The following Fedora 25 Security updates need testing: Age URL 35 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170 chicken-4.11.0-3.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-39de4eb5e7 irssi-0.8.20-2.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b8717537a libdwarf-20160923-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-666d95d1d5 php-ZendFramework-1.12.20-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-704e85cac2 python-django-1.9.10-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-43ff70c6b1 nodejs-6.7.0-107.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0bf602e920 openjpeg2-2.1.2-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f8235d2ef9 mingw-openjpeg2-2.1.2-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-76bd94ca9e bind-9.10.4-2.P3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f6e4e66202 bind99-9.9.9-2.P3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-894abe29d2 systemd-231-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-94293f91e8 openssh-7.3p1-4.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d73759936 zathura-pdf-mupdf-0.3.0-2.fc25 mujs-0-5.20160921git5c337af.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b806dfedca lorax-25.16-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-06e0cad5a1 poppler-0.45.0-2.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-429a9a85ba linux-firmware-20160923-68.git42ad5367.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-35b79799c1 kernel-4.8.0-0.rc8.git0.1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-94293f91e8 openssh-7.3p1-4.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-894abe29d2 systemd-231-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc57295873 gdb-7.12-0.19.20160929.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5c132f6a26 koji-1.10.1-13.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c0d544981f mutter-3.22.0-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2787de39a2 gtk3-3.22.0-2.fc25 The following builds have been pushed to Fedora 25 updates-testing bind-9.10.4-2.P3.fc25 bind99-9.9.9-2.P3.fc25 eclipse-fedorapackager-0.6.0-1.fc25 eclipse-swtbot-2.5.0-1.fc25 exodusii-6.02-4.fc25 fishpoll-0.1.7-6.fc25 gap-4.8.5-1.fc25 gdb-7.12-0.19.20160929.fc25 ghc-rpm-macros-1.6.9-2.fc25 ghc-snap-core-0.9.8.0-2.fc25 ghc-yaml-0.8.18.7-2.fc25 haskell-platform-2016.7.10.3-3.fc25 ibus-libzhuyin-1.7.9-1.fc25 kdelibs3-3.5.10-77.fc25 koji-1.10.1-13.fc25 kosmtik-0.0.13-13.fc25 libfm-qt-0.11.1-2.fc25 liblxqt-0.11.0-1.fc25 libqtxdg-2.0.0-2.fc25 libreoffice-5.2.2.2-1.fc25 lximage-qt-0.5.0-1.fc25 lxqt-about-0.11.0-1.fc25 lxqt-common-0.11.0-1.fc25 lxqt-config-0.11.0-2.fc25 lxqt-globalkeys-0.11.0-2.fc25 lxqt-notificationd-0.11.0-1.fc25 lxqt-openssh-askpass-0.11.0-2.fc25 lxqt-panel-0.11.0-2.fc25 lxqt-policykit-0.11.0-2.fc25 lxqt-powermanagement-0.11.0-1.fc25 lxqt-qtplugin-0.11.0-1.fc25 lxqt-runner-0.11.0-7.fc25 lxqt-session-0.11.0-1.fc25 lxqt-sudo-0.11.0-1.fc25 mame-0.178-1.fc25 mingw-openjpeg2-2.1.2-1.fc25 mkvtoolnix-9.4.2-1.fc25 mujs-0-5.20160921git5c337af.fc25 nodejs-leaflet-1.0.0-1.fc25 opencsg-1.4.2-1.fc25 openjpeg2-2.1.2-1.fc25 openssh-7.3p1-4.fc25 pavucontrol-qt-0.1.0-2.fc25 pcmanfm-qt-0.11.1-1.fc25 perl-App-Cme-1.014-1.fc25 perl-Authen-SASL-SASLprep-1.100-1.fc25 perl-Business-ISBN-3.003-1.fc25 perl-CPAN-Perl-Releases-2.94-1.fc25 perl-Canary-Stability-2012-1.fc25 perl-Config-Model-2.092-1.fc25 perl-Config-Model-Itself-2.006-1.fc25 perl-Config-Model-TkUI-1.357-1.fc25 perl-PDF-Reuse-0.39-1.fc25 perl-Test2-Suite-0.000060-1.fc25 python-colorspacious-1.0.0-3.fc25 python-rpmfluff-0.5.2-1.fc25 roundcubemail-1.2.2-1.fc25 systemd-231-5.fc25 zathura-pdf-mupdf-0.3.0-2.fc25 Details about builds: ================================================================================ bind-9.10.4-2.P3.fc25 (FEDORA-2016-76bd94ca9e) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information: Update to latest upstream version due to CVE-2016-2776 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1378380 - CVE-2016-2776 bind: assertion failure in buffer.c while building responses to a specifically constructed request https://bugzilla.redhat.com/show_bug.cgi?id=1378380 -------------------------------------------------------------------------------- ================================================================================ bind99-9.9.9-2.P3.fc25 (FEDORA-2016-f6e4e66202) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) libraries -------------------------------------------------------------------------------- Update Information: Update to the latest upstream version due to CVE-2016-2776 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1378380 - CVE-2016-2776 bind: assertion failure in buffer.c while building responses to a specifically constructed request https://bugzilla.redhat.com/show_bug.cgi?id=1378380 -------------------------------------------------------------------------------- ================================================================================ eclipse-fedorapackager-0.6.0-1.fc25 (FEDORA-2016-0dffa3695b) Fedora Packager for Eclipse -------------------------------------------------------------------------------- Update Information: Update to 0.6.0 release. -------------------------------------------------------------------------------- ================================================================================ eclipse-swtbot-2.5.0-1.fc25 (FEDORA-2016-8e0d8fdd7c) UI and functional testing tool for SWT and Eclipse based applications -------------------------------------------------------------------------------- Update Information: Update to upstream 2.5.0 release. -------------------------------------------------------------------------------- ================================================================================ exodusii-6.02-4.fc25 (FEDORA-2016-3ec60759ec) Library to store and retrieve transient finite element data -------------------------------------------------------------------------------- Update Information: Initial import -------------------------------------------------------------------------------- References: [ 1 ] Bug #1336552 - None https://bugzilla.redhat.com/show_bug.cgi?id=1336552 -------------------------------------------------------------------------------- ================================================================================ fishpoll-0.1.7-6.fc25 (FEDORA-2016-0b05e93687) Daemon and Client to run scripts when triggered from the network -------------------------------------------------------------------------------- Update Information: Make use of an EnvironmentFile directive on the service file and allow systemd to source env variables from it. -------------------------------------------------------------------------------- ================================================================================ gap-4.8.5-1.fc25 (FEDORA-2016-33063de86d) Computational discrete algebra -------------------------------------------------------------------------------- Update Information: See http://gap-system.org/Manuals/doc/changes/chap2.html#X84E1F4618181F6A3 for changes in gap version 4.8.5. -------------------------------------------------------------------------------- ================================================================================ gdb-7.12-0.19.20160929.fc25 (FEDORA-2016-cc57295873) A stub package for GNU source-level debugger -------------------------------------------------------------------------------- Update Information: Fixes GDB crashes on inf. function call scripts (RH BZ 1378147, Pedro Alves). ---- Fix attachment of JIT-debug-enabled inf. (7.11.1 regression, RH BZ 1375553). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1378147 - None https://bugzilla.redhat.com/show_bug.cgi?id=1378147 [ 2 ] Bug #1375553 - None https://bugzilla.redhat.com/show_bug.cgi?id=1375553 -------------------------------------------------------------------------------- ================================================================================ ghc-rpm-macros-1.6.9-2.fc25 (FEDORA-2016-23c83c1fa7) RPM macros for building packages for GHC -------------------------------------------------------------------------------- Update Information: builds for ghc-7.10.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1100652 - None https://bugzilla.redhat.com/show_bug.cgi?id=1100652 -------------------------------------------------------------------------------- ================================================================================ ghc-snap-core-0.9.8.0-2.fc25 (FEDORA-2016-23c83c1fa7) Snap web framework core library -------------------------------------------------------------------------------- Update Information: builds for ghc-7.10.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1100652 - None https://bugzilla.redhat.com/show_bug.cgi?id=1100652 -------------------------------------------------------------------------------- ================================================================================ ghc-yaml-0.8.18.7-2.fc25 (FEDORA-2016-23c83c1fa7) Support for parsing and rendering YAML documents -------------------------------------------------------------------------------- Update Information: builds for ghc-7.10.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1100652 - None https://bugzilla.redhat.com/show_bug.cgi?id=1100652 -------------------------------------------------------------------------------- ================================================================================ haskell-platform-2016.7.10.3-3.fc25 (FEDORA-2016-23c83c1fa7) Standard Haskell distribution -------------------------------------------------------------------------------- Update Information: builds for ghc-7.10.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1100652 - None https://bugzilla.redhat.com/show_bug.cgi?id=1100652 -------------------------------------------------------------------------------- ================================================================================ ibus-libzhuyin-1.7.9-1.fc25 (FEDORA-2016-b2263f5358) New Zhuyin engine based on libzhuyin for IBus -------------------------------------------------------------------------------- Update Information: Fixes input behavior. -------------------------------------------------------------------------------- ================================================================================ kdelibs3-3.5.10-77.fc25 (FEDORA-2016-afda6b5846) KDE 3 Libraries -------------------------------------------------------------------------------- Update Information: This kdelibs3 update fixes the KDE 3 compatibility version of KSVG to not crash in an infinite loop on current Breeze icons. This fixes startup of Quanta Plus. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1376181 - None https://bugzilla.redhat.com/show_bug.cgi?id=1376181 -------------------------------------------------------------------------------- ================================================================================ koji-1.10.1-13.fc25 (FEDORA-2016-5c132f6a26) Build system tools -------------------------------------------------------------------------------- Update Information: Add --new-chroot option for runroot plugin, allowing mock inside koji to use systemd-nspawn style chroot. -------------------------------------------------------------------------------- ================================================================================ kosmtik-0.0.13-13.fc25 (FEDORA-2016-8b99783256) Make maps with OpenStreetMap and Mapnik -------------------------------------------------------------------------------- Update Information: Update leaflet to 1.0.0 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380059 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380059 -------------------------------------------------------------------------------- ================================================================================ libfm-qt-0.11.1-2.fc25 (FEDORA-2016-9d3a87f3bb) Companion library for PCManFM -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ liblxqt-0.11.0-1.fc25 (FEDORA-2016-9d3a87f3bb) Core shared library for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ libqtxdg-2.0.0-2.fc25 (FEDORA-2016-9d3a87f3bb) QtXdg, a Qt5 implementation of XDG standards -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ libreoffice-5.2.2.2-1.fc25 (FEDORA-2016-ec474d37fc) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: update to 5.2.2 rc2 -------------------------------------------------------------------------------- ================================================================================ lximage-qt-0.5.0-1.fc25 (FEDORA-2016-9d3a87f3bb) The image viewer and screenshot tool for LXQt -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-about-0.11.0-1.fc25 (FEDORA-2016-9d3a87f3bb) About application for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-common-0.11.0-1.fc25 (FEDORA-2016-9d3a87f3bb) Common resources for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-config-0.11.0-2.fc25 (FEDORA-2016-9d3a87f3bb) Config tools for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-globalkeys-0.11.0-2.fc25 (FEDORA-2016-9d3a87f3bb) Global keys utility for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-notificationd-0.11.0-1.fc25 (FEDORA-2016-9d3a87f3bb) Notification daemon for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-openssh-askpass-0.11.0-2.fc25 (FEDORA-2016-9d3a87f3bb) Askpass openssh transition dialog for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-panel-0.11.0-2.fc25 (FEDORA-2016-9d3a87f3bb) Main panel bar for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-policykit-0.11.0-2.fc25 (FEDORA-2016-9d3a87f3bb) PolicyKit agent for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-powermanagement-0.11.0-1.fc25 (FEDORA-2016-9d3a87f3bb) Powermanagement daemon for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-qtplugin-0.11.0-1.fc25 (FEDORA-2016-9d3a87f3bb) Qt plugin framework for LXQt Desktop Suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-runner-0.11.0-7.fc25 (FEDORA-2016-9d3a87f3bb) Application runner agent for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-session-0.11.0-1.fc25 (FEDORA-2016-9d3a87f3bb) Main session for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ lxqt-sudo-0.11.0-1.fc25 (FEDORA-2016-9d3a87f3bb) GUI frontend for sudo/su -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ mame-0.178-1.fc25 (FEDORA-2016-e0f9cac65f) Multiple Arcade Machine Emulator -------------------------------------------------------------------------------- Update Information: An update to the latest mame release: * http://mamedev.org/?p=431 -------------------------------------------------------------------------------- ================================================================================ mingw-openjpeg2-2.1.2-1.fc25 (FEDORA-2016-f8235d2ef9) MinGW Windows openjpeg2 library -------------------------------------------------------------------------------- Update Information: Update to version 2.1.2, see https://github.com/uclouvain/openjpeg/blob/v2.1.2/CHANGELOG.md for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377345 - CVE-2016-7445 openjpeg2: Null pointer