The following Fedora 25 Security updates need testing: Age URL 135 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170 chicken-4.11.0-3.fc25 86 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6dd3bc37c3 compat-guile18-1.8.8-14.fc25 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c614315d29 squid-4.0.17-1.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-87dc28b1a0 w3m-0.5.3-27.git20161120.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0d976df9e mingw-flac-1.3.2-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7b181f9c98 qpid-java-6.0.4-5.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-16a7aa8e4f springframework-security-3.2.10-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e6a9108cce onionshare-0.9.1-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6a2709f065 SimGear-2016.3.1-3.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 42 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a1231ada78 python-productmd-1.3-1.fc25 42 https://bodhi.fedoraproject.org/updates/FEDORA-2016-940ecb5c59 wpa_supplicant-2.6-1.fc25 28 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9c25320b71 pungi-4.1.11-3.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab324eaf7a libnl3-3.2.29-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-44bc42c388 gnome-session-3.22.2-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-771f40424b koji-1.11.0-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1e3e237ac8 mesa-13.0.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ed34b2ad09 osinfo-db-20170107-1.fc25 The following builds have been pushed to Fedora 25 updates-testing container-selinux-2.2-1.fc25 docker-1.12.5-5.git03508cc.fc25 emacs-slime-2.12-4.fc25.1 fail2ban-0.9.6-1.fc25 fflas-ffpack-2.2.2-3.fc25 glusterfs-3.9.0-2.fc25 inxi-2.3.7-1.fc25 keycloak-httpd-client-install-0.5-1.fc25 koji-1.11.0-3.fc25 libcec-4.0.1-1.fc25 lilypond-2.19.54-2.fc25 linbox-1.4.2-5.fc25 loopabull-0.0.5-1.fc25 mesa-13.0.3-1.fc25 openms-2.1.0-3.fc25 osinfo-db-20170107-1.fc25 pesign-0.112-5.fc25 php-simplepie-1.4.3-2.fc25 python-argcomplete-1.7.0-1.fc25 python-cerberus-1.0.1-2.fc25 python-click-6.7-1.fc25 python-django-netjsongraph-0.2.2-1.fc25 python-httpretty-0.8.14-1.20161011git70af1f8.fc25 python-phyghtmap-1.80-1.fc25 python-sure-1.4.0-1.fc25 qconf-2.0-5.fc25 runc-1.0.0-2.rc2.git47ea5c7.fc25 texstudio-2.12.0-1.fc25 wxGTK3-3.0.2-32.fc25 xonsh-0.5.2-1.fc25 Details about builds: ================================================================================ container-selinux-2.2-1.fc25 (FEDORA-2017-92edc8ea7f) SELinux policies for container runtimes -------------------------------------------------------------------------------- Update Information: bump to v2.2 ---- install policy at level 200 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1406517 - Review Request: container-selinux - Summary: SELinux policies for container runtimes https://bugzilla.redhat.com/show_bug.cgi?id=1406517 -------------------------------------------------------------------------------- ================================================================================ docker-1.12.5-5.git03508cc.fc25 (FEDORA-2017-fb74388582) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: use container-selinux >= 2:2.0-2 -------------------------------------------------------------------------------- ================================================================================ emacs-slime-2.12-4.fc25.1 (FEDORA-2017-5a347357a4) The superior lisp interaction mode for emacs -------------------------------------------------------------------------------- Update Information: This brings in a patch from f23/f24. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1409044 - emacs-slime package missing swank files https://bugzilla.redhat.com/show_bug.cgi?id=1409044 -------------------------------------------------------------------------------- ================================================================================ fail2ban-0.9.6-1.fc25 (FEDORA-2017-33e3a599fa) Daemon to ban hosts that cause multiple authentication errors -------------------------------------------------------------------------------- Update Information: Update to 0.9.6: * Misleading add resp. enable of (already available) jail in database, that induced a subsequent error: last position of log file will be never retrieved (gh-795) * Fixed a distribution related bug within testReadStockJailConfForceEnabled (e.g. test-cases faults on Fedora, see gh-1353) * Fixed pythonic filters and test scripts (running via wrong python version, uses "fail2ban-python" now); * Fixed test case "testSetupInstallRoot" for not default python version (also using direct call, out of virtualenv); * Fixed ambiguous wrong recognized date pattern resp. its optional parts (see gh-1512); * FIPS compliant, use sha1 instead of md5 if it not allowed (see gh-1540) * Monit config: scripting is not supported in path (gh-1556) * `filter.d/apache-modsecurity.conf` - Fixed for newer version (one space, gh-1626), optimized: non-greedy catch-all replaced for safer match, unneeded catch-all anchoring removed, non-capturing * `filter.d/asterisk.conf` - Fixed to match different asterisk log prefix (source file: method:) * `filter.d/dovecot.conf` - Fixed failregex ignores failures through some not relevant info (gh-1623) * `filter.d/ignorecommands/apache-fakegooglebot` - Fixed error within apache-fakegooglebot, that will be called with wrong python version (gh-1506) * `filter.d/assp.conf` - Extended failregex and test cases to handle ASSP V1 and V2 (gh-1494) * `filter.d/postfix-sasl.conf` - Allow for having no trailing space after 'failed:' (gh-1497) * `filter.d/vsftpd.conf` - Optional reason part in message after FAIL LOGIN (gh-1543) * `filter.d/sendmail-reject.conf` - removed mandatory double space (if dns-host available, gh-1579) * filter.d/sshd.conf - recognized "Failed publickey for" (gh-1477); - optimized failregex to match all of "Failed any- method for ... from <HOST>" (gh-1479) - eliminated possible complex injections (on user-name resp. auth-info, see gh-1479) - optional port part after host (see gh-1533, gh-1581) * New Actions: - `action.d/npf.conf` for NPF, the latest packet filter for NetBSD * New Filters: - `filter.d/mongodb- auth.conf` for MongoDB (document-oriented NoSQL database engine) (gh-1586, gh-1606 and gh-1607) * DateTemplate regexp extended with the word-end boundary, additionally to word-start boundary * Introduces new command "fail2ban- python", as automatically created symlink to python executable, where fail2ban currently installed (resp. its modules are located): - allows to use the same version, fail2ban currently running, e.g. in external scripts just via replace python with fail2ban-python: ```diff -#!/usr/bin/env python +#!/usr/bin/env fail2ban-python ``` - always the same pickle protocol - the same (and also guaranteed available) fail2ban modules - simplified stand-alone install, resp. stand-alone installation possibility via setup (like gh-1487) is getting closer * Several test cases rewritten using new methods assertIn, assertNotIn * New forward compatibility method assertRaisesRegexp (normally python >= 2.7). Methods assertIn, assertNotIn, assertRaisesRegexp, assertLogged, assertNotLogged are test covered now * Jail configuration extended with new syntax to pass options to the backend (see gh-1408), examples: - `backend = systemd[journalpath=/run/log/journal/machine-1]` - `backend = systemd[journalfiles="/run/log/journal/machine-1/system.journal, /run/log/journal/machine-1/user.journal"]` - `backend = systemd[journalflags=2]` Fix sendmail-auth filter (bug #1329919) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1329919 - sendmail-auth.conf filter never matchs on failregex condition https://bugzilla.redhat.com/show_bug.cgi?id=1329919 -------------------------------------------------------------------------------- ================================================================================ fflas-ffpack-2.2.2-3.fc25 (FEDORA-2017-acddb341de) Finite field linear algebra subroutines -------------------------------------------------------------------------------- Update Information: This update fixes the fflas-ffpack and linbox builds for big endian architectures. These packages are unchanged from the previous builds for little endian architectures. -------------------------------------------------------------------------------- ================================================================================ glusterfs-3.9.0-2.fc25 (FEDORA-2017-696f3151e6) Distributed File System -------------------------------------------------------------------------------- Update Information: firewalld fixes -------------------------------------------------------------------------------- ================================================================================ inxi-2.3.7-1.fc25 (FEDORA-2017-217d7f4c5a) A full featured system information script -------------------------------------------------------------------------------- Update Information: Update to 2.3.7. -------------------------------------------------------------------------------- ================================================================================ keycloak-httpd-client-install-0.5-1.fc25 (FEDORA-2017-84923b83b0) Tools to configure Apache HTTPD as Keycloak client -------------------------------------------------------------------------------- Update Information: If the mellon port was set to either default http (80) or default https (443) mellon would generate a bad request error during authentication. This update strips any default port from the generated URL's so the URL's will match. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1410940 - Using default ports produces bad request error https://bugzilla.redhat.com/show_bug.cgi?id=1410940 -------------------------------------------------------------------------------- ================================================================================ koji-1.11.0-3.fc25 (FEDORA-2017-771f40424b) Build system tools -------------------------------------------------------------------------------- Update Information: Add proxy support to hub ---- Fix kerberos support for koji-gc -------------------------------------------------------------------------------- ================================================================================ libcec-4.0.1-1.fc25 (FEDORA-2017-ea17da897a) Library and utilities for HDMI-CEC device control -------------------------------------------------------------------------------- Update Information: Update to 4.0.1 -------------------------------------------------------------------------------- ================================================================================ lilypond-2.19.54-2.fc25 (FEDORA-2017-12f7497c4f) A typesetting system for music notation -------------------------------------------------------------------------------- Update Information: Update vim file installation path. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1410875 - vim files should be installed in /usr/share/vim/vim80 https://bugzilla.redhat.com/show_bug.cgi?id=1410875 -------------------------------------------------------------------------------- ================================================================================ linbox-1.4.2-5.fc25 (FEDORA-2017-acddb341de) C++ Library for High-Performance Exact Linear Algebra -------------------------------------------------------------------------------- Update Information: This update fixes the fflas-ffpack and linbox builds for big endian architectures. These packages are unchanged from the previous builds for little endian architectures. -------------------------------------------------------------------------------- ================================================================================ loopabull-0.0.5-1.fc25 (FEDORA-2017-8a29ab0eea) Event loop driven Ansible playbook execution engine -------------------------------------------------------------------------------- Update Information: Update to latest upstream release -------------------------------------------------------------------------------- ================================================================================ mesa-13.0.3-1.fc25 (FEDORA-2017-1e3e237ac8) Mesa graphics libraries -------------------------------------------------------------------------------- Update Information: 13.0.3 GA -------------------------------------------------------------------------------- ================================================================================ openms-2.1.0-3.fc25 (FEDORA-2017-cae203691c) LC/MS data management and analyses -------------------------------------------------------------------------------- Update Information: - Fix desktop icons -------------------------------------------------------------------------------- ================================================================================ osinfo-db-20170107-1.fc25 (FEDORA-2017-ed34b2ad09) osinfo database files -------------------------------------------------------------------------------- Update Information: Update to new release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1408271 - GNOME Boxes - no express install for the RHEL developer DVD ISO https://bugzilla.redhat.com/show_bug.cgi?id=1408271 -------------------------------------------------------------------------------- ================================================================================ pesign-0.112-5.fc25 (FEDORA-2017-31e2f4a0ec) Signing utility for UEFI binaries -------------------------------------------------------------------------------- Update Information: This removes the dependencies on pkcs11 module providers; those need to be handled elsewhere so as to only pull in the modules required on a given system. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1349073 - pesign: should not require coolkey https://bugzilla.redhat.com/show_bug.cgi?id=1349073 -------------------------------------------------------------------------------- ================================================================================ php-simplepie-1.4.3-2.fc25 (FEDORA-2017-7aca281f68) A simple Atom/RSS parsing library for PHP -------------------------------------------------------------------------------- Update Information: Drop flash files -------------------------------------------------------------------------------- References: [ 1 ] Bug #1000260 - php-simplepie bundles Flash files https://bugzilla.redhat.com/show_bug.cgi?id=1000260 -------------------------------------------------------------------------------- ================================================================================ python-argcomplete-1.7.0-1.fc25 (FEDORA-2017-8a0f80b0d4) Bash tab completion for argparse -------------------------------------------------------------------------------- Update Information: Update to 1.7.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339845 - python-argcomplete-1.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1339845 -------------------------------------------------------------------------------- ================================================================================ python-cerberus-1.0.1-2.fc25 (FEDORA-2017-14447254e2) Lightweight, extensible data validation library for Python -------------------------------------------------------------------------------- Update Information: Update to 1.0.1 -------------------------------------------------------------------------------- ================================================================================ python-click-6.7-1.fc25 (FEDORA-2017-a021d73526) Simple wrapper around optparse for powerful command line utilities -------------------------------------------------------------------------------- Update Information: - Update to 6.7 - Conform to packaging guidelines -------------------------------------------------------------------------------- References: [ 1 ] Bug #1410957 - python-click-6.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1410957 -------------------------------------------------------------------------------- ================================================================================ python-django-netjsongraph-0.2.2-1.fc25 (FEDORA-2017-fb59b6f537) Reusable django app for collecting and visualizing network topology -------------------------------------------------------------------------------- Update Information: first release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1369213 - Review Request: python-django-netjsongraph - Reusable django app for collecting and visualizing network topology https://bugzilla.redhat.com/show_bug.cgi?id=1369213 -------------------------------------------------------------------------------- ================================================================================ python-httpretty-0.8.14-1.20161011git70af1f8.fc25 (FEDORA-2017-bad2888b0b) HTTP request mock tool for Python -------------------------------------------------------------------------------- Update Information: This update provides version 0.8.14 of httpretty. This is a significant update over the previous 0.8.3, but so far as I am aware, there are no backward- incompatible changes (please comment if you find any). The package now has its test suite enabled (aside from a few tests that require remote trips), and all tests pass for all releases, so we have some confidence this in fact works correctly now. Python 3 compatibility is also greatly improved. 0.8.3 was entirely broken with more recent urllib3, requests, and openssl versions, and had many compatibility issues with Python 3. -------------------------------------------------------------------------------- ================================================================================ python-phyghtmap-1.80-1.fc25 (FEDORA-2017-6ca986661c) Generate OSM contour lines from NASA SRTM data -------------------------------------------------------------------------------- Update Information: Fixed the SRTM version 3.0 earthdata login issue. I. e., - Added the --earthdata-user and --earthdata-password options. - Added configuration file handling to store the earthdata login credentials. - Added code for basic http authentication. - Added cookie handling to prevent infinite http redirect loops. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1409677 - python-phyghtmap-1.80.orig is available https://bugzilla.redhat.com/show_bug.cgi?id=1409677 -------------------------------------------------------------------------------- ================================================================================ python-sure-1.4.0-1.fc25 (FEDORA-2017-81f839ab8c) Utility belt for automated testing in Python -------------------------------------------------------------------------------- Update Information: This update provides python-sure 1.4.0. There are no indications in the upstream changelog of any incompatible changes between 1.2.7 and 1.4.0. The previous (1.2.7) package is in fact entirely broken in Fedora 24 and Fedora 25, as it is not compatible with the `mock` library version found in those Fedora releases. 1.4.0 fixes this, along with other fixes and improvements. -------------------------------------------------------------------------------- ================================================================================ qconf-2.0-5.fc25 (FEDORA-2017-0f6e0e4159) Tool for generating configure script for qmake-based projects -------------------------------------------------------------------------------- Update Information: Add qconf-qt5 binary name -------------------------------------------------------------------------------- ================================================================================ runc-1.0.0-2.rc2.git47ea5c7.fc25 (FEDORA-2017-314123d1ae) CLI for running Open Containers -------------------------------------------------------------------------------- Update Information: patch to enable seccomp ---- bump to 1.0.0 rc2 ---- Resolves: #1342707 - bump to v1.0.0-rc1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1342707 - runc-v1.0.0-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1342707 -------------------------------------------------------------------------------- ================================================================================ texstudio-2.12.0-1.fc25 (FEDORA-2017-7939ade1ee) A feature-rich editor for LaTeX documents -------------------------------------------------------------------------------- Update Information: - update to 2.12.0 - http://texstudio.sourceforge.net/manual/current/CHANGELOG.txt -------------------------------------------------------------------------------- ================================================================================ wxGTK3-3.0.2-32.fc25 (FEDORA-2017-3d0485be15) GTK port of the wxWidgets GUI library -------------------------------------------------------------------------------- Update Information: Fix blank menubar/toolbar when using wx[MT]B_DOCKABLE (#1410729) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1410729 - toolbar and menubar not visible https://bugzilla.redhat.com/show_bug.cgi?id=1410729 -------------------------------------------------------------------------------- ================================================================================ xonsh-0.5.2-1.fc25 (FEDORA-2017-a0bedf2eed) A general purpose, Python-ish shell -------------------------------------------------------------------------------- Update Information: New upstream release 0.5.2 ---- New upstream release 0.5.1 ---- New upstream release 0.4.7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1410402 - xonsh-0.5.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1410402 [ 2 ] Bug #1381071 - xonsh-0.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1381071 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
