The following Fedora 26 Security updates need testing: Age URL 257 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb5c8d1e7 docker-distribution-2.6.2-1.git48294d9.fc26 89 https://bodhi.fedoraproject.org/updates/FEDORA-2018-66b885ae3c keycloak-httpd-client-install-0.8-1.fc26 76 https://bodhi.fedoraproject.org/updates/FEDORA-2018-4f8a78a5ef squid-4.0.23-1.fc26 51 https://bodhi.fedoraproject.org/updates/FEDORA-2018-db5041e661 bro-2.5.3-1.fc26 39 https://bodhi.fedoraproject.org/updates/FEDORA-2018-c967cee830 dovecot-2.2.34-1.fc26 35 https://bodhi.fedoraproject.org/updates/FEDORA-2018-122ea355a7 memcached-1.4.39-2.fc26 18 https://bodhi.fedoraproject.org/updates/FEDORA-2018-010396b4a2 chromium-65.0.3325.181-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-922cc2fbaa drupal8-8.3.9-1.fc26 11 https://bodhi.fedoraproject.org/updates/FEDORA-2018-6855fa237d mod_http2-1.10.16-1.fc26 9 https://bodhi.fedoraproject.org/updates/FEDORA-2018-22b25bab31 httpd-2.4.33-2.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-97ad7e69c1 wordpress-4.9.5-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-81d3af3f36 koji-1.15.1-1.fc26
The following Fedora 26 Critical Path updates have yet to be approved: Age URL 55 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ddd1e5c30a iproute-4.14.1-5.fc26 15 https://bodhi.fedoraproject.org/updates/FEDORA-2018-ab61ad2e1b osinfo-db-20180325-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d4cacdf9bc rpm-4.13.1-1.fc26 12 https://bodhi.fedoraproject.org/updates/FEDORA-2018-7649fef814 thunderbird-52.7.0-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-81d3af3f36 koji-1.15.1-1.fc26 6 https://bodhi.fedoraproject.org/updates/FEDORA-2018-0787a0a775 python-productmd-1.11-2.fc26 pungi-4.1.23-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-3a53c9f749 libtalloc-2.1.13-1.fc26 2 https://bodhi.fedoraproject.org/updates/FEDORA-2018-200bbdfc76 vim-8.0.1666-1.fc26 0 https://bodhi.fedoraproject.org/updates/FEDORA-2018-d5f6e8a28a python-beautifulsoup4-4.6.0-2.fc26.1
The following builds have been pushed to Fedora 26 updates-testing
cdargs-1.35-18.fc26 deja-dup-37.1-4.fc26 desktop-file-utils-0.23-8.fc26 digikam-5.9.0-1.fc26 freeipmi-1.6.1-1.fc26 gpxsee-5.6-1.fc26 jpegoptim-1.4.5-1.fc26 lollypop-0.9.403-3.fc26 pcs-0.9.160-2.fc26 pyhunspell-0.5.4-1.fc26 python-fedmsg-meta-fedora-infrastructure-0.24.0-1.fc26 python-pycryptodomex-3.6.0-2.fc26 sqlitebrowser-3.9.1-6.fc26 webkitgtk4-2.20.1-1.fc26
Details about builds:
================================================================================ cdargs-1.35-18.fc26 (FEDORA-2018-02ce5267e3) The shell cd with bookmarks and browser -------------------------------------------------------------------------------- Update Information:
Unorphaned --------------------------------------------------------------------------------
================================================================================ deja-dup-37.1-4.fc26 (FEDORA-2018-35b38273b9) Simple backup tool and frontend for duplicity -------------------------------------------------------------------------------- Update Information:
ulimit fix for webgtk -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1556743 - [abrt] deja-dup: Gigacage::<lambda()>::operator()(): deja-dup-monitor killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1556743 --------------------------------------------------------------------------------
================================================================================ desktop-file-utils-0.23-8.fc26 (FEDORA-2018-b931933ce3) Utilities for manipulating .desktop files -------------------------------------------------------------------------------- Update Information:
This update adds 'font' to the list of registered media types, resolving [a bug](https://bugzilla.redhat.com/show_bug.cgi?id=1564650) which broke `update- desktop-database` when various packages that used this type were installed. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1564650 - Invalid syntax in /usr/share/applications/org.gnome.font-viewer.desktop https://bugzilla.redhat.com/show_bug.cgi?id=1564650 --------------------------------------------------------------------------------
================================================================================ digikam-5.9.0-1.fc26 (FEDORA-2018-a3db66a3d9) A digital camera accessing & photo management application -------------------------------------------------------------------------------- Update Information:
Digikam 5.9.0 release, https://www.digikam.org/news/2018-03-25-5.9.0_release_announcement/ --------------------------------------------------------------------------------
================================================================================ freeipmi-1.6.1-1.fc26 (FEDORA-2018-6a96be3200) IPMI remote console and system management software -------------------------------------------------------------------------------- Update Information:
New upstream version of freeipmi (1.6.1) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1541578 - freeipmi-1.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1541578 --------------------------------------------------------------------------------
================================================================================ gpxsee-5.6-1.fc26 (FEDORA-2018-47c04282c6) GPS log file viewer and analyzer -------------------------------------------------------------------------------- Update Information:
News in version **5.6**: * Added WMS support * Several minor bugfixes and improvements (mostly WMTS) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1565383 - gpxsee-5.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1565383 --------------------------------------------------------------------------------
