The following Fedora 25 Security updates need testing: Age URL 45 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 41 https://bodhi.fedoraproject.org/updates/FEDORA-2016-87dc28b1a0 w3m-0.5.3-27.git20161120.fc25 24 https://bodhi.fedoraproject.org/updates/FEDORA-2017-da50adf63e boomaga-0.8.0-6.git97f52c1.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c9828b259c lynx-2.8.9-0.14.dev11.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-63697e7e0f sshrc-0.6.1-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b3b65a20c4 python-peewee-2.8.5-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2bb174ae3c zoneminder-1.28.1-8.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1855c8af2c netpbm-10.77.00-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c3739273e5 mingw-gtk-vnc-0.7.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c0564718ea mingw-gstreamer1-1.10.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a56d78acb8 mingw-gstreamer1-plugins-base-1.10.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1fc4026d15 mingw-gstreamer1-plugins-good-1.10.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-216f4b9f9d mingw-gstreamer1-plugins-bad-free-1.10.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fb89ca752a kernel-4.9.9-200.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2b46c8b6c2 bind-9.10.4-4.P6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7ecbc90157 tcpdump-4.9.0-1.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 31 https://bodhi.fedoraproject.org/updates/FEDORA-2017-70547b9af8 python-productmd-1.4-1.fc25 22 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d117622795 pungi-4.1.12-1.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ae05043e23 python3-3.5.3-1.fc25 python3-docs-3.5.3-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-adc3383af9 python-pyasn1-0.2.1-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9f6383547e libglvnd-0.2.999-10.gitdc16f8c.fc25 mesa-13.0.4-1.fc25 wlc-0.0.7-3.git12ee978.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c1c04d26ee libcroco-0.6.11-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fb89ca752a kernel-4.9.9-200.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a435fd6d7b qt5-qtbase-5.7.1-14.fc25 The following builds have been pushed to Fedora 25 updates-testing arduino-1.6.6-1.fc25 bind-9.10.4-4.P6.fc25 fusioninventory-agent-2.3.18-3.fc25 gap-pkg-utils-0.46-1.fc25 gnome-video-effects-0.4.3-1.fc25 kernel-4.9.9-200.fc25 libcroco-0.6.11-3.fc25 libvmi-0.11.0-4.20170208gitd7d5714.fc25 mingw-gstreamer1-plugins-bad-free-1.10.3-1.fc25 mingw-gstreamer1-plugins-base-1.10.3-1.fc25 mingw-gstreamer1-plugins-good-1.10.3-1.fc25 perl-Log-Report-1.19-1.fc25 php-pecl-sphinx-1.4.0-0.1.20170203git201eb00.fc25 php-phpunit-PHPUnit-5.7.13-1.fc25 postgresql-9.5.6-1.fc25 rubygem-net-http-digest_auth-1.4.1-1.fc25 sil-padauk-fonts-3.002-1.fc25 tcpdump-4.9.0-1.fc25 vdr-epg2vdr-1.1.34-1.fc25 wine-2.1-1.fc25 Details about builds: ================================================================================ arduino-1.6.6-1.fc25 (FEDORA-2017-5e719b6071) An IDE for Arduino-compatible electronics prototyping platforms -------------------------------------------------------------------------------- Update Information: update to 1.6.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1316315 - arduino-1.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1316315 -------------------------------------------------------------------------------- ================================================================================ bind-9.10.4-4.P6.fc25 (FEDORA-2017-2b46c8b6c2) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-3135 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1420193 - CVE-2017-3135 bind: Assertion failure when using DNS64 and RPZ Can Lead to Crash https://bugzilla.redhat.com/show_bug.cgi?id=1420193 -------------------------------------------------------------------------------- ================================================================================ fusioninventory-agent-2.3.18-3.fc25 (FEDORA-2017-dadec99ea5) FusionInventory