Fedora 25 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 25 Security updates need testing:
 Age  URL
  52  https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170   chicken-4.11.0-3.fc25
   7  https://bodhi.fedoraproject.org/updates/FEDORA-2016-2df27a2224   ghostscript-9.20-2.fc25
   7  https://bodhi.fedoraproject.org/updates/FEDORA-2016-d2a05a0644   libass-0.13.4-1.fc25
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2016-6dd3bc37c3   compat-guile18-1.8.8-14.fc25
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6b82fc729   php-7.0.12-2.fc25
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2016-ea58a428a1   php-pecl-zip-1.13.5-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2016-3d3218ec41   qemu-2.7.0-4.fc25


The following Fedora 25 Critical Path updates have yet to be approved:
 Age URL
   7  https://bodhi.fedoraproject.org/updates/FEDORA-2016-6cb65ea55b   pungi-4.1.10-1.fc25
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2016-a5c3ebe67a   libXfont2-2.0.1-2.fc25 tigervnc-1.7.0-3.fc25 xorg-x11-drivers-7.7-18.fc25 xorg-x11-drv-amdgpu-1.1.2-3.20160929git97d7386c.fc25 xorg-x11-drv-armsoc-1.4.0-3.20160929.fc25 xorg-x11-drv-ati-7.7.1-1.20160928git3fc839ff.fc25 xorg-x11-drv-dummy-0.3.6-26.fc25 xorg-x11-drv-evdev-2.10.4-1.fc25 xorg-x11-drv-fbdev-0.4.3-25.fc25 xorg-x11-drv-fbturbo-0.5.1-0.8.20150221.fc25 xorg-x11-drv-freedreno-1.4.0-3.20160929.fc25 xorg-x11-drv-geode-2.11.18-2.fc25 xorg-x11-drv-intel-2.99.917-26.20160929.fc25 xorg-x11-drv-ivtv-1.2.0-0.22.fc25 xorg-x11-drv-libinput-0.19.1-3.20160929.fc25 xorg-x11-drv-nouveau-1.0.13-1.fc25 xorg-x11-drv-omap-0.4.4-3.fc25 xorg-x11-drv-openchrome-0.5.0-2.fc25 xorg-x11-drv-opentegra-0.7.0-8.fc25 xorg-x11-drv-qxl-0.1.4-10.20160929gite13d28ee.fc25 xorg-x11-drv-sisusb-0.9.6-24.fc25 xorg-x11-drv-synaptics-1.8.99.2-2.fc25 xorg-x11-drv-v4l-0.2.0-47.fc25 xorg-x11-drv-vesa-2.3.2-25.fc25 xorg-x11-drv-vmware-13.0.2-12.20150
 211git8f0cf7c.fc25 xorg-x11-drv-voodoo-1.2.5-25.fc25 xorg-x11-drv-wacom-0.33.0-2.20160929gitb61d1711.fc25 xorg-x11-font-utils-7.5-32.fc25 xorg-x11-proto-devel-7.7-20.fc25 xorg-x11-server-1.19.0-0.2.20160929.fc25


The following builds have been pushed to Fedora 25 updates-testing

    cjdns-18-3.fc25
    erlang-19.1.4-1.fc25
    findbugs-contrib-6.8.0-1.fc25
    frogr-1.2-1.fc25
    gssdp-1.0.1-1.fc25
    gupnp-1.0.1-1.fc25
    gupnp-av-0.12.10-1.fc25
    kaccounts-integration-16.08.2-1.fc25
    kaccounts-providers-16.08.2-1.fc25
    kdenetwork-filesharing-16.08.2-1.fc25
    kdnssd-16.08.2-1.fc25
    kget-16.08.2-1.fc25
    kio-extras-16.08.2-1.fc25
    kopete-16.08.2-1.fc25
    kppp-16.08.2-1.fc25
    krdc-16.08.2-1.fc25
    krfb-16.08.2-1.fc25
    ktp-accounts-kcm-16.08.2-1.fc25
    ktp-approver-16.08.2-1.fc25
    ktp-auth-handler-16.08.2-1.fc25
    ktp-common-internals-16.08.2-1.fc25
    ktp-contact-list-16.08.2-1.fc25
    ktp-contact-runner-16.08.2-1.fc25
    ktp-desktop-applets-16.08.2-1.fc25
    ktp-filetransfer-handler-16.08.2-1.fc25
    ktp-kded-integration-module-16.08.2-1.fc25
    ktp-send-file-16.08.2-1.fc25
    ktp-text-ui-16.08.2-1.fc25
    lua-rex-2.7.2-12.fc25
    mate-notification-daemon-1.16.0-2.fc25
    mingw-gdb-7.12-1.fc25
    mingw-harfbuzz-1.3.2-1.fc25
    mingw-libpng-1.6.25-1.fc25
    monit-5.19.0-1.fc25
    nodejs-6.8.1-3.fc25
    perl-App-Cmd-0.331-2.fc25
    perl-Specio-0.30-1.fc25
    purple-skypeweb-1.2.2-3.20161015gitd23eab9.fc25
    qemu-2.7.0-4.fc25
    signon-kwallet-extension-16.08.2-1.fc25
    subtitleeditor-0.53.0-1.fc25
    vulkan-1.0.30.0-1.fc25

Details about builds:


================================================================================
 cjdns-18-3.fc25 (FEDORA-2016-e4ad76ccf9)
 The privacy-friendly network without borders
--------------------------------------------------------------------------------
Update Information:

New upstream release has protocol 18 which supports supernodes.
Supernode/Subnode code is still a work in progress with this release, so it is
disabled.  Fedora and EL7 use libsodium, as it gives the best performance with a
dynamic library.  EL6 uses the bundled NaCl library to avoid the libstdc++
dependency of the dynamic library.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1383844 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1383844
--------------------------------------------------------------------------------


================================================================================
 erlang-19.1.4-1.fc25 (FEDORA-2016-4421c7d7b8)
 General-purpose programming language and runtime environment
--------------------------------------------------------------------------------
Update Information:

* Ver. 19.1.4  ----  * Ver. 19.1.3  ----  * Ver. 19.1.2  ----  * Ver. 19.1.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1385273 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1385273
  [ 2 ] Bug #1383671 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1383671
  [ 3 ] Bug #1378049 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1378049
--------------------------------------------------------------------------------


================================================================================
 findbugs-contrib-6.8.0-1.fc25 (FEDORA-2016-02274602f7)
 Extra findbugs detectors
--------------------------------------------------------------------------------
Update Information:

Update to 6.8.0. Detectors added in this version:  * **[DMC] Dubious Map
Collection** - Looks for fields that are implementations of `java.util.Map`, but
that are only ever iterated over. This probably means that this data structure
should be a `List` of some class that holds two values, or at the least `Pair`.
`Map` was probably chosen as it was the easiest thing to use, but obfuscates the
reason for the data structure.  * **[BL] Burying Logic** - Looks for relatively
large `if` blocks of code, where you unconditionally `return` from them, and
then follow that with an unconditional `return` of a small block. This places
the bulk of the logic to the right indentation-wise, making it more difficult to
read than needed. It would be better to invert the logic of the `if` block, and
immediately `return`, allowing the bulk of the logic to be moved to the left,
for easier reading.  * **[WI] Wiring Issues** - Looks for various issues around
`@Autowired`/`@Inject` fields in DI classes     * Injecting the same bean twice
into the same class hierarchy, even with different field names  * **[CCI]
Concurrent Collection Issues** - Looks for various issues around using
concurrent collections including:     * Using `get`/`put` with collection
values, when you should use `putIfAbsent`
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1383534 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1383534
--------------------------------------------------------------------------------


================================================================================
 frogr-1.2-1.fc25 (FEDORA-2016-15d6061baf)
 Flickr Remote Organizer for GNOME
--------------------------------------------------------------------------------
Update Information:

frogr 1.2 release.    * Added flatpak support.   * Improved content inside the
AppData file.   * Fix cancellation of the image upload process.   * Remove
build-dependency on intltool, now relying on gettext only.
--------------------------------------------------------------------------------


================================================================================
 gssdp-1.0.1-1.fc25 (FEDORA-2016-3aac6fddd1)
 Resource discovery and announcement over SSDP
--------------------------------------------------------------------------------
Update Information:

1.0.1 releases of the gupnp stack.
--------------------------------------------------------------------------------


================================================================================
 gupnp-1.0.1-1.fc25 (FEDORA-2016-3aac6fddd1)
 A framework for creating UPnP devices & control points
--------------------------------------------------------------------------------
Update Information:

1.0.1 releases of the gupnp stack.
--------------------------------------------------------------------------------


================================================================================
 gupnp-av-0.12.10-1.fc25 (FEDORA-2016-3aac6fddd1)
 A collection of helpers for building UPnP AV applications
--------------------------------------------------------------------------------
Update Information:

1.0.1 releases of the gupnp stack.
--------------------------------------------------------------------------------


================================================================================
 kaccounts-integration-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Small system to administer web accounts across the KDE desktop
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 kaccounts-providers-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Additional service providers for KAccounts framework
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 kdenetwork-filesharing-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Network filesharing
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 kdnssd-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 KDE Network Monitor for DNS-SD services (Zeroconf)
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 kget-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Download manager
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 kio-extras-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Additional components to increase the functionality of KIO Framework
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 kopete-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Instant messenger
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 kppp-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Dialer and Front end for pppd
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 krdc-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Remote desktop client
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 krfb-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Desktop sharing
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-accounts-kcm-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 KDE Configuration Module for Telepathy Instant Messaging Accounts
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-approver-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 KDE Channel Approver for Telepathy
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-auth-handler-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Provide UI/KWallet Integration
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-common-internals-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Common internals for KDE Telepathy
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-contact-list-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Telepathy contact list application
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-contact-runner-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Plasma runner for KDE Telepathy
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-desktop-applets-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 KDE Telepathy desktop applets
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-filetransfer-handler-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Telepathy file transfer handler
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-kded-integration-module-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 KDE integration for telepathy
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-send-file-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 A File manager plugin to launch file transfer jobs
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 ktp-text-ui-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 Telepathy text chat handler
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 lua-rex-2.7.2-12.fc25 (FEDORA-2016-aaab5d3629)
 Regular expression handling library for Lua
--------------------------------------------------------------------------------
Update Information:

Fix broken dependencies.
--------------------------------------------------------------------------------


================================================================================
 mate-notification-daemon-1.16.0-2.fc25 (FEDORA-2016-07aecbc405)
 Notification daemon for MATE Desktop
--------------------------------------------------------------------------------
Update Information:

- Fix bold formating
--------------------------------------------------------------------------------


================================================================================
 mingw-gdb-7.12-1.fc25 (FEDORA-2016-c52626ad7f)
 MinGW Windows port of the GDB debugger
--------------------------------------------------------------------------------
Update Information:

MinGW cross compiled gdb 7.12 release.
--------------------------------------------------------------------------------


================================================================================
 mingw-harfbuzz-1.3.2-1.fc25 (FEDORA-2016-bd30dc0071)
 MinGW Windows Harfbuzz library
--------------------------------------------------------------------------------
Update Information:

MinGW cross compiled harfbuzz 1.3.2 release.
--------------------------------------------------------------------------------


================================================================================
 mingw-libpng-1.6.25-1.fc25 (FEDORA-2016-ac30e9617e)
 MinGW Windows Libpng library
--------------------------------------------------------------------------------
Update Information:

MinGW cross compiled libpng 1.6.25 release.
--------------------------------------------------------------------------------


================================================================================
 monit-5.19.0-1.fc25 (FEDORA-2016-73d71ed643)
 Manages and monitors processes, files, directories and devices
--------------------------------------------------------------------------------
Update Information:

Updates Monit to 5.19.0.  Please note that this update may require minor updates
to your configuration files if you wish to preserve identical behaviour to
5.14.0. See https://mmonit.com/monit/changes for details.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1325633 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1325633
--------------------------------------------------------------------------------


================================================================================
 nodejs-6.8.1-3.fc25 (FEDORA-2016-161d3d82d0)
 JavaScript runtime
--------------------------------------------------------------------------------
Update Information:

Update to Node.js 6.8.1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1384267 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1384267
--------------------------------------------------------------------------------


================================================================================
 perl-App-Cmd-0.331-2.fc25 (FEDORA-2016-c5a776d731)
 Write command line apps with less suffering
--------------------------------------------------------------------------------
Update Information:

The upstream tests have been removed from the package, per user request.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1385280 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1385280
--------------------------------------------------------------------------------


================================================================================
 perl-Specio-0.30-1.fc25 (FEDORA-2016-678f5c6111)
 Type constraints and coercions for Perl
--------------------------------------------------------------------------------
Update Information:

Minor bugfix for a corner case.
--------------------------------------------------------------------------------


================================================================================
 purple-skypeweb-1.2.2-3.20161015gitd23eab9.fc25 (FEDORA-2016-097e115239)
 Adds support for Skype to Pidgin
--------------------------------------------------------------------------------
Update Information:

Fixed warning.  ----  * Updated to version 1.2.2. * Fixed accounts login.  ----
* Updated to version 1.2.2. * Fixed non-Live logins.
--------------------------------------------------------------------------------


================================================================================
 qemu-2.7.0-4.fc25 (FEDORA-2016-3d3218ec41)
 QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:

* CVE-2016-7155: pvscsi: OOB read and infinite loop (bz #1373463) *
CVE-2016-7156: pvscsi: infinite loop when building SG list (bz #1373480) *
CVE-2016-7156: pvscsi: infinite loop when processing IO requests (bz #1373480) *
CVE-2016-7170: vmware_vga: OOB stack memory access (bz #1374709) *
CVE-2016-7157: mptsas: invalid memory access (bz #1373505) * CVE-2016-7466: usb:
xhci memory leakage during device unplug (bz #1377838) * CVE-2016-7423: scsi:
mptsas: OOB access (bz #1376777) * CVE-2016-7422: virtio: null pointer
dereference (bz #1376756) * CVE-2016-7908: net: Infinite loop in mcf_fec_do_tx
(bz #1381193) * CVE-2016-8576: usb: xHCI: infinite loop vulnerability (bz
#1382322) * CVE-2016-7995: usb: hcd-ehci: memory leak (bz #1382669)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1373462 - CVE-2016-7155 Qemu: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings
        https://bugzilla.redhat.com/show_bug.cgi?id=1373462
  [ 2 ] Bug #1373478 - CVE-2016-7156 Qemu: scsi: pvscsi: infintie loop when building SG list
        https://bugzilla.redhat.com/show_bug.cgi?id=1373478
  [ 3 ] Bug #1374702 - CVE-2016-7170 Qemu: vmware_vga: OOB stack memory access when processing svga command
        https://bugzilla.redhat.com/show_bug.cgi?id=1374702
  [ 4 ] Bug #1373504 - CVE-2016-7157 Qemu: scsi: mptsas: invalid memory access while building configuration pages
        https://bugzilla.redhat.com/show_bug.cgi?id=1373504
  [ 5 ] Bug #1377837 - CVE-2016-7466 Qemu: usb: xhci memory leakage during device unplug
        https://bugzilla.redhat.com/show_bug.cgi?id=1377837
  [ 6 ] Bug #1376776 - CVE-2016-7423 Qemu: scsi: mptsas: OOB access when freeing MPTSASRequest object
        https://bugzilla.redhat.com/show_bug.cgi?id=1376776
  [ 7 ] Bug #1376755 - CVE-2016-7422 Qemu: virtio: null pointer dereference in virtqueu_map_desc
        https://bugzilla.redhat.com/show_bug.cgi?id=1376755
  [ 8 ] Bug #1327465 - CVE-2016-7908 Qemu: net: Infinite loop in mcf_fec_do_tx()
        https://bugzilla.redhat.com/show_bug.cgi?id=1327465
  [ 9 ] Bug #1333425 - CVE-2016-8576 Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
        https://bugzilla.redhat.com/show_bug.cgi?id=1333425
  [ 10 ] Bug #1382668 - CVE-2016-7995 Qemu: usb: hcd-ehci: memory leak in ehci_process_itd
        https://bugzilla.redhat.com/show_bug.cgi?id=1382668
--------------------------------------------------------------------------------


================================================================================
 signon-kwallet-extension-16.08.2-1.fc25 (FEDORA-2016-8b494f4606)
 KWallet integration for Sign-on framework
--------------------------------------------------------------------------------
Update Information:

KDE Network Applications 16.08.2
--------------------------------------------------------------------------------


================================================================================
 subtitleeditor-0.53.0-1.fc25 (FEDORA-2016-42f17cdbbb)
 GTK+2 tool to edit subtitles for GNU/Linux/*BSD
--------------------------------------------------------------------------------
Update Information:

Fix broken dependencies.
--------------------------------------------------------------------------------


================================================================================
 vulkan-1.0.30.0-1.fc25 (FEDORA-2016-7b73fbcc99)
 Vulkan loader and validation layers
--------------------------------------------------------------------------------
Update Information:

Update  ----  Add wayland support
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1383115 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1383115
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux