The following Fedora 27 Security updates need testing:
Age URL
36
https://bodhi.fedoraproject.org/updates/FEDORA-2017-15efa72a0c
docker-1.13.1-44.git584d391.fc27
32
https://bodhi.fedoraproject.org/updates/FEDORA-2017-913288e9a9
mongodb-3.4.10-1.fc27
29
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d7c0748c1b pdns-4.1.0-1.fc27
29
https://bodhi.fedoraproject.org/updates/FEDORA-2017-14f5c6cdac
qpid-cpp-1.37.0-1.fc27
19
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8a9862f4b7
php-symfony4-4.0.1-1.fc27
16
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0e5ad250c
heimdal-7.5.0-1.fc27
12
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2645aa935
chromium-63.0.3239.108-1.fc27
11
https://bodhi.fedoraproject.org/updates/FEDORA-2017-01ad8b3946
heketi-5.0.1-1.fc27
10
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3997279e65
wireshark-2.4.3-1.fc27
8
https://bodhi.fedoraproject.org/updates/FEDORA-2017-cad79c7c6c
phpMyAdmin-4.7.7-1.fc27
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2d4c9a6e37
monit-5.25.1-1.fc27
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-41242dfe10
asterisk-14.7.5-1.fc27
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1c73749b66 xrdp-0.9.5-1.fc27
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4c30d86843
mupdf-1.12.0-1.fc27
The following builds have been pushed to Fedora 27 updates-testing
cqrlog-2.2.0-1.fc27
devscripts-2.17.12-1.fc27
fail2ban-0.10.1-3.fc27
fox-1.6.55-1.fc27
gnome-chemistry-utils-0.14.17-7.fc27
gns3-gui-2.1.1-1.fc27
gns3-server-2.1.1-1.fc27
gnumeric-1.12.38-1.fc27
goffice-0.10.38-1.fc27
icecat-52.5.2-1.fc27
libfm-1.2.5-4.gitD20171230.fc27
libgexiv2-0.10.7-1.fc27
libsemigroups-0.6.1-1.fc27
lollypop-0.9.306-1.fc27
lynis-2.5.8-1.fc27
mame-0.193-1.fc27
mupdf-1.12.0-1.fc27
pcmanfm-1.2.5-3.fc27
perl-Net-DNS-1.14-1.fc27
python-httptools-0.0.10-1.fc27
rubygem-aruba-0.14.3-1.fc27
rubygem-hoe-3.16.2-1.fc27
rubygem-kramdown-1.16.2-1.fc27
sayonara-1.0.0-1.git20171230.fc27
skf-2.10.5-1.fc27
tin-2.4.2-1.fc27
tth-4.12-1.fc27
vocal-2.1.0-1.fc27
Details about builds:
================================================================================
cqrlog-2.2.0-1.fc27 (FEDORA-2017-ba7e224290)
An amateur radio contact logging program
--------------------------------------------------------------------------------
Update Information:
* wsjt remote mode improvements (Saku, OH1KH) * CQ-monitor now remembers showing
state (Saku, OH1KH) * "My Alert" is now compared oppsite way: This should fit
also compound * * callsign XX/YOURCALL or YOURCALL/XX (Saku, OH1KH) * CQ-
monitor: Country names (cut to length 15) are now displayed instead of callsign
prefixes. (Saku, OH1KH) * "Show only active band" checkbox addec to Band map
filter for quick access. (Saku, OH1KH) * "Re/Set" button added to Export
"Choose
fields to export" dialog for * set/reset all check boxes in one go. (Saku,
OH1KH) * a lot of CQ monitor improvements (Saku, OH1KH) * remote wsjt: Short cut
key Ctrl+J (Saku, OH1KH) * help files updated (Saku, OH1KH) * Voice keyer works
now also with FM and AM modes and also from CWkeys windows. (Saku, OH1KH) * QSO
in QSO list window can be sorted in ascending date/time order (oldes QSO first).
(J��rg, DL8DTL) * CQRLOG should work correcly on HiDPI monitors * 630M definition
was missing in some functions (Saku, OH1KH) * ADIF upload didn't work when name
or QTH were too long
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1494221 - Use mariadb-connector-c instead of mysql-libs or mariadb-libs
https://bugzilla.redhat.com/show_bug.cgi?id=1494221
[ 2 ] Bug #1476483 - AppStream metadata for CQRLOG package are missing
https://bugzilla.redhat.com/show_bug.cgi?id=1476483
[ 3 ] Bug #1529901 - cqrlog-v2.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1529901
--------------------------------------------------------------------------------
================================================================================
devscripts-2.17.12-1.fc27 (FEDORA-2017-fb3c2b05b3)
Scripts for Debian Package maintainers
--------------------------------------------------------------------------------
Update Information:
Update to version 2.17.12, see
http://metadata.ftp-
master.debian.org/changelogs/main/d/devscripts/devscripts_2.17.12_changelog for
details.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1529944 - devscripts-2.17.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1529944
--------------------------------------------------------------------------------
================================================================================
fail2ban-0.10.1-3.fc27 (FEDORA-2017-d1257bf9ca)
Daemon to ban hosts that cause multiple authentication errors
--------------------------------------------------------------------------------
Update Information:
Update to 0.10.1: ### Fixes * jail "pass2allow-ftp" supply blocktype and
returntype parameters to the action (gh-1884) * avoid using "ANSI_X3.4-1968" as
preferred encoding (if missing environment variables 'LANGUAGE',
'LC_ALL',
'LC_CTYPE', and 'LANG', see gh-1587). * fixed ignoreself issue
"Retrieving own
IPs of localhost failed: inet_pton() argument 2 must be string, not int" (see
gh-1865); * fixed tags `<fq-hostname>` and `<sh-hostname>`, could be used
without ticket (a. g. in `actionstart` etc., gh-1859). ### New Features *
introduced new command-line options `--dp`, `--dump-pretty` to dump the
configuration using more human readable representation (opposite to `-d`); ###
Enhancements * nftables actions are IPv6-capable now (gh-1893) *
filter.d/dovecot.conf: introduced mode `aggressive` for cases like "disconnected
before auth was ready" (gh-1880) - Add upstream patch to fix ipset issue (bug
#1525134)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1525134 - Banned IPv6 address not getting added to ipset
https://bugzilla.redhat.com/show_bug.cgi?id=1525134
[ 2 ] Bug #1504316 - fail2ban-0.10.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1504316
--------------------------------------------------------------------------------
================================================================================
fox-1.6.55-1.fc27 (FEDORA-2017-e9d3d5e598)
C++ based Toolkit for developing Graphical User Interfaces
--------------------------------------------------------------------------------
Update Information:
New version 1.6.55 is released.
--------------------------------------------------------------------------------
================================================================================
gnome-chemistry-utils-0.14.17-7.fc27 (FEDORA-2017-c16b2cca12)
A set of chemical utilities
--------------------------------------------------------------------------------
Update Information:
An update to the latest gnumeric and goffice releases: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.37.html *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.38.html
--------------------------------------------------------------------------------
================================================================================
gns3-gui-2.1.1-1.fc27 (FEDORA-2017-c330d20c74)
GNS3 graphical user interface
--------------------------------------------------------------------------------
Update Information:
Update to 2.1.1, which fixes issue with newer aiohttp lib
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1514792 - gns3 doesn't work with python3-aiohttp-2.3.0
https://bugzilla.redhat.com/show_bug.cgi?id=1514792
[ 2 ] Bug #1520595 - [abrt] gns3-server: module():
web_server.py:47:<module>:RuntimeError: aiohttp 2.2 is required to run the GNS3
server
https://bugzilla.redhat.com/show_bug.cgi?id=1520595
[ 3 ] Bug #1528826 - gns3-server-2.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1528826
[ 4 ] Bug #1528825 - gns3-gui-2.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1528825
--------------------------------------------------------------------------------
================================================================================
gns3-server-2.1.1-1.fc27 (FEDORA-2017-c330d20c74)
Graphical Network Simulator 3
--------------------------------------------------------------------------------
Update Information:
Update to 2.1.1, which fixes issue with newer aiohttp lib
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1514792 - gns3 doesn't work with python3-aiohttp-2.3.0
https://bugzilla.redhat.com/show_bug.cgi?id=1514792
[ 2 ] Bug #1520595 - [abrt] gns3-server: module():
web_server.py:47:<module>:RuntimeError: aiohttp 2.2 is required to run the GNS3
server
https://bugzilla.redhat.com/show_bug.cgi?id=1520595
[ 3 ] Bug #1528826 - gns3-server-2.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1528826
[ 4 ] Bug #1528825 - gns3-gui-2.1.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1528825
--------------------------------------------------------------------------------
================================================================================
gnumeric-1.12.38-1.fc27 (FEDORA-2017-c16b2cca12)
Spreadsheet program for GNOME
--------------------------------------------------------------------------------
Update Information:
An update to the latest gnumeric and goffice releases: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.37.html *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.38.html
--------------------------------------------------------------------------------
================================================================================
goffice-0.10.38-1.fc27 (FEDORA-2017-c16b2cca12)
G Office support libraries
--------------------------------------------------------------------------------
Update Information:
An update to the latest gnumeric and goffice releases: *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.37.html *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.38.html
--------------------------------------------------------------------------------
================================================================================
icecat-52.5.2-1.fc27 (FEDORA-2017-5d5b8f4659)
GNU version of Firefox browser
--------------------------------------------------------------------------------
Update Information:
- Update to 52.5.2 - WebRTC is always disabled - Add JACK audio backend
(bz#1528742)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1528742 - Feature: Add JACK audio backend to IceCat browser
https://bugzilla.redhat.com/show_bug.cgi?id=1528742
--------------------------------------------------------------------------------
================================================================================
libfm-1.2.5-4.gitD20171230.fc27 (FEDORA-2017-cc595a1ce9)
GIO-based library for file manager-like programs
--------------------------------------------------------------------------------
Update Information:
Various bug fixes are backported from libfm master branch.
--------------------------------------------------------------------------------
================================================================================
libgexiv2-0.10.7-1.fc27 (FEDORA-2017-470cc93980)
Gexiv2 is a GObject-based wrapper around the Exiv2 library
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1528966 - libgexiv2-0.10.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1528966
--------------------------------------------------------------------------------
================================================================================
libsemigroups-0.6.1-1.fc27 (FEDORA-2017-fd02a56568)
C++ library for semigroups and monoids
--------------------------------------------------------------------------------
Update Information:
Changes in version 0.6.1: - This release includes a vastly improved version of
the Knuth-Bendix algorithm for the RWS class. Several methods are added to RWS
to allow a degree of control over the running of Knuth-Bendix. - This release
contains one minor bugfix (from Finn Smith) and a minor change to the build
system.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1523426 - libsemigroups-v0.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1523426
--------------------------------------------------------------------------------
================================================================================
lollypop-0.9.306-1.fc27 (FEDORA-2017-89845a1137)
Music player for GNOME
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.306
--------------------------------------------------------------------------------
================================================================================
lynis-2.5.8-1.fc27 (FEDORA-2017-a3dfaed246)
Security and system auditing tool
--------------------------------------------------------------------------------
Update Information:
Update to 2.5.8 (rhbz #1529807)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1529807 - lynis-2.5.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1529807
--------------------------------------------------------------------------------
================================================================================
mame-0.193-1.fc27 (FEDORA-2017-7933af6e48)
Multiple Arcade Machine Emulator
--------------------------------------------------------------------------------
Update Information:
An update to the latest mame release: *
http://mamedev.org/?p=452
--------------------------------------------------------------------------------
================================================================================
mupdf-1.12.0-1.fc27 (FEDORA-2017-4c30d86843)
A lightweight PDF viewer and toolkit
--------------------------------------------------------------------------------
Update Information:
rebase to 1.12 CVE-2017-17866
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1525741 - mupdf-1.12.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1525741
[ 2 ] Bug #1529173 - CVE-2017-17866 mupdf: buffer overrun in pdf_xref_len
pdf/pdf-write.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1529173
--------------------------------------------------------------------------------
================================================================================
pcmanfm-1.2.5-3.fc27 (FEDORA-2017-b64cd9011d)
Extremly fast and lightweight file manager
--------------------------------------------------------------------------------
Update Information:
This new package adds a fix for the issue that icons on the desktop may
disappear when desktop name contains some special characters.