agent -------------------------------------------------------------------------------- Update Information: Update systemd files to use "systemctl edit" Make cron mode work again; re-add sysconfig file comments -------------------------------------------------------------------------------- ================================================================================ gap-pkg-utils-0.46-1.fc25 (FEDORA-2017-3b612bd357) Utility functions for GAP -------------------------------------------------------------------------------- Update Information: Changes in version 0.46: - (08/02/17) added Polycyclic as a needed package - (07/02/17) added code for converting matrix groups to Magma strings - (03/02/17) added code for converting perm- and pc-groups to Magma strings - (02/02/17) copied gaplog.css to utils/doc/ from RCWA archive -------------------------------------------------------------------------------- References: [ 1 ] Bug #1420734 - gap-pkg-utils-v0.46 is available https://bugzilla.redhat.com/show_bug.cgi?id=1420734 -------------------------------------------------------------------------------- ================================================================================ gnome-video-effects-0.4.3-1.fc25 (FEDORA-2017-6b49671623) Collection of GStreamer video effects -------------------------------------------------------------------------------- Update Information: gnome-video-effects 0.4.3 release. For details, see https://mail.gnome.org/archives/ftp-release-list/2017-February/msg00016.html and https://mail.gnome.org/archives/ftp-release-list/2017-February/msg00017.html -------------------------------------------------------------------------------- ================================================================================ kernel-4.9.9-200.fc25 (FEDORA-2017-fb89ca752a) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.9.9 update contains a number of important fixes across the tree -------------------------------------------------------------------------------- References: [ 1 ] Bug #1419848 - CVE-2017-5897 kernel: ip6_gre: Invalid reads in ip6gre_err https://bugzilla.redhat.com/show_bug.cgi?id=1419848 [ 2 ] Bug #1420276 - kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf https://bugzilla.redhat.com/show_bug.cgi?id=1420276 -------------------------------------------------------------------------------- ================================================================================ libcroco-0.6.11-3.fc25 (FEDORA-2017-c1c04d26ee) A CSS2 parsing library -------------------------------------------------------------------------------- Update Information: Disable strict aliasing, since the code is not strict-aliasing-clean. -------------------------------------------------------------------------------- ================================================================================ libvmi-0.11.0-4.20170208gitd7d5714.fc25 (FEDORA-2017-2ba1fcbe71) A library for performing virtual-machine introspection -------------------------------------------------------------------------------- Update Information: Update to Git master -------------------------------------------------------------------------------- ================================================================================ mingw-gstreamer1-plugins-bad-free-1.10.3-1.fc25 (FEDORA-2017-216f4b9f9d) Cross compiled GStreamer1 plug-ins "bad" -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-5848, CVE-2017-5843 - Downgrade to 1.10.3 as it is the latest stable release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1419583 - CVE-2017-5848 gstreamer-plugins-bad-free: Invalid memory read in gst_ps_demux_parse_psm https://bugzilla.redhat.com/show_bug.cgi?id=1419583 [ 2 ] Bug #1419592 - CVE-2017-5843 gstreamer-plugins-bad-free: Use after free in gst_mini_object_unref / gst_tag_list_unref / gst_mxf_demux_update_essence_tracks https://bugzilla.redhat.com/show_bug.cgi?id=1419592 -------------------------------------------------------------------------------- ================================================================================ mingw-gstreamer1-plugins-base-1.10.3-1.fc25 (FEDORA-2017-a56d78acb8) Cross compiled GStreamer1 media framework base plug-ins -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-5837, CVE-2017-5839, CVE-2017-5842, CVE-2017-5844 - Downgrade to 1.10.3 as it is the latest stable release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1419584 - CVE-2017-5837 gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps https://bugzilla.redhat.com/show_bug.cgi?id=1419584 [ 2 ] Bug #1419586 - CVE-2017-5839 gstreamer-plugins-base: Stack overflow in gst_riff_create_audio_caps https://bugzilla.redhat.com/show_bug.cgi?id=1419586 [ 3 ] Bug #1419591 - CVE-2017-5842 gstreamer-plugins-base: Out-of-bounds heap read in html_context_handle_element https://bugzilla.redhat.com/show_bug.cgi?id=1419591 [ 4 ] Bug #1419600 - CVE-2017-5844 gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps https://bugzilla.redhat.com/show_bug.cgi?id=1419600 -------------------------------------------------------------------------------- ================================================================================ mingw-gstreamer1-plugins-good-1.10.3-1.fc25 (FEDORA-2017-1fc4026d15) Cross compiled GStreamer1 plug-ins good -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-10199, CVE-2017-5845, CVE-2017-5840, CVE-2017-5841 - Downgrade to 1.10.3 as it is the latest stable release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1419580 - CVE-2016-10199 gstreamer-plugins-good: Out of bounds read in qtdemux_tag_add_str_full https://bugzilla.redhat.com/show_bug.cgi?id=1419580 [ 2 ] Bug #1419582 - CVE-2017-5845 gstreamer-plugins-good: Invalid memory read in gst_avi_demux_parse_ncdt https://bugzilla.redhat.com/show_bug.cgi?id=1419582 [ 3 ] Bug #1419588 - CVE-2017-5840 gstreamer-plugins-good: Out of bounds heap read in qtdemux_parse_samples https://bugzilla.redhat.com/show_bug.cgi?id=1419588 [ 4 ] Bug #1419589 - CVE-2017-5841 gstreamer-plugins-good: Heap out-of-bounds read in gst_avi_demux_parse_ncdt https://bugzilla.redhat.com/show_bug.cgi?id=1419589 -------------------------------------------------------------------------------- ================================================================================ perl-Log-Report-1.19-1.fc25 (FEDORA-2017-214a0f577e) Report a problem with exceptions and translation support -------------------------------------------------------------------------------- Update Information: This release adapts to recent changes in Dancer2. It also adds additional information to ::File and ::Syslog free format calls. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1420958 - perl-Log-Report-1.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=1420958 -------------------------------------------------------------------------------- ================================================================================ php-pecl-sphinx-1.4.0-0.1.20170203git201eb00.fc25 (FEDORA-2017-9c6c7ca9f4) PECL extension for Sphinx SQL full-text search engine -------------------------------------------------------------------------------- Update Information: Update to **1.4.0-dev** (git snapshot) for **PHP 7** compatibility (no API changes). -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHPUnit-5.7.13-1.fc25 (FEDORA-2017-f9662ff437) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: **Version 5.7.13** - 2017-02-10 * Fixed [#2493](https://github.com/sebastianbergmann/phpunit/issues/2493): Fix for [#2475](https://github.com/sebastianbergmann/phpunit/pull/2475) does not apply to PHPUnit 5.7 ---- **Version 5.7.12** - 2017-02-08 * Fixed [#2475](https://github.com/sebastianbergmann/phpunit/pull/2475): Defining a test suite with only one file does not work **Version 5.7.11** - 2017-02-05 * Deprecation errors when used with PHP 7.2 ---- **Version 5.7.10** - 2017-02-04 * Fixed [#2462](https://github.com/sebastianbergmann/phpunit/issues/2462): Code Coverage blacklist is filled even if no code coverage data is to be collected ---- **Version 5.7.9** - 2017-01-28 * Fixed [#2447](https://github.com/sebastianbergmann/phpunit/issues/2447): Reverted backwards incompatible change to handling of boolean environment variable values specified in XML ---- **Version 5.7.8** - 2017-01-26 * Fixed [#2446](https://github.com/sebastianbergmann/phpunit/issues/2446): Reverted backwards incompatible change to exit code in case of warnings ---- **Version 5.7.7** - 2017-01-25 * Fixed [#1896](https://github.com/sebastianbergmann/phpunit/issues/1896): Wrong test location when `@depends` and `@dataProvider` are combined * Fixed [#1983](https://github.com/sebastianbergmann/phpunit/pull/1983): Tests with `@expectedException` annotation cannot be skipped * Fixed [#2137](https://github.com/sebastianbergmann/phpunit/issues/2137): Warnings for invalid data providers are suppressed when test execution is filtered * Fixed [#2275](https://github.com/sebastianbergmann/phpunit/pull/2275): Invalid UTF-8 characters can lead to missing output * Fixed [#2299](https://github.com/sebastianbergmann/phpunit/issues/2299): `expectExceptionMessage()` and `expectExceptionCode()` do not work without `expectException()` * Fixed [#2328](https://github.com/sebastianbergmann/phpunit/issues/2328): `TestListener` callbacks `startTest()` and `endTest()` are not called when test is skipped due to `@depends` * Fixed [#2331](https://github.com/sebastianbergmann/phpunit/issues/2331): Boolean environment variable values specified in XML get mangled * Fixed [#2333](https://github.com/sebastianbergmann/phpunit/issues/2333): `assertContains()` and `assertNotContains()` do not handle UTF-8 strings correctly * Fixed [#2340](https://github.com/sebastianbergmann/phpunit/pull/2340): Data providers that use `yield` or implement `Iterator` cannot be combined * Fixed [#2349](https://github.com/sebastianbergmann/phpunit/pull/2349): `PHPUnit_TextUI_Command` does not `exit()` when it should * Fixed [#2392](https://github.com/sebastianbergmann/phpunit/issues/2392): Empty (but valid) data provider should skip the test * Fixed [#2431](https://github.com/sebastianbergmann/phpunit/issues/2431): `assertArraySubset()` does not support `ArrayAccess` * Fixed [#2435](https://github.com/sebastianbergmann/phpunit/issues/2435): Empty `@group` annotation causes error on PHP 7.2+ ---- **Version 5.7.6** - 2017-01-22 * Fixed [#2424](https://github.com/sebastianbergmann/phpunit/issues/2424): `TestCase::getStatus()` returns `STATUS_PASSED` instead of `STATUS_RISKY` for risky test * Fixed [#2427](https://github.com/sebastianbergmann/phpunit/issues/2427): TestDox group configuration is not handled * Fixed [#2428](https://github.com/sebastianbergmann/phpunit/pull/2428): Nested arrays specificied in XML configuration file are not handled correctly ---- Packaging change: * handle redirection to composer installed version 6.x -------------------------------------------------------------------------------- ================================================================================ postgresql-9.5.6-1.fc25 (FEDORA-2017-8d2e523dea) PostgreSQL client programs -------------------------------------------------------------------------------- Update Information: update to 9.5.6 per release notes http://www.postgresql.org/docs/9.5/static/release-9-5-6.html -------------------------------------------------------------------------------- ================================================================================ rubygem-net-http-digest_auth-1.4.1-1.fc25 (FEDORA-2017-8ad69c7508) Implementation of RFC 2617 - Digest Access Authentication -------------------------------------------------------------------------------- Update Information: New version 1.4.1 is released. -------------------------------------------------------------------------------- ================================================================================ sil-padauk-fonts-3.002-1.fc25 (FEDORA-2017-eb3506a62e) A font for Burmese and the Myanmar script -------------------------------------------------------------------------------- Update Information: Update to 3.002 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1420944 - fc-list makes remote ssh terminal unusable if sil-padauk-fonts is installed https://bugzilla.redhat.com/show_bug.cgi?id=1420944 -------------------------------------------------------------------------------- ================================================================================ tcpdump-4.9.0-1.fc25 (FEDORA-2017-7ecbc90157) A network traffic monitoring tool -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1419066 - CVE-2016-7922 tcpdump: Buffer overflow in AH parser in print-ah.c:ah_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419066 [ 2 ] Bug #1419067 - CVE-2016-7923 tcpdump: Buffer overflow in ARP parser in print-arp.c:arp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419067 [ 3 ] Bug #1419068 - CVE-2016-7924 tcpdump: Buffer overflow in ATM parser in print-atm.c:oam_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419068 [ 4 ] Bug #1419070 - CVE-2016-7925 tcpdump: Buffer overflow in compressed SLIP parser in print-sl.c:sl_if_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419070 [ 5 ] Bug #1419071 - CVE-2016-7926 tcpdump: Buffer overflow in Ethernet parser in print-ether.c:ethertype_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419071 [ 6 ] Bug #1419072 - CVE-2016-7927 tcpdump: Buffer overflow in IEEE 802.11 parser in print-802_11.c:ieee802_11_radio_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419072 [ 7 ] Bug #1419073 - CVE-2016-7928 tcpdump: Buffer overflow in IPComp parser in print-ipcomp.c:ipcomp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419073 [ 8 ] Bug #1419074 - CVE-2016-7929 tcpdump: Buffer overflow in Juniper PPPoE ATM parser in print-juniper.c:juniper_parse_header() https://bugzilla.redhat.com/show_bug.cgi?id=1419074 [ 9 ] Bug #1419075 - CVE-2016-7930 tcpdump: Buffer overflow in LLC parser in print-llc.c:llc_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419075 [ 10 ] Bug #1419076 - CVE-2016-7931 tcpdump: Buffer overflow in MPLS parser in print-mpls.c:mpls_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419076 [ 11 ] Bug #1419077 - CVE-2016-7932 tcpdump: Buffer overflow in PIM parser in print-pim.c:pimv2_check_checksum() https://bugzilla.redhat.com/show_bug.cgi?id=1419077 [ 12 ] Bug #1419078 - CVE-2016-7933 tcpdump: Buffer overflow in PPP parser in print-ppp.c:ppp_hdlc_if_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419078 [ 13 ] Bug #1419079 - CVE-2016-7934 tcpdump: Buffer overflow in RTCP parser in print-udp.c:rtcp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419079 [ 14 ] Bug #1419080 - CVE-2016-7935 tcpdump: Buffer overflow in RTP parser in print-udp.c:rtp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419080 [ 15 ] Bug #1419081 - CVE-2016-7936 tcpdump: Buffer overflow in UDP parser in print-udp.c:udp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419081 [ 16 ] Bug #1419082 - CVE-2016-7937 tcpdump: Buffer overflow in VAT parser in print-udp.c:vat_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419082 [ 17 ] Bug #1419083 - CVE-2016-7938 tcpdump: Integer overflow in ZeroMQ parser in print-zeromq.c:zmtp1_print_frame() https://bugzilla.redhat.com/show_bug.cgi?id=1419083 [ 18 ] Bug #1419085 - CVE-2016-7939 tcpdump: Buffer overflow in GRE parser in print-gre.c, multiple functions https://bugzilla.redhat.com/show_bug.cgi?id=1419085 [ 19 ] Bug #1419087 - CVE-2016-7940 tcpdump: Buffer overflow in STP parser in print-stp.c, multiple functions https://bugzilla.redhat.com/show_bug.cgi?id=1419087 [ 20 ] Bug #1419088 - CVE-2016-7973 tcpdump: Buffer overflow in AppleTalk parser in print-atalk.c, multiple functions https://bugzilla.redhat.com/show_bug.cgi?id=1419088 [ 21 ] Bug #1419089 - CVE-2016-7974 tcpdump: Buffer overflow in IP parser in print-ip.c, multiple functions https://bugzilla.redhat.com/show_bug.cgi?id=1419089 [ 22 ] Bug #1419090 - CVE-2016-7975 tcpdump: Buffer overflow in TCP parser in print-tcp.c:tcp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419090 [ 23 ] Bug #1419091 - CVE-2016-7983 tcpdump: Buffer overflow in BOOTP parser in print-bootp.c:bootp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419091 [ 24 ] Bug #1419093 - CVE-2016-7984 tcpdump: Buffer overflow