The following Fedora 25 Security updates need testing: Age URL 46 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 42 https://bodhi.fedoraproject.org/updates/FEDORA-2016-87dc28b1a0 w3m-0.5.3-27.git20161120.fc25 25 https://bodhi.fedoraproject.org/updates/FEDORA-2017-da50adf63e boomaga-0.8.0-6.git97f52c1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c9828b259c lynx-2.8.9-0.14.dev11.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-63697e7e0f sshrc-0.6.1-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b3b65a20c4 python-peewee-2.8.5-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2bb174ae3c zoneminder-1.28.1-8.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1855c8af2c netpbm-10.77.00-3.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c3739273e5 mingw-gtk-vnc-0.7.0-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c0564718ea mingw-gstreamer1-1.10.3-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a56d78acb8 mingw-gstreamer1-plugins-base-1.10.3-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1fc4026d15 mingw-gstreamer1-plugins-good-1.10.3-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-216f4b9f9d mingw-gstreamer1-plugins-bad-free-1.10.3-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fb89ca752a kernel-4.9.9-200.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2b46c8b6c2 bind-9.10.4-4.P6.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7ecbc90157 tcpdump-4.9.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7803508155 python-cjson-1.1.0-9.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 32 https://bodhi.fedoraproject.org/updates/FEDORA-2017-70547b9af8 python-productmd-1.4-1.fc25 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d117622795 pungi-4.1.12-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ae05043e23 python3-3.5.3-1.fc25 python3-docs-3.5.3-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-adc3383af9 python-pyasn1-0.2.1-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9f6383547e libglvnd-0.2.999-10.gitdc16f8c.fc25 mesa-13.0.4-1.fc25 wlc-0.0.7-3.git12ee978.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c1c04d26ee libcroco-0.6.11-3.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fb89ca752a kernel-4.9.9-200.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a435fd6d7b qt5-qtbase-5.7.1-14.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ac01d4ba25 firewalld-0.4.4.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-595fec72ef vim-8.0.324-1.fc25 The following builds have been pushed to Fedora 25 updates-testing NetworkManager-openvpn-1.2.8-1.fc25 cabal-rpm-0.11-1.fc25 fedfind-3.4.3-1.fc25 firewalld-0.4.4.3-1.fc25 gimagereader-3.2.1-1.fc25 libdnf-0.7.3-1.fc25 lynis-2.4.1-1.fc25 mozjs31-31.5.0-1.fc25 perl-Return-Type-0.005-1.fc25 perl-Sub-Infix-0.004-1.fc25 php-deepend-Mockery-0.9.8-1.fc25 php-nikic-fast-route-1.2.0-1.fc25 python-anyjson-0.3.3-14.fc25 python-cjson-1.1.0-9.fc25 python-defusedxml-0.5.0-1.fc25 python-diff-match-patch-20121119-1.fc25 python-llfuse-1.2-1.fc25 qcad-3.16.5.0-1.fc25 scratch-text-editor-2.4-1.fc25 system-config-firewall-1.2.29-15.fc25 tiptop-2.3-3.fc25 vim-8.0.324-1.fc25 xfce4-netload-plugin-1.3.1-1.fc25 xfce4-systemload-plugin-1.2.1-1.fc25 xrootd-4.6.0-2.fc25 Details about builds: ================================================================================ NetworkManager-openvpn-1.2.8-1.fc25 (FEDORA-2017-b5adce09c2) NetworkManager VPN plugin for OpenVPN -------------------------------------------------------------------------------- Update Information: 1.2.8 -------------------------------------------------------------------------------- ================================================================================ cabal-rpm-0.11-1.fc25 (FEDORA-2017-2764497fc3) RPM packaging tool for Haskell Cabal-based packages -------------------------------------------------------------------------------- Update Information: - diff and update now follow package-version args - update from Hackage now follows "Default available version" - update tries to use juhp/stackage-query if installed to check latest Stackage version before falling back to latest Hackage - refresh command now reads the cabal-rpm version header in the spec file and installs that version of cabal-rpm under ~/.cblrpm/ and uses it to make patch -------------------------------------------------------------------------------- ================================================================================ fedfind-3.4.3-1.fc25 (FEDORA-2017-3a0779e028) Fedora compose and image finder -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind. The main change is that the synthesized metadata for non-Pungi 4 composes has been enhanced to include a `composeinfo` dict, and `disc_number` items in the image dicts. These changes are necessary for `resultsdb_conventions` to work with the synthesized metadata. Another change is that `fedfind.release.get_release(url='someurl')` will no longer return generic `Pungi4Compose` instances for URLs in unknown domains, as Patrick van Uiterwijk suggested it may constitute a potential security problem in some use cases. -------------------------------------------------------------------------------- ================================================================================ firewalld-0.4.4.3-1.fc25 (FEDORA-2017-ac01d4ba25) A firewall daemon with D-Bus interface providing a dynamic firewall -------------------------------------------------------------------------------- Update Information: - Rebase to firewalld-0.4.4.3 http://www.firewalld.org/2017/02/firewalld-0-4-4-3-release - Speed up of large file loading - Support for more ipset types - Speed up of adding or removing entries for ipsets from files - Support icmp-type usage in rich rules - Support for more icmp types - Support for h323 conntrack helper - New services - Code cleanup and several other bug fixes - Translation updates -------------------------------------------------------------------------------- ================================================================================ gimagereader-3.2.1-1.fc25 (FEDORA-2017-706e285e7e) A front-end to tesseract-ocr -------------------------------------------------------------------------------- Update Information: Update to 3.2.1, see https://github.com/manisandro/gImageReader/releases/tag/v3.2.1 for details. -------------------------------------------------------------------------------- ================================================================================ libdnf-0.7.3-1.fc25 (FEDORA-2017-7d5a9dd4b0) Library providing simplified C and Python API to libsolv -------------------------------------------------------------------------------- Update Information: Update to 0.7.3 -------------------------------------------------------------------------------- ================================================================================ lynis-2.4.1-1.fc25 (FEDORA-2017-8fac3dcf23) Security and system auditing tool -------------------------------------------------------------------------------- Update Information: Update to 2.4.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1421133 - lynis-2.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1421133 -------------------------------------------------------------------------------- ================================================================================ mozjs31-31.5.0-1.fc25 (FEDORA-2017-37b7e3a2ba) JavaScript interpreter and libraries -------------------------------------------------------------------------------- Update Information: mozjs 31.5.0 release, including backported patches for gjs support. -------------------------------------------------------------------------------- ================================================================================ perl-Return-Type-0.005-1.fc25 (FEDORA-2017-3ce6a024b1) Specify a return type for a function -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ perl-Sub-Infix-0.004-1.fc25 (FEDORA-2017-a81d68f0c9) Create a fake infix operator -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ php-deepend-Mockery-0.9.8-1.fc25 (FEDORA-2017-9a7bf0bb71) Mockery is a simple but flexible PHP mock object framework -------------------------------------------------------------------------------- Update Information: Update to upstream version **0.9.8**. As [changelog is missing](https://github.com/padraic/mockery/issues/644), see the [commit history](https://github.com/padraic/mockery/commits/0.9). -------------------------------------------------------------------------------- ================================================================================ php-nikic-fast-route-1.2.0-1.fc25 (FEDORA-2017-216efe4c91) Fast implementation of a regular expression based router -------------------------------------------------------------------------------- Update Information: Last upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1419369 - php-nikic-fast-route-v1.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1419369 -------------------------------------------------------------------------------- ================================================================================ python-anyjson-0.3.3-14.fc25 (FEDORA-2017-cc87801feb) Wraps the best available JSON implementation -------------------------------------------------------------------------------- Update Information: This update removes some parsers which have been dead for many years (and were never packaged for Fedora) from the anyjson list, and increases the priority of `cjson`. Note that `ujson` has been added to the top of the list in Fedora Rawhide (for Fedora 26+), but this cannot be done for Fedora 24 or 25 because the behaviour of `ujson` < 2.0 is unlike that of other parsers (it will make a strange attempt to serialize fundamentally non-serializable objects, like arbitrary classes), and backporting `ujson` 2.0 to those releases would be inappropriate (as things may be relying on its sloppy behaviour). -------------------------------------------------------------------------------- ================================================================================ python-cjson-1.1.0-9.fc25 (FEDORA-2017-7803508155) Fast JSON encoder/decoder for Python -------------------------------------------------------------------------------- Update Information: This update prevents `python-cjson` from crashing when attempting to parse heavily nested JSON structures (which could be exploited for denial of service purposes, against any application that uses `python-cjson` to parse arbitrary input). -------------------------------------------------------------------------------- ================================================================================ python-defusedxml-0.5.0-1.fc25 (FEDORA-2017-97aae7b250) XML bomb protection for Python stdlib modules -------------------------------------------------------------------------------- Update Information: This update provides version 0.5.0 of `python-defusedxml`. The main feature of this release is Python 3.6 compatibility, which affects only Fedora Rawhide, but it includes various other minor cleanups that are worth having for all distributions. This update is not provided for EPEL 6 as 0.5.0 drops compatibility with Python 2.6, which is the system Python version on EL 6. This update also enables the Python 3 subpackage on EPEL 