The following Fedora 25 Security updates need testing: Age URL 115 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170 chicken-4.11.0-3.fc25 66 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6dd3bc37c3 compat-guile18-1.8.8-14.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2d8fb6d7ad ipsilon-2.0.2-2.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-daf90926d4 dovecot-2.2.27-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-04c687d2aa mapserver-7.0.3-1.git0f9ece8.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b59109c48 botan-1.10.14-3.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1b868c23a9 xen-4.7.1-5.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-01eba63bcc FlightGear-2016.3.1-3.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fbf9f8b204 game-music-emu-0.6.1-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dd895763ac kernel-4.8.15-300.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fce8b939c9 python-wikitcms-2.1.10-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ca1d1e1dc1 freeipa-4.4.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f30fae0f67 nagios-plugins-2.1.4-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b83c6862d community-mysql-5.7.17-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2d0c8ba781 tarantool-1.6.9.52-1.fc25 msgpuck-1.1.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c404a59411 openjpeg2-2.1.2-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89ee54c661 mingw-openjpeg2-2.1.2-3.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 32 https://bodhi.fedoraproject.org/updates/FEDORA-2016-56cfdb6815 nss-3.27.0-1.3.fc25 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a1231ada78 python-productmd-1.3-1.fc25 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-940ecb5c59 wpa_supplicant-2.6-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1d195fd2ad lxpanel-0.9.1-2.D20161125git138ff9b2.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9c25320b71 pungi-4.1.11-3.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-66bc868b6e sssd-1.14.2-2.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6942fe63ed audit-2.7-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fc019e782c rpm-ostree-2016.13-1.fc25 ostree-2016.15-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-96670ae9a2 gvfs-1.30.3-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7a81d68310 lz4-1.7.4.2-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1038df7f22 pcre2-10.22-8.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-862fec4a9b meson-0.36.0-4.fc25 redhat-rpm-config-45-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab324eaf7a libnl3-3.2.29-0.2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d46b8cf07 qt5-qtdeclarative-5.7.1-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-37c1b46c83 python-mako-1.0.6-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c404a59411 openjpeg2-2.1.2-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-28f95ccb2f PackageKit-1.1.4-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-105067067a tracker-1.10.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-338552085d gnome-software-3.22.4-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c84dbd4b46 libbytesize-0.7-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dd895763ac kernel-4.8.15-300.fc25 The following builds have been pushed to Fedora 25 updates-testing PackageKit-1.1.4-2.fc25 atlas-3.10.2-14.fc25 blender-2.78a-4.fc25 community-mysql-5.7.17-1.fc25 daala-0-3.20161216git28de40b.fc25 devscripts-2.16.13-1.fc25 fedfind-3.2.3-1.fc25 flannel-0.6.2-1.fc25 freeipa-4.4.3-1.fc25 gnome-software-3.22.4-2.fc25 golang-bitbucket-kardianos-osext-0-0.13.hg364fb577de68.fc25 golang-bitbucket-ww-goautoneg-0-0.10.git75cd24fc2f2c.fc25 golang-github-akrennmair-gopcap-0-0.3.git00e1103.fc25 golang-github-beorn7-perks-0-0.8.gitb965b61.fc25 golang-github-bgentry-speakeasy-0-0.7.git36e9cfd.fc25 golang-github-boltdb-bolt-1.3.0-0.2.git583e893.fc25 golang-github-bugsnag-bugsnag-go-1.0.4-5.fc25 golang-github-bugsnag-panicwrap-1.1.0-0.3.gitaceac81.fc25 golang-github-cheggaaa-pb-0-0.3.gitda1f27a.fc25 golang-github-cockroachdb-cmux-0-0.4.git112f050.fc25 golang-github-coreos-go-semver-0-0.10.git568e959.fc25 golang-github-coreos-go-systemd-10-2.fc25 golang-github-coreos-pkg-0-0.10.gitfa29b1d.fc25 golang-github-dustin-go-humanize-0-0.3.git8929fe9.fc25 golang-github-ghodss-yaml-0-0.12.git73d445a.fc25 golang-github-godbus-dbus-3-0.5.gitc7fdd8b.fc25 golang-github-golang-sys-0-0.8.git62bee03.fc25 golang-github-google-btree-0-0.7.git7d79101.fc25 golang-github-grpc-ecosystem-grpc-gateway-1.0.0-0.2.gitf52d055.fc25 golang-github-mattn-go-runewidth-0-0.3.gitd6bea18.fc25 golang-github-olekukonko-tablewriter-0-0.4.gitcca8bbc.fc25 golang-github-olekukonko-ts-0-0.3.gitecf753e.fc25 golang-googlecode-go-crypto-0-0.12.gitc10c31b.fc25 golang-googlecode-gogoprotobuf-0.2-0.4.gite18d7aa.fc25 golang-gopkg-yaml-1-15.fc25 hatari-2.0.0-2.fc25 kernel-4.8.15-300.fc25 latexila-3.22.1-1.fc25 libbytesize-0.7-5.fc25 libebur128-1.2.0-1.fc25 lxqt-wallet-3.0.0-2.fc25 mariadb-10.1.20-1.fc25 mingw-openjpeg2-2.1.2-3.fc25 msgpuck-1.1.3-1.fc25 nagios-plugins-2.1.4-2.fc25 nordugrid-arc-5.2.1-1.fc25 nordugrid-arc-doc-2.0.12-1.fc25 ocp-0.1.22-0.10.git849cc42.fc25 openjpeg2-2.1.2-3.fc25 openqa-4.4-33.20161216git7addfed.fc25 os-autoinst-4.4-8.20161213git3050cfa.fc25 perl-File-KeePass-2.03-10.fc25 python-docopt-0.6.2-3.fc25 python-mako-1.0.6-1.fc25 python-wikitcms-2.1.10-1.fc25 qt5-qtdeclarative-5.7.1-5.fc25 qt5-qtserialbus-5.7.1-2.fc25 qt5-qtvirtualkeyboard-5.7.1-2.fc25 rubygem-font-awesome-rails-4.7.0.1-1.fc25 subdownloader-2.0.18-8.fc25 sway-0.11-0.rc3.fc25 tarantool-1.6.9.52-1.fc25 tracker-1.10.3-1.fc25 ufraw-0.22-4.fc25 uthash-2.0.1-1.fc25 znc-1.6.4-1.fc25 zulucrypt-5.0.2-2.fc25 Details about builds: ================================================================================ PackageKit-1.1.4-2.fc25 (FEDORA-2016-28f95ccb2f) Package management service -------------------------------------------------------------------------------- Update Information: This update improves the handling of skip_if_unavailable=True repos. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1383819 - copr repo makes gnome-software/pkcon unable to find software https://bugzilla.redhat.com/show_bug.cgi?id=1383819 -------------------------------------------------------------------------------- ================================================================================ atlas-3.10.2-14.fc25 (FEDORA-2016-1d3b1fc610) Automatically Tuned Linear Algebra Software -------------------------------------------------------------------------------- Update Information: Limit instruction set on x86_64 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1402627 - atlas-3.10.2-12.fc24 FTBFS https://bugzilla.redhat.com/show_bug.cgi?id=1402627 [ 2 ] Bug #1405397 - Atlas 3.10.2-13.fc25 from updates-testing breaks Octave https://bugzilla.redhat.com/show_bug.cgi?id=1405397 -------------------------------------------------------------------------------- ================================================================================ blender-2.78a-4.fc25 (FEDORA-2016-901e3c82e9) 3D modeling, animation, rendering and post-production -------------------------------------------------------------------------------- Update Information: This update addresses issues related to minizip requirement. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398451 - blender-2.78a-2.fc25.x86_64 requires minizip https://bugzilla.redhat.com/show_bug.cgi?id=1398451 -------------------------------------------------------------------------------- ================================================================================ community-mysql-5.7.17-1.fc25 (FEDORA-2016-9b83c6862d) MySQL client programs and shared libraries -------------------------------------------------------------------------------- Update Information: * Mon Dec 12 2016 Norvald H. Ryeng <norvald.ryeng@xxxxxxxxxx> - 5.7.17-1 - Update to MySQL 5.7.17, for various fixes described at https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html - Add new plugin: connnection_control.so - Add MySQL Group Replication: group_replication.so - Add numactl-devel to buildreq and enable NUMA support (if available) - Simplify boost path - Build compat-openssl10 in rawhide for now - Reqs. in -devel packages was incomplete -------------------------------------------------------------------------------- References: [ 1 ] Bug #1386607 - CVE-2016-3492 CVE-2016-5507 CVE-2016-5609 CVE-2016-5612 CVE-2016-5616 CVE-2016-5617 CVE-2016-5626 CVE-2016-5627 CVE-2016-5629 CVE-2016-5630 CVE-2016-8283 CVE-2016-8284 CVE-2016-8288 community-mysql: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1386607 [ 2 ] Bug #1342308 - community-mysql-5.7.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1342308 -------------------------------------------------------------------------------- ================================================================================ daala-0-3.20161216git28de40b.fc25 (FEDORA-2016-03784d8a6f) Daala video compression -------------------------------------------------------------------------------- Update Information: New package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1396478 - Review Request: daala - Daala video compression https://bugzilla.redhat.com/show_bug.cgi?id=1396478 -------------------------------------------------------------------------------- ================================================================================ devscripts-2.16.13-1.fc25 (FEDORA-2016-b2dda7e177) Scripts for Debian Package maintainers -------------------------------------------------------------------------------- Update Information: Update to version 2.16.13, see http://metadata.ftp- master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.13_changelog for details. ---- Update to 2.16.12, see http://metadata.ftp- master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.12_changelog for details. ---- Update to version 2.16.11, see http://metadata.ftp- master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.11_changelog for details. ---- Update to version 2.16.10, see http://metadata.ftp- master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.10_changelog for details. ---- Update to version 2.16.9, see http://metadata.ftp- master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.9_changelog for details. -------------------------------------------------------------------------------- ================================================================================ fedfind-3.2.3-1.fc25 (FEDORA-2016-dfa3ecd6e7) Fedora Finder finds Fedora -------------------------------------------------------------------------------- Update Information: This update adds support for the [post-release live respin composes](https://dl.fedoraproject.org/pub/alt/live-respins/) to fedfind. These work a little differently to most other compose types: please see the documentation for more information. This support is primarily intended to enable testing of these composes in [openQA](https://openqa.fedoraproject.org). -------------------------------------------------------------------------------- ================================================================================ flannel-0.6.2-1.fc25 (FEDORA-2016-0b0a3acf2f) Etcd address management agent for overlay networks -------------------------------------------------------------------------------- Update Information: Update to 0.6.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1396472 - Fedora - Missing flannel package for ppc64le architecture https://bugzilla.redhat.com/show_bug.cgi?id=1396472 -------------------------------------------------------------------------------- ================================================================================ freeipa-4.4.3-1.fc25 (FEDORA-2016-ca1d1e1dc1) The Identity, Policy and Audit system -------------------------------------------------------------------------------- Update Information: Rebase to upstream 4.4.3: http://www.freeipa.org/page/Releases/4.4.3 ---- - Fixes 1395311 - CVE-2016-9575 ipa: Insufficient permission check in certprofile- mod - Fixes 1370493 - CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy -------------------------------------------------------------------------------- References: [ 1 ] Bug #1395311 - CVE-2016-9575 ipa: Insufficient permission check in certprofile-mod https://bugzilla.redhat.com/show_bug.cgi?id=1395311 [ 2 ] Bug #1370493 - CVE-2016-7030 ipa: DoS attack against kerberized services by abusing password policy https://bugzilla.redhat.com/show_bug.cgi?id=1370493 -------------------------------------------------------------------------------- ================================================================================ gnome-software-3.22.4-2.fc25 (FEDORA-2016-338552085d) A software center for GNOME -------------------------------------------------------------------------------- Update Information: Fix update notes to show up on the updates page. -------------------------------------------------------------------------------- ================================================================================ golang-bitbucket-kardianos-osext-0-0.13.hg364fb577de68.fc25 (FEDORA-2016-c4ee889d64) Extensions to the standard Go OS package -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1254591 - Tracker for golang-bitbucket-kardianos-osext https://bugzilla.redhat.com/show_bug.cgi?id=1254591 -------------------------------------------------------------------------------- ================================================================================ golang-bitbucket-ww-goautoneg-0-0.10.git75cd24fc2f2c.fc25 (FEDORA-2016-27f8eeb2b1) HTTP Content-Type Autonegotiation -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1247619 - Tracker for golang-bitbucket-ww-goautoneg https://bugzilla.redhat.com/show_bug.cgi?id=1247619 -------------------------------------------------------------------------------- ================================================================================ golang-github-akrennmair-gopcap-0-0.3.git00e1103.fc25 (FEDORA-2016-c4056cefe0) A simple wrapper around libpcap for the Go programming language -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405532 - Tracker for golang-github-akrennmair-gopcap https://bugzilla.redhat.com/show_bug.cgi?id=1405532 -------------------------------------------------------------------------------- ================================================================================ golang-github-beorn7-perks-0-0.8.gitb965b61.fc25 (FEDORA-2016-70e8450134) Effective Computation of Things -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1248633 - Tracker for golang-github-beorn7-perks https://bugzilla.redhat.com/show_bug.cgi?id=1248633 -------------------------------------------------------------------------------- ================================================================================ golang-github-bgentry-speakeasy-0-0.7.git36e9cfd.fc25 (FEDORA-2016-5e3d0664ca) Golang helpers for reading password input without cgo -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250454 - Tracker for golang-github-bgentry-speakeasy https://bugzilla.redhat.com/show_bug.cgi?id=1250454 -------------------------------------------------------------------------------- ================================================================================ golang-github-boltdb-bolt-1.3.0-0.2.git583e893.fc25 (FEDORA-2016-748aa73ffe) A low-level key/value database for Go -------------------------------------------------------------------------------- Update Information: Polish the spec file ---- Bump to upstream 583e8937c61f1af6513608ccc75c97b6abdf4ff9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246207 - Tracker for golang-github-boltdb-bolt https://bugzilla.redhat.com/show_bug.cgi?id=1246207 -------------------------------------------------------------------------------- ================================================================================ golang-github-bugsnag-bugsnag-go-1.0.4-5.fc25 (FEDORA-2016-77a329ef2a) Automatic panic monitoring for golang, net/http and revel -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405699 - Tracker for golang-github-bugsnag-bugsnag-go https://bugzilla.redhat.com/show_bug.cgi?id=1405699 -------------------------------------------------------------------------------- ================================================================================ golang-github-bugsnag-panicwrap-1.1.0-0.3.gitaceac81.fc25 (FEDORA-2016-04eeaccdd3) Go library for catching and handling panics in Go applications -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1313834 - Tracker for golang-github-bugsnag-panicwrap https://bugzilla.redhat.com/show_bug.cgi?id=1313834 -------------------------------------------------------------------------------- ================================================================================ golang-github-cheggaaa-pb-0-0.3.gitda1f27a.fc25 (FEDORA-2016-8a23f0cfa7) Console progress bar for Golang -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405557 - Tracker for golang-github-cheggaaa-pb https://bugzilla.redhat.com/show_bug.cgi?id=1405557 -------------------------------------------------------------------------------- ================================================================================ golang-github-cockroachdb-cmux-0-0.4.git112f050.fc25 (FEDORA-2016-bd4724c661) Connection mux for serving different services on the same port -------------------------------------------------------------------------------- Update Information: Polish the spec file ---- skip tests -------------------------------------------------------------------------------- References: [ 1 ] Bug #1387177 - Tracker for golang-github-cockroachdb-cmux https://bugzilla.redhat.com/show_bug.cgi?id=1387177 -------------------------------------------------------------------------------- ================================================================================ golang-github-coreos-go-semver-0-0.10.git568e959.fc25 (FEDORA-2016-b34ffc2fc9) Go semantic versioning library -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1248718 - Tracker for golang-github-coreos-go-semver https://bugzilla.redhat.com/show_bug.cgi?id=1248718 -------------------------------------------------------------------------------- ================================================================================ golang-github-coreos-go-systemd-10-2.fc25 (FEDORA-2016-a5f08ef99c) Go bindings to systemd socket activation, journal and D-BUS APIs -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1248722 - Tracker for golang-github-coreos-go-systemd https://bugzilla.redhat.com/show_bug.cgi?id=1248722 -------------------------------------------------------------------------------- ================================================================================ golang-github-coreos-pkg-0-0.10.gitfa29b1d.fc25 (FEDORA-2016-b7e7a141b6) A collection of go utility packages -------------------------------------------------------------------------------- Update Information: Disable checks due to cyclic deps -------------------------------------------------------------------------------- References: [ 1 ] Bug #1245958 - Review Request: golang-github-coreos-pkg - A collection of go utility packages https://bugzilla.redhat.com/show_bug.cgi?id=1245958 -------------------------------------------------------------------------------- ================================================================================ golang-github-dustin-go-humanize-0-0.3.git8929fe9.fc25 (FEDORA-2016-3378438fa8) Formatters for units to human friendly sizes -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405624 - Tracker for golang-github-dustin-go-humanize https://bugzilla.redhat.com/show_bug.cgi?id=1405624 -------------------------------------------------------------------------------- ================================================================================ golang-github-ghodss-yaml-0-0.12.git73d445a.fc25 (FEDORA-2016-b0cc5e4352) A better way to marshal and unmarshal YAML in Golang -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249030 - Tracker for golang-github-ghodss-yaml https://bugzilla.redhat.com/show_bug.cgi?id=1249030 -------------------------------------------------------------------------------- ================================================================================ golang-github-godbus-dbus-3-0.5.gitc7fdd8b.fc25 (FEDORA-2016-1c5aefb134) Go client bindings for D-Bus -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1249043 - Tracker for golang-github-godbus-dbus https://bugzilla.redhat.com/show_bug.cgi?id=1249043 -------------------------------------------------------------------------------- ================================================================================ golang-github-golang-sys-0-0.8.git62bee03.fc25 (FEDORA-2016-c7e48bd201) Go packages for low-level interaction with the operating system -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360748 - update for s390x support https://bugzilla.redhat.com/show_bug.cgi?id=1360748 -------------------------------------------------------------------------------- ================================================================================ golang-github-google-btree-0-0.7.git7d79101.fc25 (FEDORA-2016-75c7799a43) BTree implementation for Go -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250460 - Tracker for golang-github-google-btree https://bugzilla.redhat.com/show_bug.cgi?id=1250460 -------------------------------------------------------------------------------- ================================================================================ golang-github-grpc-ecosystem-grpc-gateway-1.0.0-0.2.gitf52d055.fc25 (FEDORA-2016-d3e011b5f1) GRPC to JSON proxy generator -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405682 - Tracker for golang-github-grpc-ecosystem-grpc-gateway https://bugzilla.redhat.com/show_bug.cgi?id=1405682 -------------------------------------------------------------------------------- ================================================================================ golang-github-mattn-go-runewidth-0-0.3.gitd6bea18.fc25 (FEDORA-2016-b33216da14) Functions for getting fixed width of the character or string -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405690 - Tracker for golang-github-mattn-go-runewidth https://bugzilla.redhat.com/show_bug.cgi?id=1405690 -------------------------------------------------------------------------------- ================================================================================ golang-github-olekukonko-tablewriter-0-0.4.gitcca8bbc.fc25 (FEDORA-2016-cc5e27e756) ASCII table in golang -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1320304 - Tracker for golang-github-olekukonko-tablewriter https://bugzilla.redhat.com/show_bug.cgi?id=1320304 -------------------------------------------------------------------------------- ================================================================================ golang-github-olekukonko-ts-0-0.3.gitecf753e.fc25 (FEDORA-2016-d18469d752) Simple go Application to get Terminal Size -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405558 - Tracker for golang-github-olekukonko-ts https://bugzilla.redhat.com/show_bug.cgi?id=1405558 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-go-crypto-0-0.12.gitc10c31b.fc25 (FEDORA-2016-8457448660) Supplementary Go cryptography libraries -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1231618 - Tracker for golang-googlecode-go-crypto https://bugzilla.redhat.com/show_bug.cgi?id=1231618 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-gogoprotobuf-0.2-0.4.gite18d7aa.fc25 (FEDORA-2016-dc4b8fe5fd) A fork of goprotobuf with several extra features -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246215 - Tracker for golang-googlecode-gogoprotobuf https://bugzilla.redhat.com/show_bug.cgi?id=1246215 -------------------------------------------------------------------------------- ================================================================================ golang-gopkg-yaml-1-15.fc25 (FEDORA-2016-8fe2c82506) Enables Go programs to comfortably encode and decode YAML values -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1250524 - Tracker for golang-gopkg-yaml https://bugzilla.redhat.com/show_bug.cgi?id=1250524 -------------------------------------------------------------------------------- ================================================================================ hatari-2.0.0-2.fc25 (FEDORA-2016-6346ff56f6) An Atari ST/STE/TT/Falcon emulator suitable for playing games -------------------------------------------------------------------------------- Update Information: * Hatari can use SDL2, this will take advantage of HW acceleration on the host PC and greatly enhance perfomance on OSX for example * Hatari now uses one single CPU core for all machines (ST, STE, TT, Falcon). No more need for 2 different binaries * Video emulation now supports the 4 STF wakeup states for MMU/GLUE and a much more accurate state machine for border removal * CPU emulation was improved a lot by using WinUAE's CPU and fixing some low level behaviour : IACK sequence, exception/interrupt stacking, 2 cycle accesses, bus accesses timing depending on memory region, instruction pairing, ... * Falcon DMA sound was fixed * Support for MegaST and MegaSTE machine types * Improvements to Gemdos HD emulation * SDL UI reworked with more options * Resizable window when using SDL2 (using HW acceleration) -------------------------------------------------------------------------------- ================================================================================ kernel-4.8.15-300.fc25 (FEDORA-2016-dd895763ac) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.8.15 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1404924 - CVE-2016-9588 Kernel: kvm: nVMX: uncaught software exceptions in L1 guest leads to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1404924 -------------------------------------------------------------------------------- ================================================================================ latexila-3.22.1-1.fc25 (FEDORA-2016-12de1d7dd9) Integrated LaTeX Environment for the GNOME desktop -------------------------------------------------------------------------------- Update Information: Latexila 3.22.1 release with translation updates. -------------------------------------------------------------------------------- ================================================================================ libbytesize-0.7-5.fc25 (FEDORA-2016-c84dbd4b46) A library for working with sizes in bytes -------------------------------------------------------------------------------- Update Information: Neutralize None as an operand for math operations (vpodzime) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1404361 - segfault in bs_size_add during F25 install https://bugzilla.redhat.com/show_bug.cgi?id=1404361 -------------------------------------------------------------------------------- ================================================================================ libebur128-1.2.0-1.fc25 (FEDORA-2016-cd3140798e) A library that implements the EBU R 128 standard for loudness normalization -------------------------------------------------------------------------------- Update Information: Update to 1.2.0 after unretiring the package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1396406 - Review Request: libebur128 - A library that implements the EBU R 128 standard for loudness normalization https://bugzilla.redhat.com/show_bug.cgi?id=1396406 [ 2 ] Bug #1260813 - libebur128-v1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1260813 -------------------------------------------------------------------------------- ================================================================================ lxqt-wallet-3.0.0-2.fc25 (FEDORA-2016-84d4186ab5) Create a kwallet like functionality for LXQt -------------------------------------------------------------------------------- Update Information: lxqt_wallet 3.0.0-2 - - rebuilt for latest Qt5 zuluCrypt 5.0.2-2 - - rebuilt for latest Qt5 - add support for unlocking ecryptfs volumes in zuluMount-gui (ecryptfs-simple[1] tool must already be installed) [1] https://github.com/mhogomchungu/ecryptfs-simple Review Request: rhbz#1402590 - solved a problem that caused a hang when creating/unlocking volumes some users were experiencing. - embedded support for PolicyKit -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400754 - zulucrypt-5.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1400754 -------------------------------------------------------------------------------- ================================================================================ mariadb-10.1.20-1.fc25 (FEDORA-2016-91a38ea10f) A community developed branch of MySQL -------------------------------------------------------------------------------- Update Information: Rebase to version 10.1.20 https://mariadb.com/kb/en/mariadb/mariadb-10120 -release-notes/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405258 - mariadb-10.1.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1405258 -------------------------------------------------------------------------------- ================================================================================ mingw-openjpeg2-2.1.2-3.fc25 (FEDORA-2016-89ee54c661) MinGW Windows openjpeg2 library -------------------------------------------------------------------------------- Update Information: This update fixes CVE-2016-9580 and CVE-2016-9581. ---- This update adds a patch to fix CVE-2016-9573 and CVE-2016-9572. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405128 - CVE-2016-9580 openjpeg2: Integer overflow in tiftoimage causes heap buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1405128 [ 2 ] Bug #1405135 - CVE-2016-9581 openjpeg2: Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1 https://bugzilla.redhat.com/show_bug.cgi?id=1405135 -------------------------------------------------------------------------------- ================================================================================ msgpuck-1.1.3-1.fc25 (FEDORA-2016-2d0c8ba781) MsgPack binary serialization library in a self-contained header -------------------------------------------------------------------------------- Update Information: Fix CVE-2016-9036 and CVE-2016-9037. These vulnerabilities are embargoed, but Mitre will publish them in the next couple days. -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-2.1.4-2.fc25 (FEDORA-2016-f30fae0f67) Host/service/network monitoring program plugins for Nagios -------------------------------------------------------------------------------- Update Information: Updated to 2.1.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #752949 - ldap_bind: Can't contact LDAP server via SSL https://bugzilla.redhat.com/show_bug.cgi?id=752949 [ 2 ] Bug #1368089 - check_file_age broken https://bugzilla.redhat.com/show_bug.cgi?id=1368089 [ 3 ] Bug #1335245 - check_mailq fails with syntax error https://bugzilla.redhat.com/show_bug.cgi?id=1335245 [ 4 ] Bug #1362322 - nagios-plugins-2.1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1362322 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-5.2.1-1.fc25 (FEDORA-2016-6c8c619311) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: ARC 5.2.1 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-doc-2.0.12-1.fc25 (FEDORA-2016-6c8c619311) Advanced Resource Connector Documentation -------------------------------------------------------------------------------- Update Information: ARC 5.2.1 -------------------------------------------------------------------------------- ================================================================================ ocp-0.1.22-0.10.git849cc42.fc25 (FEDORA-2016-7a4df46f96) Open Cubic Player for MOD/S3M/XM/IT/MIDI music files -------------------------------------------------------------------------------- Update Information: Re-enable libmad for mp3 support -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400073 - ocp: re-enable Mp3 support https://bugzilla.redhat.com/show_bug.cgi?id=1400073 -------------------------------------------------------------------------------- ================================================================================ openjpeg2-2.1.2-3.fc25 (FEDORA-2016-c404a59411) C-Library for JPEG 2000 -------------------------------------------------------------------------------- Update Information: This update fixes CVE-2016-9580 and CVE-2016-9581. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405128 - CVE-2016-9580 openjpeg2: Integer overflow in tiftoimage causes heap buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1405128 [ 2 ] Bug #1405135 - CVE-2016-9581 openjpeg2: Infinite loop in tiftoimage resulting into heap buffer overflow in convert_32s_C1P1 https://bugzilla.redhat.com/show_bug.cgi?id=1405135 -------------------------------------------------------------------------------- ================================================================================ openqa-4.4-33.20161216git7addfed.fc25 (FEDORA-2016-ad7b36a0d0) OS-level automated testing framework -------------------------------------------------------------------------------- Update Information: This update provides recent git snapshots of both openQA and os-autoinst, with various fixes and enhancements from upstream. For more details, see the upstream changelogs. -------------------------------------------------------------------------------- ================================================================================ os-autoinst-4.4-8.20161213git3050cfa.fc25 (FEDORA-2016-ad7b36a0d0) OS-level test automation -------------------------------------------------------------------------------- Update Information: This update provides recent git snapshots of both openQA and os-autoinst, with various fixes and enhancements from upstream. For more details, see the upstream changelogs. -------------------------------------------------------------------------------- ================================================================================ perl-File-KeePass-2.03-10.fc25 (FEDORA-2016-f3fd15a179) Interface to KeePass V1 and V2 database files -------------------------------------------------------------------------------- Update Information: Add Requires so compression, MIME, and XML decoding work correctly -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328327 - Unable to open keepass 2 database https://bugzilla.redhat.com/show_bug.cgi?id=1328327 -------------------------------------------------------------------------------- ================================================================================ python-docopt-0.6.2-3.fc25 (FEDORA-2016-a6c9ed16df) Pythonic argument parser, that will make you smile -------------------------------------------------------------------------------- Update Information: Packaging fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405639 - python-docopt requires devel/test libraries https://bugzilla.redhat.com/show_bug.cgi?id=1405639 -------------------------------------------------------------------------------- ================================================================================ python-mako-1.0.6-1.fc25 (FEDORA-2016-37c1b46c83) Mako template library for Python -------------------------------------------------------------------------------- Update Information: Update to 1.0.6 (#1257376). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1257376 - python-mako-1.0.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1257376 -------------------------------------------------------------------------------- ================================================================================ python-wikitcms-2.1.10-1.fc25 (FEDORA-2016-fce8b939c9) Fedora QA wiki test management Python library -------------------------------------------------------------------------------- Update Information: This update contains a **SECURITY** fix for an issue with potentially serious consequences but very limited scope. If an administrator of a wiki you talked to using python-wikitcms were malicious, they could cause arbitrary code execution as the user running wikitcms. No-one besides a wiki administrator could do this, as it requires crafting the wiki's response to an edit request to include a malicious payload. It also drops some now useless or unneeded code (due to changes in mediawiki and mwclient). -------------------------------------------------------------------------------- ================================================================================ qt5-qtdeclarative-5.7.1-5.fc25 (FEDORA-2016-4d46b8cf07) Qt5 - QtDeclarative component -------------------------------------------------------------------------------- Update Information: Restore -doc package. -------------------------------------------------------------------------------- ================================================================================ qt5-qtserialbus-5.7.1-2.fc25 (FEDORA-2016-ebd5982688) Qt5 - SerialPort component -------------------------------------------------------------------------------- Update Information: Qt 5.7.1 bugfix release. -------------------------------------------------------------------------------- ================================================================================ qt5-qtvirtualkeyboard-5.7.1-2.fc25 (FEDORA-2016-c3d37c0ec9) Qt5 - VirtualKeyboard component -------------------------------------------------------------------------------- Update Information: Qt 5.7.1 bugfix release. -------------------------------------------------------------------------------- ================================================================================ rubygem-font-awesome-rails-4.7.0.1-1.fc25 (FEDORA-2016-1abf1c8884) An asset gemification of the font-awesome icon font library -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1404490 - rubygem-font-awesome-rails-4.7.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1404490 -------------------------------------------------------------------------------- ================================================================================ subdownloader-2.0.18-8.fc25 (FEDORA-2016-4e4986afc1) Program for download/upload subtitles for video files and DVDs -------------------------------------------------------------------------------- Update Information: Copy some scripts from opensuse rpm [1], use gui/images/subdownloader.png instead -------------------------------------------------------------------------------- References: [ 1 ] Bug #1282270 - package has subdownloader dir in / https://bugzilla.redhat.com/show_bug.cgi?id=1282270 [ 2 ] Bug #1299172 - Download of subtitle failed https://bugzilla.redhat.com/show_bug.cgi?id=1299172 -------------------------------------------------------------------------------- ================================================================================ sway-0.11-0.rc3.fc25 (FEDORA-2016-50f12ff581) i3-compatible window manager for Wayland -------------------------------------------------------------------------------- Update Information: Update ---- Update. **WARNING:** if you are using your own config file, add ``` include /etc/sway/config.d/* ``` At the end of it, otherwise nothing will work on Wayland -------------------------------------------------------------------------------- References: [ 1 ] Bug #1401349 - sway-0.11-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1401349 -------------------------------------------------------------------------------- ================================================================================ tarantool-1.6.9.52-1.fc25 (FEDORA-2016-2d0c8ba781) In-memory database and Lua application server -------------------------------------------------------------------------------- Update Information: Fix CVE-2016-9036 and CVE-2016-9037. These vulnerabilities are embargoed, but Mitre will publish them in the next couple days. -------------------------------------------------------------------------------- ================================================================================ tracker-1.10.3-1.fc25 (FEDORA-2016-105067067a) Desktop-neutral search tool and indexer -------------------------------------------------------------------------------- Update Information: This update makes tracker work again on i686 after recently added sandboxing code regressed it. -------------------------------------------------------------------------------- ================================================================================ ufraw-0.22-4.fc25 (FEDORA-2016-b2ef7d32a8) Raw image data retrieval tool for digital cameras -------------------------------------------------------------------------------- Update Information: Fix crash on destroy of lensfun object with PEF images (#1350210) ---- Add 2 patches from upsteam and re-enable lensfun, rhbz#1350210 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350210 - [abrt] ufraw: lfModifier::~lfModifier(): ufraw killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1350210 -------------------------------------------------------------------------------- ================================================================================ uthash-2.0.1-1.fc25 (FEDORA-2016-0f9f515bb7) A hash table for C structures -------------------------------------------------------------------------------- Update Information: ### Update to v2.0.1 * Introduce libut / libvector * Add BR: perl -------------------------------------------------------------------------------- References: [ 1 ] Bug #1401591 - uthash-1.9.9-10.fc24 FTBFS https://bugzilla.redhat.com/show_bug.cgi?id=1401591 -------------------------------------------------------------------------------- ================================================================================ znc-1.6.4-1.fc25 (FEDORA-2016-cd42eb69d8) An advanced IRC bouncer -------------------------------------------------------------------------------- Update Information: Update to 1.6.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1402101 - znc-1.6.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1402101 [ 2 ] Bug #1391300 - Nothing owns %_libdir/znc https://bugzilla.redhat.com/show_bug.cgi?id=1391300 [ 3 ] Bug #1383989 - znc-1.6.3-5.fc26 FTBFS against OpenSSL 1.1.0 https://bugzilla.redhat.com/show_bug.cgi?id=1383989 -------------------------------------------------------------------------------- ================================================================================ zulucrypt-5.0.2-2.fc25 (FEDORA-2016-84d4186ab5) Qt GUI front end to cryptsetup -------------------------------------------------------------------------------- Update Information: lxqt_wallet 3.0.0-2 - - rebuilt for latest Qt5 zuluCrypt 5.0.2-2 - - rebuilt for latest Qt5 - add support for unlocking ecryptfs volumes in zuluMount-gui (ecryptfs-simple[1] tool must already be installed) [1] https://github.com/mhogomchungu/ecryptfs-simple Review Request: rhbz#1402590 - solved a problem that caused a hang when creating/unlocking volumes some users were experiencing. - embedded support for PolicyKit -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400754 - zulucrypt-5.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1400754 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx