The following Fedora 25 Security updates need testing: Age URL 62 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170 chicken-4.11.0-3.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d2a05a0644 libass-0.13.4-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6dd3bc37c3 compat-guile18-1.8.8-14.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e56ed6f472 tor-0.2.8.9-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-81f9c6f0ae jasper-1.900.13-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-38e5b05260 tomcat-8.0.38-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-55ec95ac45 java-1.8.0-openjdk-aarch32-1.8.0.102-7.160812.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-92c112a380 kdepimlibs-4.14.10-15.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8acc6b66f1 quagga-0.99.24.1-4.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 17 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6cb65ea55b pungi-4.1.10-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bbf947ce05 libfm-1.2.4-8.D20161017git82b3a1a201.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b756078a17 menu-cache-1.0.1-3.D20161021git441f0ca9a1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-81f9c6f0ae jasper-1.900.13-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b01dbd9b2b xorg-x11-server-1.19.0-0.3.20161026.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b152cdd2b0 osinfo-db-20161026-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c95b940169 osinfo-db-tools-1.1.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7a0e28b12e kexec-tools-2.0.13-6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2517405b50 xorg-x11-server-utils-7.7-20.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a06e7cd4dc flatpak-0.6.13-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-03e00e79f6 kernel-4.8.4-301.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-37fc2e6e34 f25-backgrounds-25.1.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9aa484392b bluez-5.42-2.fc25 The following builds have been pushed to Fedora 25 updates-testing SDL2-2.0.5-2.fc25 blender-2.78-3.fc25 bluez-5.42-2.fc25 cloud-init-0.7.8-3.fc25 compose-utils-0.1.10-1.fc25 docker-1.12.2-5.git8f1975c.fc25 elmon-13b1-3.fc25 emacs-common-proofgeneral-4.4-1.fc25 f25-backgrounds-25.1.0-1.fc25 flatpak-0.6.13-1.fc25 gtkd-3.3.1-2.fc25 java-1.8.0-openjdk-aarch32-1.8.0.102-7.160812.fc25 javapoet-1.7.0-1.fc25 kdepimlibs-4.14.10-15.fc25 kernel-4.8.4-301.fc25 kexec-tools-2.0.13-6.fc25 libglvnd-0.2.999-6.git28867bb.fc25 libntirpc-1.4.3-1.fc25 libwmf-0.2.8.4-49.fc25 lighttpd-1.4.42-3.fc25 mate-themes-3.22.4-1.fc25 mingw-crt-5.0.0-1.fc25 mingw-headers-5.0.0-1.fc25 mingw-winpthreads-5.0.0-1.fc25 mycli-1.8.1-1.fc25 nordugrid-arc-5.2.0-1.fc25 nordugrid-arc-doc-2.0.10-1.fc25 openqa-4.4-27.20161022git1f44aeb.fc25 os-autoinst-4.4-6.20161021git9672031.fc25 osinfo-db-20161026-1.fc25 osinfo-db-tools-1.1.0-1.fc25 perl-BibTeX-Parser-0.69-1.fc25 perl-Dist-Zilla-Plugin-Test-Compile-2.055-1.fc25 perl-LaTeX-ToUnicode-0.04-1.fc25 perl-Unicode-Collate-1.16-1.fc25 psad-2.4.3-2.fc25 python-boto-2.43.0-1.fc25 python-curtsies-0.2.11-1.fc25 python-pandas-0.19.0-1.fc25 python-visitor-0.1.3-1.fc25 qemu-2.7.0-7.fc25 quagga-0.99.24.1-4.fc25 smokeping-2.6.11-1.fc25 spice-gtk-0.33-2.fc25 texlive-2016-17.20160520.fc25 tomcat-8.0.38-1.fc25 ufraw-0.22-3.fc25 vdr-epg-daemon-1.1.28-1.fc25 xmobar-0.24.3-2.fc25 xorg-x11-server-1.19.0-0.3.20161026.fc25 xorg-x11-server-utils-7.7-20.fc25 zanata-python-client-1.5.1-1.fc25 Details about builds: ================================================================================ SDL2-2.0.5-2.fc25 (FEDORA-2016-88ec5550a6) A cross-platform multimedia library -------------------------------------------------------------------------------- Update Information: fix FTBFS on ppc64/ppc64le -------------------------------------------------------------------------------- ================================================================================ blender-2.78-3.fc25 (FEDORA-2016-22219b9310) 3D modeling, animation, rendering and post-production -------------------------------------------------------------------------------- Update Information: This update address a rendering problem of user interface when selecting _international fonts_ from __User Preferences -> System__ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1382428 - None https://bugzilla.redhat.com/show_bug.cgi?id=1382428 -------------------------------------------------------------------------------- ================================================================================ bluez-5.42-2.fc25 (FEDORA-2016-9aa484392b) Bluetooth utilities -------------------------------------------------------------------------------- Update Information: Fix OBEX connections -------------------------------------------------------------------------------- ================================================================================ cloud-init-0.7.8-3.fc25 (FEDORA-2016-944f14574a) Cloud instance init scripts -------------------------------------------------------------------------------- Update Information: This update removes the need to explicitly configure cloud-init to work with DigitalOcean. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1388568 - None https://bugzilla.redhat.com/show_bug.cgi?id=1388568 -------------------------------------------------------------------------------- ================================================================================ compose-utils-0.1.10-1.fc25 (FEDORA-2016-a80f833fda) Utilities for working with composes -------------------------------------------------------------------------------- Update Information: Make the changelog less verbose: some of the less useful information is hidden behind a command line flag. This should make the compose report e-mails more readable. ---- * Add `COMPOSE_ID` file to root of copied fragment of compose * Don't automatically add source content to binary arch when copying compose. If any arch filter is specified, source has to be explicitly listed (`--arch=src`). When copying whole variant, all arches including sources are copied. * Add a script to convert metadata to legacy INI-style format. -------------------------------------------------------------------------------- ================================================================================ docker-1.12.2-5.git8f1975c.fc25 (FEDORA-2016-0ed0314ad7) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: built docker @projectatomic/docker-1.12 commit 8f1975c -------------------------------------------------------------------------------- ================================================================================ elmon-13b1-3.fc25 (FEDORA-2016-808126209f) Performance monitoring tool -------------------------------------------------------------------------------- Update Information: Initial import elmon into Fedora and EPEL -------------------------------------------------------------------------------- References: [ 1 ] Bug #1197517 - None https://bugzilla.redhat.com/show_bug.cgi?id=1197517 -------------------------------------------------------------------------------- ================================================================================ emacs-common-proofgeneral-4.4-1.fc25 (FEDORA-2016-c73f051f5a) Emacs mode for standard interaction interface for proof assistants -------------------------------------------------------------------------------- Update Information: See https://github.com/ProofGeneral/PG/blob/v4.4/CHANGES for the changes in this release. -------------------------------------------------------------------------------- ================================================================================ f25-backgrounds-25.1.0-1.fc25 (FEDORA-2016-37fc2e6e34) Fedora 25 default desktop background -------------------------------------------------------------------------------- Update Information: This update brings a set of 16 supplemental wallpapers for Fedora 25 release. -------------------------------------------------------------------------------- ================================================================================ flatpak-0.6.13-1.fc25 (FEDORA-2016-a06e7cd4dc) Application deployment framework for desktop apps -------------------------------------------------------------------------------- Update Information: Update to 0.6.13 -------------------------------------------------------------------------------- ================================================================================ gtkd-3.3.1-2.fc25 (FEDORA-2016-2a620794b3) D binding and OO wrapper of GTK+ -------------------------------------------------------------------------------- Update Information: Build vte bindings -------------------------------------------------------------------------------- ================================================================================ java-1.8.0-openjdk-aarch32-1.8.0.102-7.160812.fc25 (FEDORA-2016-55ec95ac45) OpenJDK Runtime Environment in a preview of the OpenJDK AArch32 project -------------------------------------------------------------------------------- Update Information: October 2016 CPU fixes: http://www.oracle.com/technetwork/security- advisory/cpuoct2016-2881722.html#AppendixJAVA -------------------------------------------------------------------------------- ================================================================================ javapoet-1.7.0-1.fc25 (FEDORA-2016-97f387face) A Java API for generating .java source files -------------------------------------------------------------------------------- Update Information: initial rpm -------------------------------------------------------------------------------- References: [ 1 ] Bug #1388344 - None https://bugzilla.redhat.com/show_bug.cgi?id=1388344 -------------------------------------------------------------------------------- ================================================================================ kdepimlibs-4.14.10-15.fc25 (FEDORA-2016-92c112a380) KDE PIM Libraries -------------------------------------------------------------------------------- Update Information: the new package fixes the CVE-2016-7966. for more info please take a look at https://www.kde.org/info/security/advisory-20161006-1.txt -------------------------------------------------------------------------------- References: [ 1 ] Bug #1382298 - CVE-2016-7966 CVE-2016-7967 CVE-2016-7968 kdepim4: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1382298 -------------------------------------------------------------------------------- ================================================================================ kernel-4.8.4-301.fc25 (FEDORA-2016-03e00e79f6) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.8.4 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ================================================================================ kexec-tools-2.0.13-6.fc25 (FEDORA-2016-7a0e28b12e) The kexec/kdump userspace component -------------------------------------------------------------------------------- Update Information: - add kexec support for arm64 (bug 925630) - support x86 kaslr which is enabled by default in F25 kernel, without this fix kdump default setup will not work on x86_64 -------------------------------------------------------------------------------- References: [ 1 ] Bug #925630 - None https://bugzilla.redhat.com/show_bug.cgi?id=925630 -------------------------------------------------------------------------------- ================================================================================ libglvnd-0.2.999-6.git28867bb.fc25 (FEDORA-2016-0a11edeaff) The GL Vendor-Neutral Dispatch library -------------------------------------------------------------------------------- Update Information: Fixes EGL crashes with nvidia driver ---- Fix an issue with some applications linked with both GLX and EGL https://github.com/NVIDIA/libglvnd/issues/103 -------------------------------------------------------------------------------- ================================================================================ libntirpc-1.4.3-1.fc25 (FEDORA-2016-22211c1f5f) New Transport Independent RPC Library -------------------------------------------------------------------------------- Update Information: libntirpc 1.4.3 GA -------------------------------------------------------------------------------- ================================================================================ libwmf-0.2.8.4-49.fc25 (FEDORA-2016-ceec85a7c4) Windows MetaFile Library -------------------------------------------------------------------------------- Update Information: * Sanity check wmf max record size field claim against size of input file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1388451 - None https://bugzilla.redhat.com/show_bug.cgi?id=1388451 -------------------------------------------------------------------------------- ================================================================================ lighttpd-1.4.42-3.fc25 (FEDORA-2016-bdaf8de088) Lightning fast webserver with light system requirements -------------------------------------------------------------------------------- Update Information: Split out mysql and gssapi authn modules. ---- 1.4.42, now with upstream mod_geoip. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1385640 - None https://bugzilla.redhat.com/show_bug.cgi?id=1385640 -------------------------------------------------------------------------------- ================================================================================ mate-themes-3.22.4-1.fc25 (FEDORA-2016-d2ec807f75) MATE Desktop themes -------------------------------------------------------------------------------- Update Information: update to 3.22.4 -------------------------------------------------------------------------------- ================================================================================ mingw-crt-5.0.0-1.fc25 (FEDORA-2016-d5b74862f8) MinGW Windows cross-compiler runtime -------------------------------------------------------------------------------- Update Information: mingw-w64 5.0.0 release. -------------------------------------------------------------------------------- ================================================================================ mingw-headers-5.0.0-1.fc25 (FEDORA-2016-d5b74862f8) Win32/Win64 header files -------------------------------------------------------------------------------- Update Information: mingw-w64 5.0.0 release. -------------------------------------------------------------------------------- ================================================================================ mingw-winpthreads-5.0.0-1.fc25 (FEDORA-2016-d5b74862f8) MinGW pthread library -------------------------------------------------------------------------------- Update Information: mingw-w64 5.0.0 release. -------------------------------------------------------------------------------- ================================================================================ mycli-1.8.1-1.fc25 (FEDORA-2016-17cc766119) Interactive CLI for MySQL Database with auto-completion and syntax highlighting -------------------------------------------------------------------------------- Update Information: Update to latest upstream release mycli 1.8.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1388279 - None https://bugzilla.redhat.com/show_bug.cgi?id=1388279 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-5.2.0-1.fc25 (FEDORA-2016-35014c80b6) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: ARC 5.2.0 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-doc-2.0.10-1.fc25 (FEDORA-2016-35014c80b6) Advanced Resource Connector Documentation -------------------------------------------------------------------------------- Update Information: ARC 5.2.0 -------------------------------------------------------------------------------- ================================================================================ openqa-4.4-27.20161022git1f44aeb.fc25 (FEDORA-2016-ed2c367a04) OS-level automated testing framework -------------------------------------------------------------------------------- Update Information: This update fixes several issues - mainly involving asset registration and cleanup. It also provides a newer git snapshot of os-autoinst, with various changes, and with a patch (submitted upstream) which allows os-autoinst to find OVMF firmware from the the Fedora `edk2-ovmf` package (previously it only knew the locations used by SUSE and by the packages from [kraxel.org](https://www.kraxel.org/repos/jenkins/edk2/)). -------------------------------------------------------------------------------- ================================================================================ os-autoinst-4.4-6.20161021git9672031.fc25 (FEDORA-2016-ed2c367a04) OS-level test automation -------------------------------------------------------------------------------- Update Information: This update fixes several issues - mainly involving asset registration and cleanup. It also provides a newer git snapshot of os-autoinst, with various changes, and with a patch (submitted upstream) which allows os-autoinst to find OVMF firmware from the the Fedora `edk2-ovmf` package (previously it only knew the locations used by SUSE and by the packages from [kraxel.org](https://www.kraxel.org/repos/jenkins/edk2/)). -------------------------------------------------------------------------------- ================================================================================ osinfo-db-20161026-1.fc25 (FEDORA-2016-b152cdd2b0) osinfo database files -------------------------------------------------------------------------------- Update Information: Update to new release -------------------------------------------------------------------------------- ================================================================================ osinfo-db-tools-1.1.0-1.fc25 (FEDORA-2016-c95b940169) Tools for managing the osinfo database -------------------------------------------------------------------------------- Update Information: Update to 1.1.0 release -------------------------------------------------------------------------------- ================================================================================ perl-BibTeX-Parser-0.69-1.fc25 (FEDORA-2016-50a2bc7997) Pure Perl BibTeX parser -------------------------------------------------------------------------------- Update Information: Update to texlive 2016. A large number of texlive components were updated as a result, and a number of bugs resolved. Additionally, the majority of scriptlets in the package have been converted to triggers. perl-LaTeX-ToUnicode and perl- BibTeX-Parser are new packages added to resolve dependencies. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095343 - None https://bugzilla.redhat.com/show_bug.cgi?id=1095343 [ 2 ] Bug #1309837 - None https://bugzilla.redhat.com/show_bug.cgi?id=1309837 [ 3 ] Bug #1319801 - None https://bugzilla.redhat.com/show_bug.cgi?id=1319801 [ 4 ] Bug #1351602 - None https://bugzilla.redhat.com/show_bug.cgi?id=1351602 [ 5 ] Bug #1352210 - None https://bugzilla.redhat.com/show_bug.cgi?id=1352210 [ 6 ] Bug #1368264 - None https://bugzilla.redhat.com/show_bug.cgi?id=1368264 [ 7 ] Bug #1381262 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381262 [ 8 ] Bug #1381303 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381303 [ 9 ] Bug #1381307 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381307 [ 10 ] Bug #1384586 - None https://bugzilla.redhat.com/show_bug.cgi?id=1384586 [ 11 ] Bug #1382447 - None https://bugzilla.redhat.com/show_bug.cgi?id=1382447 [ 12 ] Bug #1386328 - None https://bugzilla.redhat.com/show_bug.cgi?id=1386328 [ 13 ] Bug #1387355 - None https://bugzilla.redhat.com/show_bug.cgi?id=1387355 -------------------------------------------------------------------------------- ================================================================================ perl-Dist-Zilla-Plugin-Test-Compile-2.055-1.fc25 (FEDORA-2016-82d23e0925) Common tests to check syntax of your modules, only using core modules -------------------------------------------------------------------------------- Update Information: A new version of Dist::Zilla::Plugin::Test::Compile is available. See http://cpansearch.perl.org/src/ETHER/Dist-Zilla-Plugin-Test- Compile-2.055/Changes for the summary of changes in this release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1388082 - None https://bugzilla.redhat.com/show_bug.cgi?id=1388082 -------------------------------------------------------------------------------- ================================================================================ perl-LaTeX-ToUnicode-0.04-1.fc25 (FEDORA-2016-50a2bc7997) Convert LaTeX commands to Unicode -------------------------------------------------------------------------------- Update Information: Update to texlive 2016. A large number of texlive components were updated as a result, and a number of bugs resolved. Additionally, the majority of scriptlets in the package have been converted to triggers. perl-LaTeX-ToUnicode and perl- BibTeX-Parser are new packages added to resolve dependencies. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095343 - None https://bugzilla.redhat.com/show_bug.cgi?id=1095343 [ 2 ] Bug #1309837 - None https://bugzilla.redhat.com/show_bug.cgi?id=1309837 [ 3 ] Bug #1319801 - None https://bugzilla.redhat.com/show_bug.cgi?id=1319801 [ 4 ] Bug #1351602 - None https://bugzilla.redhat.com/show_bug.cgi?id=1351602 [ 5 ] Bug #1352210 - None https://bugzilla.redhat.com/show_bug.cgi?id=1352210 [ 6 ] Bug #1368264 - None https://bugzilla.redhat.com/show_bug.cgi?id=1368264 [ 7 ] Bug #1381262 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381262 [ 8 ] Bug #1381303 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381303 [ 9 ] Bug #1381307 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381307 [ 10 ] Bug #1384586 - None https://bugzilla.redhat.com/show_bug.cgi?id=1384586 [ 11 ] Bug #1382447 - None https://bugzilla.redhat.com/show_bug.cgi?id=1382447 [ 12 ] Bug #1386328 - None https://bugzilla.redhat.com/show_bug.cgi?id=1386328 [ 13 ] Bug #1387355 - None https://bugzilla.redhat.com/show_bug.cgi?id=1387355 -------------------------------------------------------------------------------- ================================================================================ perl-Unicode-Collate-1.16-1.fc25 (FEDORA-2016-782bf1ecf2) Unicode Collation Algorithm -------------------------------------------------------------------------------- Update Information: This release corrects documentation. It also improves tests. ---- This release adds support for Uyghur cyrilic locale. It also corrects license declaration and improves tests. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1388282 - None https://bugzilla.redhat.com/show_bug.cgi?id=1388282 [ 2 ] Bug #1387849 - None https://bugzilla.redhat.com/show_bug.cgi?id=1387849 -------------------------------------------------------------------------------- ================================================================================ psad-2.4.3-2.fc25 (FEDORA-2016-7eada51d4c) Port Scan Attack Detector (psad) watches for suspect traffic -------------------------------------------------------------------------------- Update Information: Many changes since the last 2.2.1 release available in Fedora. The most important ones are: * Added support for reading syslog messages from journalctl * Added support for systems with 'firewalld' * Dropped the bundled whois client (system whois client will be used instead if available) * Added native systemd service unit * Added missing SELinux rules preventing psad from running Full upstream changelog: https://github.com/mrash/psad/blob/master/ChangeLog -------------------------------------------------------------------------------- References: [ 1 ] Bug #1040425 - None https://bugzilla.redhat.com/show_bug.cgi?id=1040425 [ 2 ] Bug #1354548 - None https://bugzilla.redhat.com/show_bug.cgi?id=1354548 [ 3 ] Bug #1382875 - None https://bugzilla.redhat.com/show_bug.cgi?id=1382875 -------------------------------------------------------------------------------- ================================================================================ python-boto-2.43.0-1.fc25 (FEDORA-2016-c67a9b81ad) A simple, lightweight interface to Amazon Web Services -------------------------------------------------------------------------------- Update Information: This update adds support for the new us-east-2 region in Ohio, USA. -------------------------------------------------------------------------------- ================================================================================ python-curtsies-0.2.11-1.fc25 (FEDORA-2016-15cc0546bc) Curses-like terminal wrapper, with colored strings -------------------------------------------------------------------------------- Update Information: Update to latest upstream release curtsies 0.2.11. ---- Update to latest upstream release curtsies 0.2.10. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1383532 - None https://bugzilla.redhat.com/show_bug.cgi?id=1383532 [ 2 ] Bug #1387879 - None https://bugzilla.redhat.com/show_bug.cgi?id=1387879 -------------------------------------------------------------------------------- ================================================================================ python-pandas-0.19.0-1.fc25 (FEDORA-2016-ed2b0d9855) Python library providing high-performance data analysis tools -------------------------------------------------------------------------------- Update Information: New version 0.19.0. See changes here: http://pandas.pydata.org/#final- october-2-2016 In particular, the deprecated package pandas.io.data has been removed. Its functionality is provided now by the package python-pandas- datareader, it will be installed when upgrading python-pandas -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379686 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379686 -------------------------------------------------------------------------------- ================================================================================ python-visitor-0.1.3-1.fc25 (FEDORA-2016-260a2acc98) A tiny python visitor implementation -------------------------------------------------------------------------------- Update Information: Initial package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1382935 - None https://bugzilla.redhat.com/show_bug.cgi?id=1382935 -------------------------------------------------------------------------------- ================================================================================ qemu-2.7.0-7.fc25 (FEDORA-2016-c7dad5cb89) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * Fix PPC64 build with memlock file (bz #1387601) -------------------------------------------------------------------------------- ================================================================================ quagga-0.99.24.1-4.fc25 (FEDORA-2016-8acc6b66f1) Routing daemon -------------------------------------------------------------------------------- Update Information: This update addresses multiple security problems and fixes systemd dependencies. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1387654 - quagga daemons should pull in network.target into the boot transaction https://bugzilla.redhat.com/show_bug.cgi?id=1387654 [ 2 ] Bug #1386110 - CVE-2016-1245 quagga: Buffer Overflow in IPv6 RA handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1386110 [ 3 ] Bug #1331373 - CVE-2016-4049 quagga: denial of service vulnerability in BGP routing daemon [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1331373 [ 4 ] Bug #1316572 - CVE-2016-2342 quagga: VPNv4 NLRI parses memcpys to stack on unchecked length [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1316572 -------------------------------------------------------------------------------- ================================================================================ smokeping-2.6.11-1.fc25 (FEDORA-2016-b7dad297bb) Latency Logging and Graphing System -------------------------------------------------------------------------------- Update Information: Update to latest upstream release smokeping 2.6.11 and fix an error caused by smokeping starting to soon during boot. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1388583 - None https://bugzilla.redhat.com/show_bug.cgi?id=1388583 [ 2 ] Bug #1163347 - None https://bugzilla.redhat.com/show_bug.cgi?id=1163347 -------------------------------------------------------------------------------- ================================================================================ spice-gtk-0.33-2.fc25 (FEDORA-2016-df50191bc8) A GTK+ widget for SPICE clients -------------------------------------------------------------------------------- Update Information: Fix crash due clipboard failure with text conversion -------------------------------------------------------------------------------- References: [ 1 ] Bug #1384676 - None https://bugzilla.redhat.com/show_bug.cgi?id=1384676 -------------------------------------------------------------------------------- ================================================================================ texlive-2016-17.20160520.fc25 (FEDORA-2016-50a2bc7997) TeX formatting system -------------------------------------------------------------------------------- Update Information: Update to texlive 2016. A large number of texlive components were updated as a result, and a number of bugs resolved. Additionally, the majority of scriptlets in the package have been converted to triggers. perl-LaTeX-ToUnicode and perl- BibTeX-Parser are new packages added to resolve dependencies. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1095343 - None https://bugzilla.redhat.com/show_bug.cgi?id=1095343 [ 2 ] Bug #1309837 - None https://bugzilla.redhat.com/show_bug.cgi?id=1309837 [ 3 ] Bug #1319801 - None https://bugzilla.redhat.com/show_bug.cgi?id=1319801 [ 4 ] Bug #1351602 - None https://bugzilla.redhat.com/show_bug.cgi?id=1351602 [ 5 ] Bug #1352210 - None https://bugzilla.redhat.com/show_bug.cgi?id=1352210 [ 6 ] Bug #1368264 - None https://bugzilla.redhat.com/show_bug.cgi?id=1368264 [ 7 ] Bug #1381262 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381262 [ 8 ] Bug #1381303 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381303 [ 9 ] Bug #1381307 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381307 [ 10 ] Bug #1384586 - None https://bugzilla.redhat.com/show_bug.cgi?id=1384586 [ 11 ] Bug #1382447 - None https://bugzilla.redhat.com/show_bug.cgi?id=1382447 [ 12 ] Bug #1386328 - None https://bugzilla.redhat.com/show_bug.cgi?id=1386328 [ 13 ] Bug #1387355 - None https://bugzilla.redhat.com/show_bug.cgi?id=1387355 -------------------------------------------------------------------------------- ================================================================================ tomcat-8.0.38-1.fc25 (FEDORA-2016-38e5b05260) Apache Servlet/JSP Engine, RI for Servlet 3.1/JSP 2.3 API -------------------------------------------------------------------------------- Update Information: This updates includes a rebase from tomcat 8.0.36 up to 8.0.38 which resolves one CVE and a problem that 8.0.37 introduces to freeipa: * rhbz#1375581 - CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header and includes two additional CVE fixes along with one bug fix: * rhbz#1383210 CVE-2016-5425 tomcat: Local privilege escalation via systemd-tmpfiles service * rhbz#1383216 - CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation * rhbz#1370262 - catalina.out is no longer in use in the main package, but still gets rotated -------------------------------------------------------------------------------- References: [ 1 ] Bug #1375581 - CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1375581 [ 2 ] Bug #1383216 - CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1383216 [ 3 ] Bug #1383210 - CVE-2016-5425 tomcat: Local privilege escalation via systemd-tmpfiles service [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1383210 [ 4 ] Bug #1370262 - catalina.out is no longer in use in the main package, but still gets rotated https://bugzilla.redhat.com/show_bug.cgi?id=1370262 -------------------------------------------------------------------------------- ================================================================================ ufraw-0.22-3.fc25 (FEDORA-2016-30400a011c) Raw image data retrieval tool for digital cameras -------------------------------------------------------------------------------- Update Information: Add 2 patches from upsteam and re-enable lensfun, rhbz#1350210 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350210 - [abrt] ufraw: lfModifier::~lfModifier(): ufraw killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1350210 -------------------------------------------------------------------------------- ================================================================================ vdr-epg-daemon-1.1.28-1.fc25 (FEDORA-2016-7f586e99bb) A daemon to download EPG data from internet and manage it in a mysql database -------------------------------------------------------------------------------- Update Information: Update to 1.1.28 ---- Update to 1.1.27 -------------------------------------------------------------------------------- ================================================================================ xmobar-0.24.3-2.fc25 (FEDORA-2016-82a71c98bb) A minimalistic text-based status bar -------------------------------------------------------------------------------- Update Information: Update to 0.24.3, with updated weather urls https://hackage.haskell.org/package/xmobar-0.24.3/changelog -------------------------------------------------------------------------------- References: [ 1 ] Bug #1365335 - None https://bugzilla.redhat.com/show_bug.cgi?id=1365335 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-server-1.19.0-0.3.20161026.fc25 (FEDORA-2016-b01dbd9b2b) X.Org X11 X server -------------------------------------------------------------------------------- Update Information: - Sync with upstream git, bringing in a bunch if bug-fixes - Add some extra fixes which are pending upstream - This also adds PointerWarping emulation to Xwayland, which should improve compatiblity with many games -------------------------------------------------------------------------------- ================================================================================ xorg-x11-server-utils-7.7-20.fc25 (FEDORA-2016-2517405b50) X.Org X11 X server utilities -------------------------------------------------------------------------------- Update Information: Drop xsetmode. It's been broken for years -------------------------------------------------------------------------------- ================================================================================ zanata-python-client-1.5.1-1.fc25 (FEDORA-2016-adb89b2076) Python Client for Zanata Server -------------------------------------------------------------------------------- Update Information: Upstream update to 1.5.1-1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1368381 - None https://bugzilla.redhat.com/show_bug.cgi?id=1368381 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