dereference in convert.c https://bugzilla.redhat.com/show_bug.cgi?id=1377345 -------------------------------------------------------------------------------- ================================================================================ mkvtoolnix-9.4.2-1.fc25 (FEDORA-2016-221502156d) Matroska container manipulation utilities -------------------------------------------------------------------------------- Update Information: * mkvmerge: bug fix: AVC & HEVC readers: release v9.4.1 contains a change to both readers so that they will refuse to handle files where the detected pixel width or height is equal to or less than 0. This check was wrong in certain cases causing mkvmerge to reject a file as an unsupported file type. This has been fixed while keeping the constraints on width & height having to be positive. * Note: most of the bugs fixed on 2016-09-06 and 2016-09-07 for issue #1780 are potentially exploitable. The scenario is arbitrary code execution with specially-crafted files. Updating is highly recommended. * mkvmerge: bug fix: AVC & HEVC readers: the readers will now refuse to handle files where the detected pixel width or height is equal to or less than 0. Before this fix the muxing process aborted with an assertion inside libMatroska. Fixes the last test case of #1780. * mkvmerge: bug fix: HEVC parser: fixed another invalid memory access (beyond the end of allocated space). Fixes two test cases of #1780. * mkvmerge: bug fix: HEVC parser: fixed another invalid memory access (beyond the end of a fixed-size array). Fixes several test cases of #1780. * mkvmerge: bug fix: MP4 reader: an error message will be printed instead of an uncaught exception when an invalid atom chunk size is encountered during resync. Fixes a test case of #1780. * mkvmerge: bug fix: AAC reader: fixed mkvmerge throwing an uncaught exception due to the sample rate being 0. Fixes a test case of #1780. * mkvmerge: bug fix: MP4 reader: fixed an invalid memory access (beyond the end of allocated space). Fixes several test cases of #1780. * mkvmerge: bug fix: HEVC parser: fixed an invalid memory access (beyond the end of allocated space). Fixes several test cases of #1780. * mkvmerge: bug fix: fixed an invalid memory access (use after free) during global destruction phase. Fixes several test cases of #1780. * mkvmerge: bug fix: using very large --sync values (several minutes) with certain container formats was causing mkvmerge to abort muxing. Fixes #1774. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1376266 - None https://bugzilla.redhat.com/show_bug.cgi?id=1376266 -------------------------------------------------------------------------------- ================================================================================ mujs-0-5.20160921git5c337af.fc25 (FEDORA-2016-8d73759936) An embeddable Javascript interpreter -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-7563, CVE-2016-7564 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380323 - CVE-2016-7563 CVE-2016-7564 mujs: Multiple issues fixed in latest version https://bugzilla.redhat.com/show_bug.cgi?id=1380323 -------------------------------------------------------------------------------- ================================================================================ nodejs-leaflet-1.0.0-1.fc25 (FEDORA-2016-8b99783256) An open source JavaScript Library for Interactive Maps -------------------------------------------------------------------------------- Update Information: Update leaflet to 1.0.0 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380059 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380059 -------------------------------------------------------------------------------- ================================================================================ opencsg-1.4.2-1.fc25 (FEDORA-2016-ac79c0ed4d) Library for Constructive Solid Geometry using OpenGL -------------------------------------------------------------------------------- Update Information: OpenCSG 1.4.2 fixes an issue when the calling application renders into different frame buffer objects subsequently and uses OpenCSG. In this case, when called for the second time with the second FBO active, OpenCSG did not restore that FBO, but the first FBO that was active for a previous call of OpenCSG. This caused, for example, issues in applications rendering into a QOpenGLWidget with Qt 5, such as OpenSCAD. When resizing the OpenGL window, the problem occured, and the OpenGL window was not rendered at all anymore. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380373 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380373 -------------------------------------------------------------------------------- ================================================================================ openjpeg2-2.1.2-1.fc25 (FEDORA-2016-0bf602e920) C-Library for JPEG 2000 -------------------------------------------------------------------------------- Update Information: Update to version 2.1.2, see https://github.com/uclouvain/openjpeg/blob/v2.1.2/CHANGELOG.md for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377345 - CVE-2016-7445 openjpeg2: Null pointer dereference in convert.c https://bugzilla.redhat.com/show_bug.cgi?id=1377345 -------------------------------------------------------------------------------- ================================================================================ openssh-7.3p1-4.fc25 (FEDORA-2016-94293f91e8) An open source implementation of SSH protocol versions 1 and 2 -------------------------------------------------------------------------------- Update Information: This update brings the fix NULL dereference (Security) and support for Crypto- Policies (for F26) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380296 - openssh: Null pointer dereference due to early NEWKEYS https://bugzilla.redhat.com/show_bug.cgi?id=1380296 -------------------------------------------------------------------------------- ================================================================================ pavucontrol-qt-0.1.0-2.fc25 (FEDORA-2016-9d3a87f3bb) Qt port of volume control pavucontrol -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ pcmanfm-qt-0.11.1-1.fc25 (FEDORA-2016-9d3a87f3bb) LxQt file manager PCManFM -------------------------------------------------------------------------------- Update Information: New upstream lxqt package set 0.11.0 -------------------------------------------------------------------------------- ================================================================================ perl-App-Cme-1.014-1.fc25 (FEDORA-2016-12c2b26f85) Check or edit configuration data with Config::Model -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379101 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379101 -------------------------------------------------------------------------------- ================================================================================ perl-Authen-SASL-SASLprep-1.100-1.fc25 (FEDORA-2016-93e3d7d839) Stringprep profile for user names and passwords (RFC 4013) -------------------------------------------------------------------------------- Update Information: This release adds "stored strings" capability to saslprep() routine. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380044 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380044 -------------------------------------------------------------------------------- ================================================================================ perl-Business-ISBN-3.003-1.fc25 (FEDORA-2016-768fdbf9cb) Perl module to work with International Standard Book Numbers -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377504 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377504 -------------------------------------------------------------------------------- ================================================================================ perl-CPAN-Perl-Releases-2.94-1.fc25 (FEDORA-2016-3af67f69af) Mapping Perl releases on CPAN to the location of the tarballs -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377902 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377902 -------------------------------------------------------------------------------- ================================================================================ perl-Canary-Stability-2012-1.fc25 (FEDORA-2016-e8d387c9ef) Canary to check perl compatibility for Schmorp's modules -------------------------------------------------------------------------------- Update Information: This release removes coloring of an introduction text. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379997 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379997 -------------------------------------------------------------------------------- ================================================================================ perl-Config-Model-2.092-1.fc25 (FEDORA-2016-9aa025435c) Framework to create configuration validation tools and editors -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- ================================================================================ perl-Config-Model-Itself-2.006-1.fc25 (FEDORA-2016-fc754d5dd1) Model editor for Config::Model -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- ================================================================================ perl-Config-Model-TkUI-1.357-1.fc25 (FEDORA-2016-3bf5e0a114) TK GUI to edit config data through Config::Model -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- ================================================================================ perl-PDF-Reuse-0.39-1.fc25 (FEDORA-2016-d6d2653561) Reuse and mass produce PDF documents -------------------------------------------------------------------------------- Update Information: This release removes unneeded files form source tar ball. We deliver it only to provide recent version string. ---- This release closes TTF file handles, fixes warnings in prStrWidth() and prText(), handling bookmarks, reading PDF 1.5 version, CPU excessive usage when parsing bad PDF, handling zero coordinates in prMbox(). It also adds support for file handles, IO::String, and in-memory files. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380054 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380054 [ 2 ] Bug #1379025 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379025 -------------------------------------------------------------------------------- ================================================================================ perl-Test2-Suite-0.000060-1.fc25 (FEDORA-2016-0b7984d592) Set of tools built upon the Test2 framework -------------------------------------------------------------------------------- Update Information: This release corrcts handling Term::Readkey signal stack, it fixes documentation. It also adds Test2::Compare::Negatable and bool() and Tools::Exception::try_ok(). It also improves convert() and adds implicit end() into is(). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380081 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380081 -------------------------------------------------------------------------------- ================================================================================ python-colorspacious-1.0.0-3.fc25 (FEDORA-2016-ad3ba918f9) Perform colorspace conversions accurately and easily -------------------------------------------------------------------------------- Update Information: Colorspacious is a powerful, accurate, and easy-to-use library for performing colorspace conversions. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1374957 - None https://bugzilla.redhat.com/show_bug.cgi?id=1374957 -------------------------------------------------------------------------------- ================================================================================ python-rpmfluff-0.5.2-1.fc25 (FEDORA-2016-914adc225c) Lightweight way of building RPMs, and sabotaging them -------------------------------------------------------------------------------- Update Information: Lots of fixes by Dan Callaghan <dcallagh@xxxxxxxxxx> -------------------------------------------------------------------------------- ================================================================================ roundcubemail-1.2.2-1.fc25 (FEDORA-2016-170caeb196) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: **Version 1.2.2** * Enigma: Add possibility to configure gpg-agent binary location (enigma_pgp_agent) * Enigma: Fix signature verification with some IMAP servers, e.g. Gmail, DBMail (#5371) * Enigma: Make recipient key searches case-insensitive (#5434) * Fix regression in resizing JPEG images with Imagick (#5376) * Managesieve: Fix parsing of vacation date-time with non-default date_format (#5372) * Use SymLinksIfOwnerMatch in .htaccess instead of FollowSymLinks disabled on some hosts for security reasons (#5370) * Wash position:fixed style in HTML mail for better security (#5264) * Fix bug where memcache_debug didn't work for session operations * Fix bug where Message-ID domain part was tied to username instead of current identity (#5385) * Fix bug where blocked.gif couldn't be attached to reply/forward with insecure content * Fix E_DEPRECATED warning when using Auth_SASL::factory() (#5401) * Fix bug where names of downloaded files could be malformed when derived from the message subject (#5404) * Fix so "All" messages selection is resetted on search reset (#5413) * Fix bug where folder creation could fail if personal namespace contained more than one entry (#5403) * Fix error causing empty INBOX listing in Firefox when using an URL with user:password specified (#5400) * Fix PHP warning when handling shared namespace with empty prefix (#5420) * Fix so folders list is scrolled to the selected folder on page load (#5424) * Fix so when moving to Trash we make sure the folder exists (#5192) * Fix displaying size of attachments with zero size * Fix so "Action disabled" error uses more appropriate 404 code (#5440) -------------------------------------------------------------------------------- ================================================================================ systemd-231-5.fc25 (FEDORA-2016-894abe29d2) A System and Service Manager -------------------------------------------------------------------------------- Update Information: Fix for crash on empty notification messages. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380286 - systemd: Assertion failure when PID 1 receives a zero-length message over notify socket https://bugzilla.redhat.com/show_bug.cgi?id=1380286 -------------------------------------------------------------------------------- ================================================================================ zathura-pdf-mupdf-0.3.0-2.fc25 (FEDORA-2016-8d73759936) PDF support for zathura via mupdf -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-7563, CVE-2016-7564 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380323 - CVE-2016-7563 CVE-2016-7564 mujs: Multiple issues fixed in latest version https://bugzilla.redhat.com/show_bug.cgi?id=1380323 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
