --------------------------------------------------------------------------------
================================================================================ R-corpus-0.10.0-1.fc27 (FEDORA-2018-d3a1b74f6c) Text Corpus Analysis -------------------------------------------------------------------------------- Update Information:
Initial package of corpus for R -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1561334 - Review Request: R-corpus - Text Corpus Analysis https://bugzilla.redhat.com/show_bug.cgi?id=1561334 --------------------------------------------------------------------------------
================================================================================ R-getPass-0.2.2-1.fc27 (FEDORA-2018-f9e79e4ceb) Masked User Input -------------------------------------------------------------------------------- Update Information:
Initial package of getPass for R -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1561306 - Review Request: R-getPass - Masked User Input https://bugzilla.redhat.com/show_bug.cgi?id=1561306 --------------------------------------------------------------------------------
================================================================================ aime-8.20180223-1.fc27 (FEDORA-2018-22772ff8b2) An application embeddable programming language interpreter -------------------------------------------------------------------------------- Update Information:
- Updated to new 8.20180223 upstream version, fixes rhbz #1548775 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1548775 - aime-8.20180223 is available https://bugzilla.redhat.com/show_bug.cgi?id=1548775 --------------------------------------------------------------------------------
================================================================================ babl-0.1.44-1.fc27 (FEDORA-2018-7a0624d362) A dynamic, any to any, pixel format conversion library -------------------------------------------------------------------------------- Update Information:
Upstream bugfix and enhancement releases. For details, see the respective upstream changelogs: [gegl](https://git.gnome.org/browse/gegl/plain/docs/NEWS.txt?h=GEGL_0_3_30), [babl](https://git.gnome.org/browse/babl/plain/NEWS?h=BABL_0_1_44) --------------------------------------------------------------------------------
================================================================================ cmake-3.11.0-1.fc27 (FEDORA-2018-d9a3a285b1) Cross-platform make system -------------------------------------------------------------------------------- Update Information:
- New upstream release -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1551147 - cmake -E cmake_autogen crashing (probably due to build with GCC 8) https://bugzilla.redhat.com/show_bug.cgi?id=1551147 [ 2 ] Bug #1536233 - cmake-3.11.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1536233 --------------------------------------------------------------------------------
================================================================================ drupal7-7.58-1.fc27 (FEDORA-2018-143886fdbd) An open-source content-management platform -------------------------------------------------------------------------------- Update Information:
- https://www.drupal.org/SA-CORE-2018-002 - https://www.drupal.org/SA- CORE-2018-001 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1548190 - drupal7: drupal: JavaScript cross-site scripting in checkPlain function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548190 [ 2 ] Bug #1547793 - drupal7-7.57 is available https://bugzilla.redhat.com/show_bug.cgi?id=1547793 [ 3 ] Bug #1548324 - CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548324 [ 4 ] Bug #1548201 - drupal7: drupal: External link injection on 404 pages when linking to the current page [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548201 [ 5 ] Bug #1548197 - drupal7: drupal: jQuery vulnerability with untrusted domains requests via Ajax [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548197 [ 6 ] Bug #1548195 - drupal7: drupal: Private file access bypass in Drupal private file system [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548195 [ 7 ] Bug #1561801 - drupal7-7.58 is available https://bugzilla.redhat.com/show_bug.cgi?id=1561801 [ 8 ] Bug #1548191 - drupal7: drupal: JavaScript cross-site scripting in checkPlain function [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548191 [ 9 ] Bug #1548326 - CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal7: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548326 [ 10 ] Bug #1548202 - drupal7: drupal: External link injection on 404 pages when linking to the current page [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548202 [ 11 ] Bug #1548198 - drupal7: drupal: jQuery vulnerability with untrusted domains requests via Ajax [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548198 [ 12 ] Bug #1548194 - drupal7: drupal: Private file access bypass in Drupal private file system [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548194 --------------------------------------------------------------------------------
================================================================================ drupal8-8.4.6-1.fc27 (FEDORA-2018-6e6d8c314b) An open source content management platform -------------------------------------------------------------------------------- Update Information:
* [8.4.6](https://www.drupal.org/project/drupal/releases/8.4.6) * [SA- CORE-2018-002 (CVE-2018-7600)](https://www.drupal.org/SA-CORE-2018-002) * [8.4.5](https://www.drupal.org/project/drupal/releases/8.4.5) * [SA- CORE-2018-001 (CVE-2017-6926 / CVE-2017-6927 / CVE-2017-6930 / CVE-2017-6931)](https://www.drupal.org/SA-CORE-2018-001) * [8.4.4](https://www.drupal.org/project/drupal/releases/8.4.4) * [8.4.3](https://www.drupal.org/project/drupal/releases/8.4.3) * [8.4.2](https://www.drupal.org/project/drupal/releases/8.4.2) * [8.4.1](https://www.drupal.org/project/drupal/releases/8.4.1) * [8.4.0](https://www.drupal.org/project/drupal/releases/8.4.0) * [8.4.0-rc2](https://www.drupal.org/project/drupal/releases/8.4.0-rc2) * [8.4.0-rc1](https://www.drupal.org/project/drupal/releases/8.4.0-rc1) * [8.4.0-beta1](https://www.drupal.org/project/drupal/releases/8.4.0-beta1) * [8.4.0-alpha1](https://www.drupal.org/project/drupal/releases/8.4.0-alpha1) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1561855 - CVE-2018-7600 drupal8: drupal: Unsanitized requests allow remote attackers to execute arbitrary code [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1561855 [ 2 ] Bug #1548325 - CVE-2017-6926 CVE-2017-6927 CVE-2017-6928 CVE-2017-6929 CVE-2017-6930 CVE-2017-6931 CVE-2017-6932 drupal8: drupal: Multiple vulnerabilities fixed in 7.57 and 8.4.5 (SA-CORE-2018-001) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548325 [ 3 ] Bug #1548192 - drupal8: drupal: JavaScript cross-site scripting in checkPlain function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548192 [ 4 ] Bug #1548188 - drupal8: drupal: Comment reply form allows access to restricted content [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1548188 --------------------------------------------------------------------------------
================================================================================ exo-0.12.0-3.fc27 (FEDORA-2018-13dc9b1bf6) Application library for the Xfce desktop environment -------------------------------------------------------------------------------- Update Information:
update xfce4-screenshooter to 1.9.1; update exo to 0.12.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1464717 - xfce4-screenshooter-1.9.0 available, depends on exo-0.11 https://bugzilla.redhat.com/show_bug.cgi?id=1464717 --------------------------------------------------------------------------------
================================================================================ firefox-pkcs11-loader-3.13.0-7.fc27 (FEDORA-2018-79dd0b107c) Helper script for Firefox that sets up the browser for authentication with Estonian ID-card -------------------------------------------------------------------------------- Update Information:
removed Requires: esteidcerts --------------------------------------------------------------------------------
================================================================================ gegl03-0.3.30-1.fc27 (FEDORA-2018-7a0624d362) Graph based image processing framework -------------------------------------------------------------------------------- Update Information:
Upstream bugfix and enhancement releases. For details, see the respective upstream changelogs: [gegl](https://git.gnome.org/browse/gegl/plain/docs/NEWS.txt?h=GEGL_0_3_30), [babl](https://git.gnome.org/browse/babl/plain/NEWS?h=BABL_0_1_44) --------------------------------------------------------------------------------
================================================================================ gnome-boxes-3.26.2-4.fc27 (FEDORA-2018-714dc69cea) A simple GNOME 3 application to access remote or virtual systems -------------------------------------------------------------------------------- Update Information:
Avoid crashing when unable to connect to libvirt session, at least maintaining the remove viewer capabilities. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1441170 - [abrt] gnome-boxes: boxes_app_setup_default_source_co(): gnome-boxes killed by signal 6 https://bugzilla.redhat.com/show_bug.cgi?id=1441170 --------------------------------------------------------------------------------
================================================================================ greybird-3.22.8-1.fc27 (FEDORA-2018-87d69d87d7) A clean minimalistic theme for Xfce, GTK+ 2 and 3 -------------------------------------------------------------------------------- Update Information:
bugfix update to version 3.22.8 --------------------------------------------------------------------------------
================================================================================ kid3-3.6.0-1.fc27 (FEDORA-2018-8a2fa6671d) Efficient KDE ID3 tag editor -------------------------------------------------------------------------------- Update Information:
New upstream release mainly with bugfixes and small new features -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1557984 - kid3-3.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1557984 --------------------------------------------------------------------------------
================================================================================ libid3tag-0.15.1b-25.fc27 (FEDORA-2018-e06468b832) ID3 tag manipulation library -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2004-2779 and CVE-2017-11550 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1478934 - CVE-2017-11550 libid3tag: NULL Pointer Dereference in id3_ucs4_length function in ucs4.c https://bugzilla.redhat.com/show_bug.cgi?id=1478934 [ 2 ] Bug #1561983 - CVE-2004-2779 libid3tag: id3_utf16_deserialize() misparses ID3v2 tags with an odd number of bytes resulting in an endless loop https://bugzilla.redhat.com/show_bug.cgi?id=1561983 --------------------------------------------------------------------------------
================================================================================ libuv-1.19.2-1.fc27 (FEDORA-2018-ecf73042e3) Platform layer for node.js -------------------------------------------------------------------------------- Update Information:
https://nodejs.org/en/blog/release/v8.11.0/ -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1562027 - CVE-2018-7158 CVE-2018-7159 CVE-2018-7160 nodejs: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1562027 --------------------------------------------------------------------------------
================================================================================ mame-0.196-1.fc27 (FEDORA-2018-34ca057a1b) Multiple Arcade Machine Emulator -------------------------------------------------------------------------------- Update Information:
An update to the latest mame release: * http://mamedev.org/?p=455 --------------------------------------------------------------------------------
================================================================================ nodejs-8.11.0-1.fc27 (FEDORA-2018-ecf73042e3) JavaScript runtime -------------------------------------------------------------------------------- Update Information:
https://nodejs.org/en/blog/release/v8.11.0/ -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1562027 - CVE-2018-7158 CVE-2018-7159 CVE-2018-7160 nodejs: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1562027 --------------------------------------------------------------------------------
================================================================================ openmeeg-2.4-0.1.20180323gitee565c4.fc27 (FEDORA-2018-ad218788de) Low-frequency bio-electromagnetism solving forward problems in the field of EEG and MEG -------------------------------------------------------------------------------- Update Information:
- New package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1560495 - Review Request: openmeeg - Low-frequency bio-electromagnetism solving forward problems in the field of EEG and MEG https://bugzilla.redhat.com/show_bug.cgi?id=1560495 --------------------------------------------------------------------------------
================================================================================ paintown-3.6.1-0.1.20180113git8a71ac8.fc27 (FEDORA-2018-930a6c068e) 2D fighting game -------------------------------------------------------------------------------- Update Information:
- New package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1560273 - Review Request: paintown - 2D fighting game https://bugzilla.redhat.com/show_bug.cgi?id=1560273 --------------------------------------------------------------------------------
================================================================================ passwd-0.80-1.fc27 (FEDORA-2018-2d1858d4d1) An utility for setting or changing passwords using PAM -------------------------------------------------------------------------------- Update Information:
Update to **passwd-0.80** -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1293929 - passwd man page is incomplete https://bugzilla.redhat.com/show_bug.cgi?id=1293929 --------------------------------------------------------------------------------
================================================================================ pcp-4.0.1-1.fc27 (FEDORA-2018-e0d3cdb266) System-level performance monitoring and performance management -------------------------------------------------------------------------------- Update Information:
Enhancement and bugfix update. Major changes include a revamp of the archive log management, more frequent compression by default and updates to related utilities. Addition of a cron driven daily report to the pcp-zeroconf package (like sa2(1)), and dependencies to also install the pcp-doc package (for man pages) and pcp-system-tools package which includes pmrep(1) and other monitoring utilities. Many pmrep(1) bug fixes and new configuration entries. Updates to the prometheus PMDA for control metrics, scalability improvements, support for URL config request headers and response filtering. The postgreSQL PMDA now supports up to version 9.6, will reconnect automatically if the DB connection is lost, and other improvements. Updates to many other PMDAs, including the new BCC PMDA. SELinux updates for a variety of AVC denials, and new SELinux rules for pmdagluster and numad_t. Many new bug fixes and enhancements to libpcp and libpcp_pmda including service discovery API extensions. Performance improvments to pmwebd and support for etag headers. Improvements to pmmgr service discovery. Build fixes for Windows/mingw and many other build, infrastructure and documentation updates. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1558708 - selinux blocks pmdagluster https://bugzilla.redhat.com/show_bug.cgi?id=1558708 [ 2 ] Bug #1529915 - pmcd binding only to localhost:44321 by default https://bugzilla.redhat.com/show_bug.cgi?id=1529915 --------------------------------------------------------------------------------
================================================================================ perl-Config-Model-Tester-3.004-1.fc27 (FEDORA-2018-b39d981933) Test framework for Config::Model -------------------------------------------------------------------------------- Update Information:
This release fixes creating directories for tests. It also adds Config::Model::Tester::Setup module to help with writing tests. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1561800 - perl-Config-Model-Tester-3.004 is available https://bugzilla.redhat.com/show_bug.cgi?id=1561800 --------------------------------------------------------------------------------
================================================================================ perl-HTTP-Message-6.16-1.fc27 (FEDORA-2018-2f3b35e7cb) HTTP style message -------------------------------------------------------------------------------- Update Information:
This release adds HTTP status codes defined in current IANA list -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1561806 - perl-HTTP-Message-6.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1561806 --------------------------------------------------------------------------------
================================================================================ perl-Perl-Tidy-Sweetened-1.14-1.fc27 (FEDORA-2018-9a9149f55f) Tweaks to Perl::Tidy to support some syntactic sugar -------------------------------------------------------------------------------- Update Information:
This release adds support for closing side comments and for Kavorka's basic keywords. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1561814 - perl-Perl-Tidy-Sweetened-1.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1561814 --------------------------------------------------------------------------------
================================================================================ publicsuffix-list-20180328-1.fc27 (FEDORA-2018-6900d92768) Cross-vendor public domain suffix database -------------------------------------------------------------------------------- Update Information:
Recent revision - 20180328 https://github.com/publicsuffix/list/compare/d311456...f85ba38 --------------------------------------------------------------------------------
================================================================================ python-QtPy-1.4.0-1.fc27 (FEDORA-2018-33cbb380f7) Provides an abstraction layer on top of the various Qt bindings -------------------------------------------------------------------------------- Update Information:
update to 1.4.0 --------------------------------------------------------------------------------
================================================================================ python-social-auth-app-flask-1.0.0-1.fc27 (FEDORA-2018-4a64450d7d) The Flask app component of python-social-auth -------------------------------------------------------------------------------- Update Information:
The initial python-social-auth packages --------------------------------------------------------------------------------
================================================================================ python-social-auth-app-flask-sqlalchemy-1.0.1-1.fc27 (FEDORA-2018-4a64450d7d) The Flask app component of python-social-auth with SQLAlchemy integration -------------------------------------------------------------------------------- Update Information:
The initial python-social-auth packages --------------------------------------------------------------------------------
================================================================================ python-social-auth-core-1.7.0-1.fc27 (FEDORA-2018-4a64450d7d) The core component of the python-social-auth ecosystem -------------------------------------------------------------------------------- Update Information:
The initial python-social-auth packages --------------------------------------------------------------------------------
================================================================================ python-social-auth-storage-sqlalchemy-1.1.0-1.fc27 (FEDORA-2018-4a64450d7d) The SQLAlchemy storage component of python-social-auth -------------------------------------------------------------------------------- Update Information:
The initial python-social-auth packages --------------------------------------------------------------------------------
================================================================================ qbs-1.11.0-1.fc27 (FEDORA-2018-3015f731fa) Cross platform build tool -------------------------------------------------------------------------------- Update Information:
Update to qt-creator-4.6.0 and qbs-1.11.0, see http://blog.qt.io/blog/2018/03/28 /qt-creator-4-6-0-released/ and http://blog.qt.io/blog/2018/03/28/qbs-1-11-released/ for details. --------------------------------------------------------------------------------
================================================================================ qt-creator-4.6.0-1.fc27 (FEDORA-2018-3015f731fa) Cross-platform IDE for Qt -------------------------------------------------------------------------------- Update Information:
Update to qt-creator-4.6.0 and qbs-1.11.0, see http://blog.qt.io/blog/2018/03/28 /qt-creator-4-6-0-released/ and http://blog.qt.io/blog/2018/03/28/qbs-1-11-released/ for details. --------------------------------------------------------------------------------
================================================================================ qutebrowser-1.2.1-1.fc27 (FEDORA-2018-c6580b3acf) A keyboard-driven, vim-like browser based on PyQt5 and QtWebEngine -------------------------------------------------------------------------------- Update Information:
Contains a few bugfixes, including crashes when reloading a page which wasn���t fully loaded (in v1.2.0) or when unbinding keys which were bound in older versions. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1557321 - qutebrowser-v1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1557321 --------------------------------------------------------------------------------
================================================================================ rho-0.0.33-1.fc27 (FEDORA-2018-eb398d7496) An SSH system profiler -------------------------------------------------------------------------------- Update Information:
# Testing Rho To set up Rho, you create profiles that control how to run each scan. - Authentication profiles contain user credentials for a user with sufficient authority to complete the scan (for example, a root user or one with root-level access obtained through -sudo privilege escalation). - Network profiles contain network identifiers (for example, a hostname, IP address, or range of IP addresses) and the authentication profiles to be used for a scan. Complete the following steps, repeating them as necessary to access all parts of your environment that you want to scan: 1. Create at least one authentication profile with root-level access to Rho: ``` rho auth add --name auth_name --username root_name(--sshkeyfile key_file | --password) ``` a. At the Rho vault password prompt, create a new Rho vault password. This password is required to access the encrypted Rho data, such as authentication and network profiles, scan data, and other information. b. If you did not use the sshkeyfile option to provide an SSH key for the username value, enter the password of the user with root-level access at the connection password prompt. For example, for an authentication profile where the authentication profile name is roothost1, the user with root-level access is root, and the SSH key for the user is in the path ~/.ssh/id_rsa, you would enter the following command: ``` rho auth add --name roothost1 --username root --sshkeyfile ~/.ssh/id_rsa ``` You can also use the sudo-password option to create an authentication profile for a user with root-level access who requires a password to obtain this privilege. You can use the sudo-password option with either the sshkeyfile or the password option. For example, for an authentication profile where the authentication profile name is sudouser1, the user with root-level access is sysadmin, and the access is obtained through the password option, you would enter the following command: ``` rho auth add --name sudouser1 --username sysadmin --password --sudo-password ``` After you enter this command, you are prompted to enter two passwords. First, you would enter the connection password for the username user, and then you would enter the password for the sudo command. 2. Create at least one network profile that specifies one or more network identifiers, such as a host name, an IP address, a list of IP addresses, or an IP range, and one or more authentication profiles to be used for the scan: ``` rho profile add --name profile_name --hosts host_name_or_file --auth auth_name ``` For example, for a network profile where the name of the network profile is mynetwork, the network to be scanned is the 192.0.2.0/24 subnet, and the authentication profiles that are used to run the scan are roothost1 and roothost2, you would enter the following command: ``` rho profile add --name mynetwork --hosts 192.0.2.[1:254] --auth roothost1 roothost2 ``` You can also use a file to pass in the network identifiers. If you use a file to enter multiple network identifiers, such as multiple individual IP addresses, enter each on a single line. For example, for a network profile where the path to this file is /home/user1/hosts_file, you would enter the following command: ``` rho profile add --name mynetwork --hosts /home/user1/hosts_file --auth roothost1 roothost2 ``` # Running a scan Run the scan by using the scan command, specifying a network profile for the profile option and a location to store the output as a file in the comma-separated variables (CSV) format for the reportfile option: ``` rho scan --profile profile_name --reportfile filename.csv ``` For example, if you want to use the network profile mynetwork and save the report as mynetwork_scan1.csv, you would enter the following command: ``` rho scan --profile mynetwork --reportfile mynetwork_scan1.csv ``` --------------------------------------------------------------------------------
================================================================================ spyder-3.2.8-1.fc27 (FEDORA-2018-72e7890aa9) Scientific Python Development Environment -------------------------------------------------------------------------------- Update Information:
update to 3.2.8 --------------------------------------------------------------------------------
================================================================================ starcal-3.0.7-1.fc27 (FEDORA-2018-106577aa5d) A full-featured international calendar written in Python -------------------------------------------------------------------------------- Update Information:
New version with updated calendar special days for year 1397 (jalali) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1558008 - starcal-3.0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1558008 --------------------------------------------------------------------------------
================================================================================ tzdata-2018d-1.fc27 (FEDORA-2018-1668ab9933) Timezone data -------------------------------------------------------------------------------- Update Information:
Resolves: #1560131 - Rebase to tzdata-2018d: - DST for Asia/Gaza and Asia/Hebron has changed from March 31 to March 24. - Antarctica/Casey station changed to UTC+8 on March 11. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1560131 - tzdata-2018d is available https://bugzilla.redhat.com/show_bug.cgi?id=1560131 --------------------------------------------------------------------------------
================================================================================ webextension-token-signing-1.0.6-5.fc27 (FEDORA-2018-468a52b2c5) Firefox extension for signing with your eID on the web -------------------------------------------------------------------------------- Update Information:
removed Requires: esteidcerts --------------------------------------------------------------------------------
================================================================================ xfce4-screenshooter-1.9.1-1.fc27 (FEDORA-2018-13dc9b1bf6) Screenshot utility for the Xfce desktop -------------------------------------------------------------------------------- Update Information:
update xfce4-screenshooter to 1.9.1; update exo to 0.12.0 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1464717 - xfce4-screenshooter-1.9.0 available, depends on exo-0.11 https://bugzilla.redhat.com/show_bug.cgi?id=1464717 --------------------------------------------------------------------------------
================================================================================ xfce4-terminal-0.8.7.3-2.fc27 (FEDORA-2018-cc266bddf6) Terminal Emulator for the Xfce Desktop environment -------------------------------------------------------------------------------- Update Information:
bugfix update; version 0.8.7.3 --------------------------------------------------------------------------------