7. -------------------------------------------------------------------------------- ================================================================================ python-diff-match-patch-20121119-1.fc25 (FEDORA-2017-5448ceeb3c) Algorithms for synchronzing plain text -------------------------------------------------------------------------------- Update Information: Python diff-match-patch needed for translate-toolkit-2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379778 - Review Request: python-diff-match-patch - Algorithms for synchronizing plain text https://bugzilla.redhat.com/show_bug.cgi?id=1379778 -------------------------------------------------------------------------------- ================================================================================ python-llfuse-1.2-1.fc25 (FEDORA-2017-8eb3f772c0) Python Bindings for the low-level FUSE API -------------------------------------------------------------------------------- Update Information: Release 1.2 (2017-01-22) --- - The attr argument of the ~Operations.setattr handler now contains valid values only for the attributes that are to be set. - Previously, the documentation assorted that other attributes would be set to the original (unchanged) values. However, that was actually never the case. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1421289 - python-llfuse: 1.2 release available https://bugzilla.redhat.com/show_bug.cgi?id=1421289 -------------------------------------------------------------------------------- ================================================================================ qcad-3.16.5.0-1.fc25 (FEDORA-2017-3ce0440776) Powerful 2D CAD system -------------------------------------------------------------------------------- Update Information: - Update to 3.16.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417393 - Unexpected dependencies pulled in https://bugzilla.redhat.com/show_bug.cgi?id=1417393 -------------------------------------------------------------------------------- ================================================================================ scratch-text-editor-2.4-1.fc25 (FEDORA-2017-13853c8068) The text editor that works -------------------------------------------------------------------------------- Update Information: Update to version 2.4. This upstream release includes some critical bugfixes (including a fix for some input methods not working and a fix for a possible data loss issue when closing the application). Additionally, this version added support for building with webkit2gtk-4.0. -------------------------------------------------------------------------------- ================================================================================ system-config-firewall-1.2.29-15.fc25 (FEDORA-2017-7df8b12271) A graphical interface for basic firewall setup -------------------------------------------------------------------------------- Update Information: - Do not require iptables-ipv6, but iptables >= 1.4.16.2-4 - Fix build for F-26: autoreconf, add __pycache__ for some files -------------------------------------------------------------------------------- ================================================================================ tiptop-2.3-3.fc25 (FEDORA-2017-9150bb4ef0) Performance monitoring tool based on hardware counters -------------------------------------------------------------------------------- Update Information: Fixes a crash when displaying the errors panel and none exist. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1141338 - [abrt] tiptop: show_error_win(): tiptop killed by SIGFPE https://bugzilla.redhat.com/show_bug.cgi?id=1141338 -------------------------------------------------------------------------------- ================================================================================ vim-8.0.324-1.fc25 (FEDORA-2017-595fec72ef) The VIM editor -------------------------------------------------------------------------------- Update Information: The newest upstream commit. -------------------------------------------------------------------------------- ================================================================================ xfce4-netload-plugin-1.3.1-1.fc25 (FEDORA-2017-27112396e4) Network-load monitor for the Xfce panel -------------------------------------------------------------------------------- Update Information: gtk-3 bugfix update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398709 - Inaccurate information with memory monitors, and no tooltip on mouseover anymore in XFCE https://bugzilla.redhat.com/show_bug.cgi?id=1398709 [ 2 ] Bug #1397315 - Incorrect bar sizes in v1.2.0 https://bugzilla.redhat.com/show_bug.cgi?id=1397315 -------------------------------------------------------------------------------- ================================================================================ xfce4-systemload-plugin-1.2.1-1.fc25 (FEDORA-2017-27112396e4) Systemload monitor for the Xfce panel -------------------------------------------------------------------------------- Update Information: gtk-3 bugfix update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398709 - Inaccurate information with memory monitors, and no tooltip on mouseover anymore in XFCE https://bugzilla.redhat.com/show_bug.cgi?id=1398709 [ 2 ] Bug #1397315 - Incorrect bar sizes in v1.2.0 https://bugzilla.redhat.com/show_bug.cgi?id=1397315 -------------------------------------------------------------------------------- ================================================================================ xrootd-4.6.0-2.fc25 (FEDORA-2017-0eca8dbb12) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: New version 4.6.0, release notes are here: https://github.com/xrootd/xrootd/blob/v4.6.0/docs/ReleaseNotes.txt -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx