The following Fedora 25 Security updates need testing: Age URL 110 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170 chicken-4.11.0-3.fc25 61 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6dd3bc37c3 compat-guile18-1.8.8-14.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2d8fb6d7ad ipsilon-2.0.2-2.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f2a42c3b18 mingw-openjpeg2-2.1.2-2.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-daf90926d4 dovecot-2.2.27-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-04c687d2aa mapserver-7.0.3-1.git0f9ece8.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b59109c48 botan-1.10.14-3.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 27 https://bodhi.fedoraproject.org/updates/FEDORA-2016-56cfdb6815 nss-3.27.0-1.3.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a1231ada78 python-productmd-1.3-1.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2016-940ecb5c59 wpa_supplicant-2.6-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1d195fd2ad lxpanel-0.9.1-2.D20161125git138ff9b2.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9c25320b71 pungi-4.1.11-3.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc3ab3b292 tracker-1.10.2-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c29cd74155 python-lxml-3.7.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a8c33253d qt5-qtbase-5.7.0-6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-81125d299a realmd-0.16.2-7.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a50e12625a gnutls-3.5.7-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0510ab2764 lvm2-2.02.167-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-12a5b43e81 hwdata-0.295-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4171f5555c gtk3-3.22.5-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab324eaf7a libnl3-3.2.29-0.1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-19134704e4 xorg-x11-drv-libinput-0.23.0-1.fc25 The following builds have been pushed to Fedora 25 updates-testing adwaita-qt-0.95-1.fc25 botan-1.10.14-3.fc25 criu-2.9-1.fc25 docker-1.12.4-2.git1b5971a.fc25 dpm-dsi-1.9.11-1.fc25 fedpkg-1.26-3.fc25 future-0.16.0-2.fc25 gnutls-3.5.7-3.fc25 gst-transcoder-1.8.2-2.fc25 gstreamer1-plugin-mpg123-1.10.2-2.fc25 gtk3-3.22.5-1.fc25 hwdata-0.295-1.fc25 libnl3-3.2.29-0.1.fc25 libsodium-1.0.11-2.fc25 libvisio-0.1.5-5.fc25 lua-posix-33.3.1-3.fc25 lvm2-2.02.167-2.fc25 man-pages-4.06-3.fc25 meson-0.36.0-3.fc25 perl-Data-Validate-IP-0.27-1.fc25 perl-SNMP-Info-3.34-1.fc25 perl-TeX-Hyphen-1.18-1.fc25 php-horde-Horde-Service-Weather-2.5.3-1.fc25 python-ansible-tower-cli-3.0.2-1.fc25 python-geoip2-2.4.2-1.fc25 python-paramiko-2.1.0-1.fc25 python-pyvmomi-6.5-1.fc25 python-wcwidth-0.1.7-1.fc25 qemu-2.7.0-8.fc25 qt5-qtbase-5.7.0-6.fc25 realmd-0.16.2-7.fc25 rpkg-1.47-5.fc25 xlockmore-5.49-2.fc25 xorg-x11-drv-libinput-0.23.0-1.fc25 Details about builds: ================================================================================ adwaita-qt-0.95-1.fc25 (FEDORA-2016-f110212a52) Adwaita theme for Qt-based applications -------------------------------------------------------------------------------- Update Information: Update to 0.95 -------------------------------------------------------------------------------- ================================================================================ botan-1.10.14-3.fc25 (FEDORA-2016-3b59109c48) Crypto library written in C++ -------------------------------------------------------------------------------- Update Information: ### Botan 1.10.14 ### * NOTE WELL: Botan 1.10.x is supported for security patches only until 2017-12-31 * Fix integer overflow during BER decoding, found by Falko Strenzke. This bug is not thought to be directly exploitable but upgrading ASAP is advised. (CVE-2016-9132) * Fix two cases where (in error situations) an exception would be thrown from a destructor, causing a call to std::terminate. * When RC4 is disabled in the build, also prevent it from being included in the OpenSSL provider. (GH #638) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400894 - CVE-2016-9132 botan: Integer overflow in BER decoder https://bugzilla.redhat.com/show_bug.cgi?id=1400894 -------------------------------------------------------------------------------- ================================================================================ criu-2.9-1.fc25 (FEDORA-2016-d27eea83df) Tool for Checkpoint/Restore in User-space -------------------------------------------------------------------------------- Update Information: Update to 2.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403807 - criu-2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1403807 -------------------------------------------------------------------------------- ================================================================================ docker-1.12.4-2.git1b5971a.fc25 (FEDORA-2016-bb5ee53c0a) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: built docker @projectatomic/docker-1.12 commit 1b5971a ---- built docker @projectatomic/docker-1.12 commit 0423d89 ---- built docker @projectatomic/docker-1.12 commit 0423d89 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1401260 - SELinux is preventing chmod from 'setattr' accesses on the directory _data. https://bugzilla.redhat.com/show_bug.cgi?id=1401260 [ 2 ] Bug #1403398 - f25 - docker doesn't label overlay2 directory correctly https://bugzilla.redhat.com/show_bug.cgi?id=1403398 [ 3 ] Bug #1398861 - SELinux is preventing systemd from 'create' accesses on the unix_stream_socket Unknown. https://bugzilla.redhat.com/show_bug.cgi?id=1398861 -------------------------------------------------------------------------------- ================================================================================ dpm-dsi-1.9.11-1.fc25 (FEDORA-2016-d3c8f50902) Disk Pool Manager (DPM) plugin for the Globus GridFTP server -------------------------------------------------------------------------------- Update Information: * new upstream release -------------------------------------------------------------------------------- ================================================================================ fedpkg-1.26-3.fc25 (FEDORA-2016-ea5bded2cf) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information: This build contains changes needed for flag day on December 12. - Once you use this version to upload new sources, older versions of `fedpkg` will not be able to work with the package. - pkgs and lookaside site URL are changed. The new URL uses ``https``. You can see the new URls with ``-d`` and ``-v`` when ``clone`` and ``sources``. Changelog - rpkg, https://pagure.io/rpkg/blob/master/f/CHANGELOG.rst - fedpkg, https://pagure.io/fedpkg/blob/master/f/CHANGELOG.rst -------------------------------------------------------------------------------- References: [ 1 ] Bug #714726 - change --root option to --mock-config to fedpkg mockbuild https://bugzilla.redhat.com/show_bug.cgi?id=714726 [ 2 ] Bug #841516 - fedpkg scratch-build error message should be improved to tell you how to do a scratch build without pushing https://bugzilla.redhat.com/show_bug.cgi?id=841516 [ 3 ] Bug #1325775 - Working on branch without remote tracking branch fails due to unpushed changes https://bugzilla.redhat.com/show_bug.cgi?id=1325775 [ 4 ] Bug #1203757 - The description of fedpkg verify-files in the man page and help text is misleading https://bugzilla.redhat.com/show_bug.cgi?id=1203757 [ 5 ] Bug #1169663 - Build stops with "Could not execute scratch_build: There are unpushed changes in your repo" when there are no unpushed changes in the current branch https://bugzilla.redhat.com/show_bug.cgi?id=1169663 [ 6 ] Bug #1402882 - fedpkg local fails https://bugzilla.redhat.com/show_bug.cgi?id=1402882 -------------------------------------------------------------------------------- ================================================================================ future-0.16.0-2.fc25 (FEDORA-2016-91cb2446fd) Easy, clean, reliable Python 2/3 compatibility -------------------------------------------------------------------------------- Update Information: - Update to 0.16.0 -------------------------------------------------------------------------------- ================================================================================ gnutls-3.5.7-3.fc25 (FEDORA-2016-a50e12625a) A TLS protocol implementation -------------------------------------------------------------------------------- Update Information: Address PKCS#8 private key reading issues -------------------------------------------------------------------------------- References: [ 1 ] Bug #1404084 - GnuTLS 3.5.7-1 broke reading my private key https://bugzilla.redhat.com/show_bug.cgi?id=1404084 [ 2 ] Bug #1383105 - gnutls-3.5.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1383105 -------------------------------------------------------------------------------- ================================================================================ gst-transcoder-1.8.2-2.fc25 (FEDORA-2016-858d656c98) GStreamer Transcoding API -------------------------------------------------------------------------------- Update Information: Fixes in packaging -------------------------------------------------------------------------------- ================================================================================ gstreamer1-plugin-mpg123-1.10.2-2.fc25 (FEDORA-2016-e3c1201fe8) GStreamer plug-in for mp3 support through mpg123 -------------------------------------------------------------------------------- Update Information: Fix packaging issues -------------------------------------------------------------------------------- ================================================================================ gtk3-3.22.5-1.fc25 (FEDORA-2016-4171f5555c) The GIMP ToolKit (GTK+), a library for creating GUIs for X -------------------------------------------------------------------------------- Update Information: gtk+ 3.22.5 release. - 771242 opening menu for certain types of GtkComboBox causes Gdk-CRITICAL assertion... - 774114 Window shadows are repainted even if only the contents of the window change - 774265 No tilt for wintab devices - 774379 gdk: mingw64 builds segfault during initialization of Huion H610PRO wintab - 774686 GtkMenu does not unref all GtkCheckMenuItem it creates - 774695 GtkProgressbar needs full and empty classes - 774699 list iteration regression causes odd-indexed devices to be ignored during l... - 774743 GtkNotebook does not unref all GtkBuiltinIcon it creates - 774760 inspector: ensure controller is a GtkGesture - 774790 GtkTextHandle does not unref all GtkAdjustment it references - 774893 Application font sizes scaling gets clamped to 1.00 when starting GtkInspector - 774915 Destroying the parent of a subsurface causes _gdk_window_destroy_hierarchy:... - 774917 [wayland] child subsurfaces need to be placed relative to their parent - 774939 GtkLabelAccessible: Initialize link before setting parent - 775212 GtkScaleButton does not unref all GtkAdjustment it references - 775316 gtk_drag_source_set_icon_pixbuf references the pixbuf received once too much - 775319 gdk_window_get_toplevel() fails to return the toplevel of a child subsurface - 775525 gtk_flow_box_get_child_at_index shouldn't crash with an invalid index -------------------------------------------------------------------------------- References: [ 1 ] Bug #1366897 - Many apps crash in gdk_event_source_check when logging out of GNOME https://bugzilla.redhat.com/show_bug.cgi?id=1366897 -------------------------------------------------------------------------------- ================================================================================ hwdata-0.295-1.fc25 (FEDORA-2016-12a5b43e81) Hardware identification and configuration data -------------------------------------------------------------------------------- Update Information: Updated pci, usb and vendor ids. -------------------------------------------------------------------------------- ================================================================================ libnl3-3.2.29-0.1.fc25 (FEDORA-2016-ab324eaf7a) Convenience library for kernel netlink sockets -------------------------------------------------------------------------------- Update Information: Update to upstream release candidate 3.2.29-rc1 -------------------------------------------------------------------------------- ================================================================================ libsodium-1.0.11-2.fc25 (FEDORA-2016-e26bd81f8f) The Sodium crypto library -------------------------------------------------------------------------------- Update Information: Add static library in new "static" sub package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1404212 - Add static link library subpackage to libsodium https://bugzilla.redhat.com/show_bug.cgi?id=1404212 -------------------------------------------------------------------------------- ================================================================================ libvisio-0.1.5-5.fc25 (FEDORA-2016-7f2b4a9be9) A library for import of Microsoft Visio diagrams -------------------------------------------------------------------------------- Update Information: fix char background color in some cases -------------------------------------------------------------------------------- ================================================================================ lua-posix-33.3.1-3.fc25 (FEDORA-2016-37db176300) A POSIX library for Lua -------------------------------------------------------------------------------- Update Information: Fix FTBFS -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403991 - FTBFS: lua-posix-33.3.1-2.fc24 https://bugzilla.redhat.com/show_bug.cgi?id=1403991 -------------------------------------------------------------------------------- ================================================================================ lvm2-2.02.167-2.fc25 (FEDORA-2016-0510ab2764) Userland logical volume management tools -------------------------------------------------------------------------------- Update Information: Fix possible segfault in lvmetad when processing replies to lvmetad clients - lvm2 tools. -------------------------------------------------------------------------------- ================================================================================ man-pages-4.06-3.fc25 (FEDORA-2016-b7694f007e) Linux kernel and C library user-space interface documentation -------------------------------------------------------------------------------- Update Information: sched_setscheduler.2: mention SCHED_DEADLINE -------------------------------------------------------------------------------- References: [ 1 ] Bug #1390546 - SCHED_DEADLINE missing from 'sched_setscheduler' man page https://bugzilla.redhat.com/show_bug.cgi?id=1390546 -------------------------------------------------------------------------------- ================================================================================ meson-0.36.0-3.fc25 (FEDORA-2016-e10b1041db) High productivity build system -------------------------------------------------------------------------------- Update Information: Fixes in RPM macro -------------------------------------------------------------------------------- References: [ 1 ] Bug #1401062 - %meson -Denable_gudev=true does not work https://bugzilla.redhat.com/show_bug.cgi?id=1401062 -------------------------------------------------------------------------------- ================================================================================ perl-Data-Validate-IP-0.27-1.fc25 (FEDORA-2016-8bf43bfafe) Perl IP address validation routines -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1397130 - Upgrade perl-Data-Validate-IP to 0.27 https://bugzilla.redhat.com/show_bug.cgi?id=1397130 -------------------------------------------------------------------------------- ================================================================================ perl-SNMP-Info-3.34-1.fc25 (FEDORA-2016-569d2b803a) Object Oriented Perl5 Interface to Network devices and MIBs through SNMP -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1396861 - perl-SNMP-Info-3.34 is available https://bugzilla.redhat.com/show_bug.cgi?id=1396861 -------------------------------------------------------------------------------- ================================================================================ perl-TeX-Hyphen-1.18-1.fc25 (FEDORA-2016-7213cdf529) Hyphenate words using TeX's patterns -------------------------------------------------------------------------------- Update Information: Rebase to upstream version 1.18. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1404061 - perl-TeX-Hyphen-1.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1404061 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Service-Weather-2.5.3-1.fc25 (FEDORA-2016-ccf768e066) Horde Weather Provider -------------------------------------------------------------------------------- Update Information: **Horde_Service_Weather 2.5.3** * [mjr] Create standalone CLI script for generation of metar station data. * [mjr] Improve metar table creation performance. -------------------------------------------------------------------------------- ================================================================================ python-ansible-tower-cli-3.0.2-1.fc25 (FEDORA-2016-3931ad2366) A CLI tool for Ansible Tower -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ python-geoip2-2.4.2-1.fc25 (FEDORA-2016-20329297bd) MaxMind GeoIP2 API -------------------------------------------------------------------------------- Update Information: Update to 2.4.2 -------------------------------------------------------------------------------- ================================================================================ python-paramiko-2.1.0-1.fc25 (FEDORA-2016-f7db2f89c1) SSH2 protocol library for python -------------------------------------------------------------------------------- Update Information: Update to 2.1.0 -------------------------------------------------------------------------------- ================================================================================ python-pyvmomi-6.5-1.fc25 (FEDORA-2016-57c539e595) VMware vSphere Python SDK -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ python-wcwidth-0.1.7-1.fc25 (FEDORA-2016-9f1b69cc81) Measures number of Terminal column cells of wide-character codes -------------------------------------------------------------------------------- Update Information: update -------------------------------------------------------------------------------- ================================================================================ qemu-2.7.0-8.fc25 (FEDORA-2016-8d4209b9c2) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * Fix sending of data with -net socket (bz #1391497) * Fix keyboard issues with -ui gtk + host wayland (bz #1401211) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1391497 - qemu-kvm -net socket,listen -net socket,connect does not work anymore https://bugzilla.redhat.com/show_bug.cgi?id=1391497 [ 2 ] Bug #1401211 - keyboard issues with -ui gtk + host wayland https://bugzilla.redhat.com/show_bug.cgi?id=1401211 -------------------------------------------------------------------------------- ================================================================================ qt5-qtbase-5.7.0-6.fc25 (FEDORA-2016-3a8c33253d) Qt5 - QtBase components -------------------------------------------------------------------------------- Update Information: Backport QTBUG-53071 patch to resolve problem with latest tzdata. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1384553 - Problem with timezones after tzdata update https://bugzilla.redhat.com/show_bug.cgi?id=1384553 -------------------------------------------------------------------------------- ================================================================================ realmd-0.16.2-7.fc25 (FEDORA-2016-81125d299a) Kerberos realm enrollment service -------------------------------------------------------------------------------- Update Information: Add a fallback to TCP when trying to find a KDC -------------------------------------------------------------------------------- References: [ 1 ] Bug #1401605 - Adding Kerberos user fails for non-domain accounts https://bugzilla.redhat.com/show_bug.cgi?id=1401605 -------------------------------------------------------------------------------- ================================================================================ rpkg-1.47-5.fc25 (FEDORA-2016-ea5bded2cf) Utility for interacting with rpm+git packaging systems -------------------------------------------------------------------------------- Update Information: This build contains changes needed for flag day on December 12. - Once you use this version to upload new sources, older versions of `fedpkg` will not be able to work with the package. - pkgs and lookaside site URL are changed. The new URL uses ``https``. You can see the new URls with ``-d`` and ``-v`` when ``clone`` and ``sources``. Changelog - rpkg, https://pagure.io/rpkg/blob/master/f/CHANGELOG.rst - fedpkg, https://pagure.io/fedpkg/blob/master/f/CHANGELOG.rst -------------------------------------------------------------------------------- References: [ 1 ] Bug #714726 - change --root option to --mock-config to fedpkg mockbuild https://bugzilla.redhat.com/show_bug.cgi?id=714726 [ 2 ] Bug #841516 - fedpkg scratch-build error message should be improved to tell you how to do a scratch build without pushing https://bugzilla.redhat.com/show_bug.cgi?id=841516 [ 3 ] Bug #1325775 - Working on branch without remote tracking branch fails due to unpushed changes https://bugzilla.redhat.com/show_bug.cgi?id=1325775 [ 4 ] Bug #1203757 - The description of fedpkg verify-files in the man page and help text is misleading https://bugzilla.redhat.com/show_bug.cgi?id=1203757 [ 5 ] Bug #1169663 - Build stops with "Could not execute scratch_build: There are unpushed changes in your repo" when there are no unpushed changes in the current branch https://bugzilla.redhat.com/show_bug.cgi?id=1169663 [ 6 ] Bug #1402882 - fedpkg local fails https://bugzilla.redhat.com/show_bug.cgi?id=1402882 -------------------------------------------------------------------------------- ================================================================================ xlockmore-5.49-2.fc25 (FEDORA-2016-703a6cae7d) Screen lock and screen saver -------------------------------------------------------------------------------- Update Information: rebuilt -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403482 - update 5.49 https://bugzilla.redhat.com/show_bug.cgi?id=1403482 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-libinput-0.23.0-1.fc25 (FEDORA-2016-19134704e4) Xorg X11 libinput input driver -------------------------------------------------------------------------------- Update Information: libnput 0.23.0 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