================================================================================ jpegoptim-1.4.5-1.fc26 (FEDORA-2018-1773d72259) Utility to optimize JPEG files -------------------------------------------------------------------------------- Update Information:
v1.4.5 - fix `--overwrite` option, - better error reporting for `-d` option - fix memcmp() potentially reading past end of buffer - some minor fixes -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1562503 - jpegoptim-1.4.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1562503 --------------------------------------------------------------------------------
================================================================================ lollypop-0.9.403-3.fc26 (FEDORA-2018-f06389727c) Music player for GNOME -------------------------------------------------------------------------------- Update Information:
Changed RR from pyplast to python2-pylast ---- Add art_album.py.diff (BZ #1562595) ---- Update to 0.9.403 ---- - Update lollypop-portal to 0.9.7 ---- Update to 0.9.402 ---- Update to 0.9.401 ---- Update to 0.9.400 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1562595 - [abrt] lollypop: __on_save_artwork_tags(): art_album.py:432:__on_save_artwork_tags:GLib.GError: g_convert_error: L'URI ��sftp://bertof@192.168.1.42/mnt/1TB/Condivisa/Musica/Fondamentali/30%20Seconds%20To%20Mars%20-%20Kings%20and%20Queens.mp3�� non �� ... https://bugzilla.redhat.com/show_bug.cgi?id=1562595 --------------------------------------------------------------------------------
================================================================================ pcs-0.9.160-2.fc26 (FEDORA-2018-ce5d7106d8) Pacemaker Configuration System -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2018-1086 and CVE-2018-1079 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1557366 - CVE-2018-1086 pcs: Debug parameter removal bypass, allowing information disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1557366 [ 2 ] Bug #1550243 - CVE-2018-1079 pcs: Privilege escalation via authorized user malicious REST call https://bugzilla.redhat.com/show_bug.cgi?id=1550243 --------------------------------------------------------------------------------
================================================================================ pyhunspell-0.5.4-1.fc26 (FEDORA-2018-c4b84cad19) Python bindings for hunspell -------------------------------------------------------------------------------- Update Information:
update to 0.5.4 ---- Apply fix for encoding problem from upstream. (See: https://github.com/blatinier/pyhunspell/issues/32) ---- update to 0.5.0 --------------------------------------------------------------------------------
================================================================================ python-fedmsg-meta-fedora-infrastructure-0.24.0-1.fc26 (FEDORA-2018-60d27bd8f9) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information:
Update to 0.24.0 Changelog is at: https://github.com/fedora- infra/fedmsg_meta_fedora_infrastructure/blob/develop/CHANGELOG.rst#0240 --------------------------------------------------------------------------------
================================================================================ python-pycryptodomex-3.6.0-2.fc26 (FEDORA-2018-e687c05bd5) A self-contained cryptographic library for Python -------------------------------------------------------------------------------- Update Information:
3.6.0 (8 April 2018) ======== New features ------------ * Introduced ``export_key`` and deprecated ``exportKey`` for DSA and RSA key objects. * Ciphers and hash functions accept ``memoryview`` objects in input. * Added support for SHA-512/224 and SHA-512/256. Resolved issues --------------- * Reintroduced `Crypto.__version__` variable as in PyCrypto. * Fixed compilation problem with MinGW. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1564320 - python-pycryptodomex-3.6.0x is available https://bugzilla.redhat.com/show_bug.cgi?id=1564320 --------------------------------------------------------------------------------
================================================================================ sqlitebrowser-3.9.1-6.fc26 (FEDORA-2018-71c5320965) Create, design, and edit SQLite database files -------------------------------------------------------------------------------- Update Information:
This update fixes an issue where the sqlitebrowser application could not be minimized when using certain desktop environments, among which gnome shell. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1565145 - sqlitebrowser locks workspace https://bugzilla.redhat.com/show_bug.cgi?id=1565145 --------------------------------------------------------------------------------
================================================================================ webkitgtk4-2.20.1-1.fc26 (FEDORA-2018-4ae4ecee01) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information:
This update brings the following changes: * Improve error message when Gigacage cannot allocate virtual memory. * Add missing WebKitWebProcessEnumTypes.h to webkit-web-extension.h. * Improve web process memory monitor thresholds. * Fix a web process crash when the web view is created and destroyed quickly. * Fix a network process crash when load is cancelled while searching for stored HTTP auth credentials. * Fix the build when ENABLE_VIDEO, ENABLE_WEB_AUDIO and ENABLE_XSLT are disabled. * Fix several crashes and rendering issues. Translation updates: * Brazilian Portuguese, Czech. --------------------------------------------------------------------------------