--------------------------------------------------------------------------------
================================================================================
perl-Net-DNS-1.14-1.fc27 (FEDORA-2017-e7fc8bbf5f)
DNS resolver modules for Perl
--------------------------------------------------------------------------------
Update Information:
Updated to 1.14
--------------------------------------------------------------------------------
================================================================================
python-httptools-0.0.10-1.fc27 (FEDORA-2017-efe7f645f3)
Fast HTTP parser
--------------------------------------------------------------------------------
Update Information:
Update to 0.0.10
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1527458 - python-httptools-0.0.10 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1527458
--------------------------------------------------------------------------------
================================================================================
rubygem-aruba-0.14.3-1.fc27 (FEDORA-2017-dfc20b1a4f)
CLI Steps for Cucumber, hand-crafted for you in Aruba
--------------------------------------------------------------------------------
Update Information:
New version 0.14.3 is released.
--------------------------------------------------------------------------------
================================================================================
rubygem-hoe-3.16.2-1.fc27 (FEDORA-2017-52628825c6)
Hoe is a simple rake/rubygems helper for project Rakefiles
--------------------------------------------------------------------------------
Update Information:
New version 3.16.2 is released.
--------------------------------------------------------------------------------
================================================================================
rubygem-kramdown-1.16.2-1.fc27 (FEDORA-2017-9c88572d22)
Fast, pure-Ruby Markdown-superset converter
--------------------------------------------------------------------------------
Update Information:
New version 1.16.2 is released.
--------------------------------------------------------------------------------
================================================================================
sayonara-1.0.0-1.git20171230.fc27 (FEDORA-2017-ff23b197c9)
A lightweight Qt Audio player
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.0-1.git20171230
--------------------------------------------------------------------------------
================================================================================
skf-2.10.5-1.fc27 (FEDORA-2017-a718c2b973)
Utility binary files in Simple Kanji Filter
--------------------------------------------------------------------------------
Update Information:
New version 2.10.5 is released.
--------------------------------------------------------------------------------
================================================================================
tin-2.4.2-1.fc27 (FEDORA-2017-e0a74c6fca)
Basic Internet news reader
--------------------------------------------------------------------------------
Update Information:
updated to 2.4.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1528843 - tin-2.4.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1528843
--------------------------------------------------------------------------------
================================================================================
tth-4.12-1.fc27 (FEDORA-2017-feedc997f7)
TeX to HTML/MathML translators
--------------------------------------------------------------------------------
Update Information:
Changes in version 4.12: - Make ttm (MathML) apparent multi-character
identifiers default italic. - Give Mathml eqalign equations the `<table
displaystyle="true">` attribute.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1529912 - tth-4.12 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1529912
--------------------------------------------------------------------------------
================================================================================
vocal-2.1.0-1.fc27 (FEDORA-2017-e67f94cd0d)
Powerful, beautiful, and simple podcast client
--------------------------------------------------------------------------------
Update Information:
Update to version 2.1.0.
--------------------------------------------------------------------------------