The following Fedora 28 Security updates need testing:
Age URL
296
https://bodhi.fedoraproject.org/updates/FEDORA-2018-d510cfd7eb
jgraphx-3.6.0.0-6.fc28
245
https://bodhi.fedoraproject.org/updates/FEDORA-2018-d7aeaa74da
nodejs-brace-expansion-1.1.11-1.fc28
244
https://bodhi.fedoraproject.org/updates/FEDORA-2018-bc073fdc1a
nodejs-atob-2.1.1-1.fc28
120
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc4b7af297
xerces-c27-2.7.0-28.fc28
72
https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28
72
https://bodhi.fedoraproject.org/updates/FEDORA-2018-aa3752ac3c
nginx-1.14.1-1.fc28
52
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86ef9e22 squid-4.4-1.fc28
49
https://bodhi.fedoraproject.org/updates/FEDORA-2018-b18f9dd65b
tomcat-8.5.35-1.fc28
21
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e0eb3d797e
systemd-238-11.gita76ee90.fc28
14
https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c1be924df gvfs-1.36.2-3.fc28
10
https://bodhi.fedoraproject.org/updates/FEDORA-2019-40f4af0687
poppler-0.62.0-14.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cf96757fe
golang-1.10.8-1.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-333a7aa511 radvd-2.17-12.fc28
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-5146cd34e2
rdesktop-1.8.4-2.fc28
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6cfd17b03d
phpMyAdmin-4.8.5-1.fc28
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-96ac060af3
java-11-openjdk-11.0.2.7-0.fc28
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-7696bb57ca
pdns-recursor-4.1.9-1.fc28
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6fafd84f5d
python3-3.6.8-2.fc28
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-ef5551fcff
perl-Email-Address-List-0.06-1.fc28
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-f1626b52e9
slurm-17.11.13-2.fc28
The following Fedora 28 Critical Path updates have yet to be approved:
Age URL
72
https://bodhi.fedoraproject.org/updates/FEDORA-2018-997a9e3e1f xen-4.10.2-4.fc28
52
https://bodhi.fedoraproject.org/updates/FEDORA-2018-9f541b469b
nfs-utils-2.3.3-1.rc2.fc28
42
https://bodhi.fedoraproject.org/updates/FEDORA-2018-4dddcb3e5e
highlight-3.48-1.fc28
21
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e0eb3d797e
systemd-238-11.gita76ee90.fc28
19
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e8a902b473
selinux-policy-3.14.1-51.fc28
16
https://bodhi.fedoraproject.org/updates/FEDORA-2019-78153d357c
totem-pl-parser-3.26.2-1.fc28
14
https://bodhi.fedoraproject.org/updates/FEDORA-2019-0c1be924df gvfs-1.36.2-3.fc28
14
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2e1cc4fe99
pango-1.42.4-2.fc28
12
https://bodhi.fedoraproject.org/updates/FEDORA-2019-870e8d8234
osinfo-db-20190120-1.fc28
11
https://bodhi.fedoraproject.org/updates/FEDORA-2019-69bc69ce0b
appstream-data-28-12.fc28
11
https://bodhi.fedoraproject.org/updates/FEDORA-2019-ffb6dfc8a9
p11-kit-0.23.15-1.fc28
10
https://bodhi.fedoraproject.org/updates/FEDORA-2019-40f4af0687
poppler-0.62.0-14.fc28
10
https://bodhi.fedoraproject.org/updates/FEDORA-2019-83a19b396a
mingw-libwebp-1.0.2-1.fc28 libwebp-1.0.2-1.fc28
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-bb30467485
ostree-2019.1-2.fc28 rpm-ostree-2019.1-1.fc28
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-752f205a3a
python-productmd-1.19-1.fc28
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-e9c4843d39
volume_key-0.3.12-2.fc28
8
https://bodhi.fedoraproject.org/updates/FEDORA-2019-8ae6a68d7b fwupd-1.2.3-1.fc28
7
https://bodhi.fedoraproject.org/updates/FEDORA-2019-8a8196e1e1 vim-8.1.818-1.fc28
5
https://bodhi.fedoraproject.org/updates/FEDORA-2019-333a7aa511 radvd-2.17-12.fc28
3
https://bodhi.fedoraproject.org/updates/FEDORA-2019-8d89d06043
ibus-1.5.19-10.fc28
2
https://bodhi.fedoraproject.org/updates/FEDORA-2019-2735cb18d8 lorax-28.26-1.fc28
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-7d3500d712
kernel-headers-4.20.6-100.fc28 kernel-4.20.6-100.fc28
1
https://bodhi.fedoraproject.org/updates/FEDORA-2019-6fafd84f5d
python3-3.6.8-2.fc28
The following builds have been pushed to Fedora 28 updates-testing
R-littler-0.3.6-1.fc28
console-login-helper-messages-0.13-4.fc28
cups-filters-1.20.0-13.fc28
egl-wayland-1.1.2-1.fc28
gajim-1.1.2-3.fc28
hplip-3.18.12-3.fc28
indent-2.2.11-25.fc28
iproute-4.20.0-1.fc28
libwmf-0.2.12-1.fc28
oci-umount-2.5-1.gitc3cda1f.fc28
perl-Inline-Struct-0.27-1.fc28
php-sebastian-environment4-4.1.0-1.fc28
phpunit6-6.5.14-1.fc28
phpunit7-7.5.3-1.fc28
python-caja-1.20.2-2.fc28
python-nbxmpp-0.6.9-1.fc28
python-precis_i18n-1.0-2.fc28
Details about builds:
================================================================================
R-littler-0.3.6-1.fc28 (FEDORA-2019-d5932a59a1)
littler: R at the Command-Line via 'r'
--------------------------------------------------------------------------------
Update Information:
New version.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Mattias Ellert <mattias.ellert(a)physics.uu.se> - 0.3.6-1
- New upstream release 0.3.6
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.3.5-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
console-login-helper-messages-0.13-4.fc28 (FEDORA-2019-1d33b2e78e)
Combines motd, issue, profile features to show system information to the user before/on
login
--------------------------------------------------------------------------------
Update Information:
Adds a new package to updates-testing: console-login-helper-messages - Shows
helper information in terminal before/after login (approved:
https://bugzilla.redhat.com/show_bug.cgi?id=1667174) - upstream:
https://github.com/rfairley/console-login-helper-messages - steps to check
functionality:
https://github.com/rfairley/console-login-helper-
messages/blob/master/reviewers.md
--------------------------------------------------------------------------------
================================================================================
cups-filters-1.20.0-13.fc28 (FEDORA-2019-e377866325)
OpenPrinting CUPS filters and backends
--------------------------------------------------------------------------------
Update Information:
cups-brf needs to be run as root
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Zdenek Dohnal <zdohnal(a)redhat.com> - 1.20.0-13
- cups-brf needs to be run as root
--------------------------------------------------------------------------------
================================================================================
egl-wayland-1.1.2-1.fc28 (FEDORA-2019-087d42c74c)
Wayland EGL External Platform library
--------------------------------------------------------------------------------
Update Information:
- Update to latest release.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Leigh Scott <leigh123linux(a)googlemail.com> - 1.1.2-1
- Update to 1.1.2
* Thu Jan 31 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 1.1.1-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
gajim-1.1.2-3.fc28 (FEDORA-2019-7cba5ed82b)
Jabber client written in PyGTK
--------------------------------------------------------------------------------
Update Information:
For the list of changes see:
https://dev.gajim.org/gajim/gajim/blob/gajim-1.1.2/ChangeLog
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 29 2019 Michal Schmidt <mschmidt(a)redhat.com> - 1.1.2-3
- Drop python3-crypto dependency.
- Enable python dependency generator.
* Mon Jan 28 2019 Michal Schmidt <mschmidt(a)redhat.com> - 1.1.2-2
- Require python-precis_i18n now that it's available.
* Thu Jan 24 2019 Michal Schmidt <mschmidt(a)redhat.com> - 1.1.2-1
- Upstream release 1.1.2.
* Fri Jan 4 2019 Michal Schmidt <mschmidt(a)redhat.com> - 1.1.1-1
- Upstream release 1.1.1.
- Make precis-i18n dep optional until it's available in Fedora.
* Wed Nov 14 2018 Michal Schmidt <mschmidt(a)redhat.com> - 1.1.0-2
- Update runtime requirements according to upstream README.
* Wed Nov 14 2018 Michal Schmidt <mschmidt(a)redhat.com> - 1.1.0-1
- Upstream release 1.1.0.
--------------------------------------------------------------------------------
================================================================================
hplip-3.18.12-3.fc28 (FEDORA-2019-e7040e9d05)
HP Linux Imaging and Printing Project
--------------------------------------------------------------------------------
Update Information:
hp-setup crashes when user specifies path to PPD
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Zdenek Dohnal <zdohnal(a)redhat.com> - 3.18.12-3
- m277-m281 printer support got some fixes, so try to do not use our downstream patch
- hpcups-update-ppds can freeze sometimes, add timeout for to be sure
- fixed hp-setup crash when user wants to define path to PPD file
* Fri Feb 1 2019 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.18.12-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
--------------------------------------------------------------------------------
================================================================================
indent-2.2.11-25.fc28 (FEDORA-2019-ee46877ad3)
A GNU program for formatting C code
--------------------------------------------------------------------------------
Update Information:
This release adds support for binary literals (e.g. 0b01) that are recognized by
a GCC compiler.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Petr Pisar <ppisar(a)redhat.com> - 2.2.11-25
- Recognize binary integer literals (bug #1655319)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1655319 - missing binary number format token
https://bugzilla.redhat.com/show_bug.cgi?id=1655319
--------------------------------------------------------------------------------
================================================================================
iproute-4.20.0-1.fc28 (FEDORA-2019-cb4a3023ef)
Advanced IP routing and network device configuration tools
--------------------------------------------------------------------------------
Update Information:
New version 4.20.0 to match kernel version
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Phil Sutter <psutter(a)redhat.com> - 4.20.0-1
- New version 4.20.0
- Add upstream-suggested backports
- Upstream dropped cbq script, remove it along with related configs
- Add libcap support
--------------------------------------------------------------------------------
================================================================================
libwmf-0.2.12-1.fc28 (FEDORA-2019-e9bc354ee8)
Windows MetaFile Library
--------------------------------------------------------------------------------
Update Information:
CVE-2019-6978: double free in the gdImage*Ptr in gd_jpeg.c, and gd_wbmp.c
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Caol��n McNamara <caolanm(a)redhat.com> - 0.2.12-1
- Related: rhbz#1671392/rhbz#1671621 unwanted soname bump
* Fri Feb 1 2019 Rex Dieter <rdieter(a)fedoraproject.org> - 0.2.11-2
- track library sonames so bumps aren't a surprise
- use %make_build %make_install macros
* Thu Jan 31 2019 Caol��n McNamara <caolanm(a)redhat.com> - 0.2.11-1
- Resolves: rhbz#1671392 CVE-2019-6978 latest version
* Fri Aug 10 2018 Caol��n McNamara <caolanm(a)redhat.com> - 0.2.10-1
- latest version
* Fri Aug 10 2018 Caol��n McNamara <caolanm(a)redhat.com> - 0.2.9-5
- Related: rhbz#1602602 fix more clang warnings
* Fri Aug 10 2018 Igor Gnatenko <ignatenkobrain(a)fedoraproject.org> - 0.2.9-4
- Switch to %ldconfig_scriptlets
* Fri Aug 10 2018 Caol��n McNamara <caolanm(a)redhat.com> - 0.2.9-3
- Related: rhbz#1602602 fix more clang warnings
* Fri Aug 10 2018 Caol��n McNamara <caolanm(a)redhat.com> - 0.2.9-2
- Related: rhbz#1602602 fix clang warnings
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1671392 - CVE-2019-6978 libwmf: gd: double free in the gdImage*Ptr in
gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1671392
[ 2 ] Bug #1671621 - gimp-2.10.8-5.fc29 requires libwmf-0.2.so.7 and
libwmflite-0.2.so.7, but libwmf-0.2.11-1.fc29 provides libwmf-0.2.so.8 and
libwmf-lite-0.2.11-1.fc29 provides libwmflite-0.2.so.8
https://bugzilla.redhat.com/show_bug.cgi?id=1671621
--------------------------------------------------------------------------------
================================================================================
oci-umount-2.5-1.gitc3cda1f.fc28 (FEDORA-2019-f5eb6bc542)
OCI umount hook for docker
--------------------------------------------------------------------------------
Update Information:
Coverity fixes and man pages.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Dan Walsh <dwalsh(a)redhat.com> - 2:2.5-1.git
- Add Man page
- Fix converity issues.
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> -
2:2.3.4-2.git87f9237
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1612205 - Man page scan results for oci-umount
https://bugzilla.redhat.com/show_bug.cgi?id=1612205
--------------------------------------------------------------------------------
================================================================================
perl-Inline-Struct-0.27-1.fc28 (FEDORA-2019-368b440898)
Manipulate C structures directly from Perl
--------------------------------------------------------------------------------
Update Information:
This release adds support for pointers to functions.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jan 28 2019 Petr Pisar <ppisar(a)redhat.com> - 0.27-1
- 0.27 bump
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1669888 - perl-Inline-Struct-0.27 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1669888
--------------------------------------------------------------------------------
================================================================================
php-sebastian-environment4-4.1.0-1.fc28 (FEDORA-2019-e335d05b6b)
Handle HHVM/PHP environments
--------------------------------------------------------------------------------
Update Information:
**Version 4.1.0** - 2019-02-01 **Added** * Implemented
`Runtime::getNameWithVersionAndCodeCoverageDriver()` method * Implemented
[#34](https://github.com/sebastianbergmann/environment/pull/34): Support for
PCOV extension ---- **Version 4.0.2** - 2019-01-28 **Fixed** * Fixed
[#33](https://github.com/sebastianbergmann/environment/issues/33):
`Runtime::discardsComments()` returns true too eagerly **Removed** * Removed
support for Zend Optimizer+ in `Runtime::discardsComments()`
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Remi Collet <remi(a)remirepo.net> - 4.1.0-1
- update to 4.1.0
* Wed Jan 30 2019 Remi Collet <remi(a)remirepo.net> - 4.0.2-1
- update to 4.0.2
--------------------------------------------------------------------------------
================================================================================
phpunit6-6.5.14-1.fc28 (FEDORA-2019-66a167ad26)
The PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:
**Version 6.5.14** - 2019-02-01 **Fixed** * Fixed
[#3459](https://github.com/sebastianbergmann/phpunit/issues/3459): `@requires`
function swallows digits at the end of function name
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Remi Collet <remi(a)remirepo.net> - 6.5.14-1
- update to 6.5.14
--------------------------------------------------------------------------------
================================================================================
phpunit7-7.5.3-1.fc28 (FEDORA-2019-fa2730b5f8)
The PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:
**Version 7.5.3** - 2019-02-01 **Fixed** * Fixed
[#3490](https://github.com/sebastianbergmann/phpunit/pull/3490): Exceptions in
`tearDownAfterClass()` kill PHPUnit **Deprecated** * The method
`assertArraySubset()` is now deprecated. There is no behavioral change in this
version of PHPUnit. Using this method will trigger a deprecation warning in
PHPUnit 8 and in PHPUnit 9 this method will be removed.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Remi Collet <remi(a)remirepo.net> - 7.5.3-1
- update to 7.5.3
--------------------------------------------------------------------------------
================================================================================
python-caja-1.20.2-2.fc28 (FEDORA-2019-305db4d8db)
Python bindings for Caja
--------------------------------------------------------------------------------
Update Information:
- add upstream python2/3 support improvements from master branch
--------------------------------------------------------------------------------
ChangeLog:
* Fri Feb 1 2019 Wolfgang Ulbrich <fedora(a)raveit.de> - 1:1.20.2-2
- add upstream python2/3 support improvements from master branch
--------------------------------------------------------------------------------
================================================================================
python-nbxmpp-0.6.9-1.fc28 (FEDORA-2019-7cba5ed82b)
Python library for non-blocking use of Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
For the list of changes see:
https://dev.gajim.org/gajim/gajim/blob/gajim-1.1.2/ChangeLog
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jan 24 2019 Michal Schmidt <mschmidt(a)redhat.com> - 0.6.9-1
- Upstream release 0.6.9.
* Wed Nov 14 2018 Michal Schmidt <mschmidt(a)redhat.com> - 0.6.8-1
- Upstream release 0.6.8.
--------------------------------------------------------------------------------
================================================================================
python-precis_i18n-1.0-2.fc28 (FEDORA-2019-7cba5ed82b)
Python library for internationalized usernames and passwords
--------------------------------------------------------------------------------
Update Information:
For the list of changes see:
https://dev.gajim.org/gajim/gajim/blob/gajim-1.1.2/ChangeLog
--------------------------------------------------------------------------------