in TFTP parser in print-tftp.c:tftp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419093 [ 25 ] Bug #1419094 - CVE-2016-7985 tcpdump: Buffer overflow in CALM FAST parser in print-calm-fast.c:calm_fast_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419094 [ 26 ] Bug #1419095 - CVE-2016-7986 tcpdump: Buffer overflow in GeoNetworking parser in print-geonet.c, multiple functions https://bugzilla.redhat.com/show_bug.cgi?id=1419095 [ 27 ] Bug #1419097 - CVE-2016-7992 tcpdump: Buffer overflow in Classical IP over ATM parser in print-cip.c:cip_if_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419097 [ 28 ] Bug #1419098 - CVE-2016-7993 tcpdump: Buffer overflow in util-print.c:relts_print() in multiple protocol parsers (DNS, DVMRP, HSRP, IGMP, lightweight resolver protocol, PIM) https://bugzilla.redhat.com/show_bug.cgi?id=1419098 [ 29 ] Bug #1419099 - CVE-2016-8574 tcpdump: Buffer overflow in FRF.15 parser in print-fr.c:frf15_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419099 [ 30 ] Bug #1419100 - CVE-2016-8575 tcpdump: Buffer overflow in Q.933 parser in print-fr.c:q933_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419100 [ 31 ] Bug #1419101 - CVE-2017-5202 tcpdump: Buffer overflow in ISO CLNS parser in print-isoclns.c:clnp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419101 [ 32 ] Bug #1419102 - CVE-2017-5203 tcpdump: Buffer overflow in BOOTP parser in print-bootp.c:bootp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419102 [ 33 ] Bug #1419103 - CVE-2017-5204 tcpdump: Buffer overflow in IPv6 parser in print-ip6.c:ip6_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419103 [ 34 ] Bug #1419104 - CVE-2017-5205 tcpdump: Buffer overflow in ISAKMP parser in print-isakmp.c:ikev2_e_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419104 [ 35 ] Bug #1419106 - CVE-2017-5341 tcpdump: Buffer overflow in OTV parser in print-otv.c:otv_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419106 [ 36 ] Bug #1419112 - CVE-2017-5342 tcpdump: Buffer overflow in print-ether.c:ether_print() in multiple protocol parsers (Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE) https://bugzilla.redhat.com/show_bug.cgi?id=1419112 [ 37 ] Bug #1419107 - CVE-2017-5482 tcpdump: Buffer overflow in Q.933 parser in print-fr.c:q933_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419107 [ 38 ] Bug #1419108 - CVE-2017-5483 tcpdump: Buffer overflow in SNMP parser in print-snmp.c:asn1_parse() https://bugzilla.redhat.com/show_bug.cgi?id=1419108 [ 39 ] Bug #1419109 - CVE-2017-5484 tcpdump: Buffer overflow in ATM parser in print-atm.c:sig_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419109 [ 40 ] Bug #1419110 - CVE-2017-5485 tcpdump: Buffer overflow in ISO CLNS parser in addrtoname.c:lookup_nsap() https://bugzilla.redhat.com/show_bug.cgi?id=1419110 [ 41 ] Bug #1419111 - CVE-2017-5486 tcpdump: Buffer overflow in ISO CLNS parser in print-isoclns.c:clnp_print() https://bugzilla.redhat.com/show_bug.cgi?id=1419111 -------------------------------------------------------------------------------- ================================================================================ vdr-epg2vdr-1.1.34-1.fc25 (FEDORA-2017-2863d2a738) A plugin to retrieve EPG data from a mysql database into VDR -------------------------------------------------------------------------------- Update Information: Update to 1.1.34 ---- Update to 1.1.33 ---- Update to 1.1.30 ---- Update to 1.1.27 ---- Update to 1.1.32 -------------------------------------------------------------------------------- ================================================================================ wine-2.1-1.fc25 (FEDORA-2017-a33874d984) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: Many fixes that were deferred during code freeze. More Shader Model 5 instructions. A number of improvements to MIME message handling. Line breaking improvements in DirectWrite. HID bus service now running by default. Direct2D rendering improvements. Various bug fixes. Source release tarballs now use xz compression. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx