Fedora 25 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 25 Security updates need testing:
 Age  URL
 100  https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb   exim-4.87.1-1.fc25
  20  https://bodhi.fedoraproject.org/updates/FEDORA-2017-06f4b88ceb   php-onelogin-php-saml-2.10.5-1.fc25
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2017-99ad80f109   python-sleekxmpp-1.3.2-1.fc25
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-674d306f51   icecat-52.0.1-5.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-7bd002b77c   xorgxrdp-0.2.1-1.fc25 xrdp-0.9.2-3.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ed4c9b605b   php-horde-Horde-Crypt-2.7.6-1.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf1944f480   libpng15-1.5.28-1.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-bad9942e42   libpng12-1.2.57-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab3acddd21   libtiff-4.0.7-4.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-054729ab08   xen-4.7.2-5.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-cc029be02d   tnef-1.4.14-1.fc25


The following Fedora 25 Critical Path updates have yet to be approved:
 Age URL
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ea86a8123b   pungi-4.1.14-1.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a11057f70e   ca-certificates-2017.2.11-1.1.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-85b7d7129b   flatpak-0.9.2-1.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a40dca1e21   gtk3-3.22.11-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-aa46c8d9e0   tigervnc-1.7.1-4.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-37931b24eb   cups-2.2.0-8.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-5987ec3b8a   libdrm-2.4.77-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab3acddd21   libtiff-4.0.7-4.fc25


The following builds have been pushed to Fedora 25 updates-testing

    GeoIP-GeoLite-data-2017.04-1.fc25
    bugzilla-5.0.3-4.fc25
    cacti-1.1.2-1.fc25
    cups-2.2.0-8.fc25
    dictd-1.12.1-14.fc25
    dkms-2.3-4.20170313git974d838.fc25
    dnfdragora-1.0.0-14.git20170405.cca9412.fc25
    erlang-19.3.1-1.fc25
    glibmm24-2.50.1-1.fc25
    golang-github-calmh-du-1.0.1-1.fc25
    golang-github-calmh-xdr-2.0.1-1.fc25
    kompose-0.5.0-0.1.fc25
    libdrm-2.4.77-1.fc25
    libmediainfo-0.7.94-1.fc25
    libtiff-4.0.7-4.fc25
    libzen-0.4.35-1.fc25
    lldpd-0.9.7-5.fc25
    mediainfo-0.7.94-1.fc25
    mod_lookup_identity-1.0.0-1.fc25
    nfs-ganesha-2.4.5-1.fc25
    nfs-utils-2.1.1-3.rc1.fc25
    perl-Bot-BasicBot-0.90-1.fc25
    perl-Test-Harness-3.39-1.fc25
    perl-WWW-OrangeHRM-Client-0.10.3-1.fc25
    python-faker-0.7.10-1.fc25
    python-paho-mqtt-1.2.1-1.fc25
    python-websockets-3.3-1.fc25
    qemu-2.7.1-5.fc25
    tigervnc-1.7.1-4.fc25
    tnef-1.4.14-1.fc25
    tripwire-2.4.3.5-1.fc25
    xen-4.7.2-5.fc25
    xonotic-0.8.2-2.fc25

Details about builds:


================================================================================
 GeoIP-GeoLite-data-2017.04-1.fc25 (FEDORA-2017-9e084b541c)
 Free GeoLite IP geolocation country database
--------------------------------------------------------------------------------
Update Information:

April 2017 database update.
--------------------------------------------------------------------------------


================================================================================
 bugzilla-5.0.3-4.fc25 (FEDORA-2017-f2f561c439)
 Bug tracking system
--------------------------------------------------------------------------------
Update Information:

This update of bugzilla fixes a number of small issues. The apache configuration
has been amended to allow .htaccess file in Bugzilla's filetree, dependencies
have been added and a fix has been backported from upstream to make bugzilla
stop emitting warnings.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1403588 - /usr/share/bugzilla/assets/.htaccess: Require not allowed here
        https://bugzilla.redhat.com/show_bug.cgi?id=1403588
  [ 2 ] Bug #1425077 - Deprecated use of Slurp
        https://bugzilla.redhat.com/show_bug.cgi?id=1425077
  [ 3 ] Bug #1423283 - bugzilla: FTBFS in rawhide
        https://bugzilla.redhat.com/show_bug.cgi?id=1423283
--------------------------------------------------------------------------------


================================================================================
 cacti-1.1.2-1.fc25 (FEDORA-2017-90a0f034ad)
 An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:

- Update to 1.1.2  Release notes: http://www.cacti.net/release_notes_1_1_2.php
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1438425 - cacti-1.1.2 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1438425
--------------------------------------------------------------------------------


================================================================================
 cups-2.2.0-8.fc25 (FEDORA-2017-37931b24eb)
 CUPS printing system
--------------------------------------------------------------------------------
Update Information:

Updated cups-resolv_reload.patch
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1437065 - CUPS does not recognize changes to /etc/resolv.conf until CUPS restart
        https://bugzilla.redhat.com/show_bug.cgi?id=1437065
--------------------------------------------------------------------------------


================================================================================
 dictd-1.12.1-14.fc25 (FEDORA-2017-91c3605490)
 DICT protocol (RFC 2229) server and command-line client
--------------------------------------------------------------------------------
Update Information:

Unify SPEC file to one version for all distributions.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1116553 - Make available for EPEL-6
        https://bugzilla.redhat.com/show_bug.cgi?id=1116553
--------------------------------------------------------------------------------


================================================================================
 dkms-2.3-4.20170313git974d838.fc25 (FEDORA-2017-479d0d652a)
 Dynamic Kernel Module Support Framework
--------------------------------------------------------------------------------
Update Information:

Do not attempt to always install the "base" kernel-devel package even if the
correct variant is already installed.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1421106 - Switch from Requires kernel-devel to kernel-devel-uname-r
        https://bugzilla.redhat.com/show_bug.cgi?id=1421106
  [ 2 ] Bug #1436840 - on i386, dkms specifically requires kernel-devel and not kernel-PAE-devel
        https://bugzilla.redhat.com/show_bug.cgi?id=1436840
--------------------------------------------------------------------------------


================================================================================
 dnfdragora-1.0.0-14.git20170405.cca9412.fc25 (FEDORA-2017-790958037b)
 DNF package-manager based on libYui abstraction
--------------------------------------------------------------------------------
Update Information:

* Updated to snapshot fixing maximum recursion depth exceeded * Updated to
snapshot fixing several translations * Updated to snapshot with improved icons
and some fixed translations
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1436451 - maximum recursion depth exceeded while updating
        https://bugzilla.redhat.com/show_bug.cgi?id=1436451
--------------------------------------------------------------------------------


================================================================================
 erlang-19.3.1-1.fc25 (FEDORA-2017-9330b0c270)
 General-purpose programming language and runtime environment
--------------------------------------------------------------------------------
Update Information:

* Ver. 19.3.1
--------------------------------------------------------------------------------


================================================================================
 glibmm24-2.50.1-1.fc25 (FEDORA-2017-b8a057f824)
 C++ interface for the GLib library
--------------------------------------------------------------------------------
Update Information:

glibmm 2.50.1 release. For details, see https://mail.gnome.org/archives/ftp-
release-list/2017-April/msg00003.html
--------------------------------------------------------------------------------


================================================================================
 golang-github-calmh-du-1.0.1-1.fc25 (FEDORA-2017-9345fbbe3b)
 Disk Usage Information library for Go
--------------------------------------------------------------------------------
Update Information:

Update to version 1.0.1.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1439413 - golang-github-calmh-du-v1.0.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1439413
--------------------------------------------------------------------------------


================================================================================
 golang-github-calmh-xdr-2.0.1-1.fc25 (FEDORA-2017-39b2f0be1f)
 XDR enc/decoder for Go
--------------------------------------------------------------------------------
Update Information:

Update to version 2.0.1.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1439422 - golang-github-calmh-xdr-v2.0.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1439422
--------------------------------------------------------------------------------


================================================================================
 kompose-0.5.0-0.1.fc25 (FEDORA-2017-f75505a9f3)
 Tool to move from 'docker-compose' to Kubernetes
--------------------------------------------------------------------------------
Update Information:

Update to kompose version 0.5.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1435032 - kompose-v0.5.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1435032
--------------------------------------------------------------------------------


================================================================================
 libdrm-2.4.77-1.fc25 (FEDORA-2017-5987ec3b8a)
 Direct Rendering Manager runtime library
--------------------------------------------------------------------------------
Update Information:

Update to 2.4.77
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1438788 - libdrm-2.4.77 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1438788
--------------------------------------------------------------------------------


================================================================================
 libmediainfo-0.7.94-1.fc25 (FEDORA-2017-acf906d16f)
 Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:

Updae to last MediaInfo release.
--------------------------------------------------------------------------------


================================================================================
 libtiff-4.0.7-4.fc25 (FEDORA-2017-ab3acddd21)
 Library of functions for manipulating TIFF format image files
--------------------------------------------------------------------------------
Update Information:

Security fix for:  * **CVE-2016-10266** * **CVE-2016-10267** *
**CVE-2016-10268** * **CVE-2016-10269** * **CVE-2016-10270** *
**CVE-2016-10271** * **CVE-2016-10272**
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1438472 - CVE-2016-10266 libtiff: Divide-by-zero in tif_read.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1438472
  [ 2 ] Bug #1438458 - CVE-2016-10272 libtiff: Heap-based buffer overflow in tif_next.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1438458
  [ 3 ] Bug #1438453 - CVE-2016-10271 libtiff: Heap-based buffer overflow in tif_fax3.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1438453
  [ 4 ] Bug #1438449 - CVE-2016-10267 libtiff: Divide-by-zero in tif_ojpeg.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1438449
  [ 5 ] Bug #1438447 - CVE-2016-10268 libtiff: Integer underflow in tiffcp.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1438447
  [ 6 ] Bug #1438443 - CVE-2016-10269 libtiff: Heap-based buffer overflow in tiff_unix.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1438443
  [ 7 ] Bug #1438441 - CVE-2016-10270 libtiff: Heap-based buffer overflow in tiff_read.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1438441
--------------------------------------------------------------------------------


================================================================================
 libzen-0.4.35-1.fc25 (FEDORA-2017-acf906d16f)
 Shared library for libmediainfo and medianfo*
--------------------------------------------------------------------------------
Update Information:

Updae to last MediaInfo release.
--------------------------------------------------------------------------------


================================================================================
 lldpd-0.9.7-5.fc25 (FEDORA-2017-77fac90af3)
 ISC-licensed implementation of LLDP
--------------------------------------------------------------------------------
Update Information:

New package for the LLDP daemon
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1438853 - Review Request: lldpd - an ISC-licensed implementation of LLDP
        https://bugzilla.redhat.com/show_bug.cgi?id=1438853
--------------------------------------------------------------------------------


================================================================================
 mediainfo-0.7.94-1.fc25 (FEDORA-2017-acf906d16f)
 Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:

Updae to last MediaInfo release.
--------------------------------------------------------------------------------


================================================================================
 mod_lookup_identity-1.0.0-1.fc25 (FEDORA-2017-2bcf178aad)
 Apache module to retrieve additional information about the authenticated user
--------------------------------------------------------------------------------
Update Information:

Rebase to new upstream version 1.0.0.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1439711 - mod_lookup_identity-1.0.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1439711
--------------------------------------------------------------------------------


================================================================================
 nfs-ganesha-2.4.5-1.fc25 (FEDORA-2017-b1c73f9b1c)
 NFS-Ganesha is a NFS Server running in user space
--------------------------------------------------------------------------------
Update Information:

nfs-ganesha 2.4.5 GA
--------------------------------------------------------------------------------


================================================================================
 nfs-utils-2.1.1-3.rc1.fc25 (FEDORA-2017-2174db6c24)
 NFS utilities and supporting clients and daemons for the kernel NFS server
--------------------------------------------------------------------------------
Update Information:

Added gssproxy server config file
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1431272 - Please ship gssproxy configuration snippet with NFS server
        https://bugzilla.redhat.com/show_bug.cgi?id=1431272
--------------------------------------------------------------------------------


================================================================================
 perl-Bot-BasicBot-0.90-1.fc25 (FEDORA-2017-5919906eae)
 Simple IRC bot base class
--------------------------------------------------------------------------------
Update Information:

This release fixes setting raw_nick on chainjoin. It also updates the
documentation.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1439415 - perl-Bot-BasicBot-0.90 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1439415
--------------------------------------------------------------------------------


================================================================================
 perl-Test-Harness-3.39-1.fc25 (FEDORA-2017-61a688bf80)
 Run Perl standard test scripts with statistics
--------------------------------------------------------------------------------
Update Information:

This release fixes internal tests wheb builing on Perl without "." in @INC path.
We deliver it only to provide an up-to-date version string.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1439716 - perl-Test-Harness-3.39 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1439716
--------------------------------------------------------------------------------


================================================================================
 perl-WWW-OrangeHRM-Client-0.10.3-1.fc25 (FEDORA-2017-fa46b4c0df)
 Client for OrangeHRM
--------------------------------------------------------------------------------
Update Information:

This release fixes dispaying a time sheet status.
--------------------------------------------------------------------------------


================================================================================
 python-faker-0.7.10-1.fc25 (FEDORA-2017-9876e71eaf)
 Faker is a Python package that generates fake data for you
--------------------------------------------------------------------------------
Update Information:

Version 0.7.10 and remove huge man page
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1438776 - manpage faker.1.gz is huge
        https://bugzilla.redhat.com/show_bug.cgi?id=1438776
--------------------------------------------------------------------------------


================================================================================
 python-paho-mqtt-1.2.1-1.fc25 (FEDORA-2017-1368a69b54)
 A Python MQTT version 3.1/3.1.1 client class
--------------------------------------------------------------------------------
Update Information:

Update to new upstream version 1.2.1
--------------------------------------------------------------------------------


================================================================================
 python-websockets-3.3-1.fc25 (FEDORA-2017-d437c207c8)
 An implementation of the WebSocket Protocol for python with asyncio
--------------------------------------------------------------------------------
Update Information:

Update to 3.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1437285 - python-websockets-3.3 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1437285
--------------------------------------------------------------------------------


================================================================================
 qemu-2.7.1-5.fc25 (FEDORA-2017-96a7189749)
 QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:

Worka round hangs with recent glib (bz #1435432)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1435432 - Emulated ISA serial port hangs randomly when sending lots of data from guest -> host
        https://bugzilla.redhat.com/show_bug.cgi?id=1435432
  [ 2 ] Bug #761102 - Improve man page
        https://bugzilla.redhat.com/show_bug.cgi?id=761102
--------------------------------------------------------------------------------


================================================================================
 tigervnc-1.7.1-4.fc25 (FEDORA-2017-aa46c8d9e0)
 A TigerVNC remote display system
--------------------------------------------------------------------------------
Update Information:

Add systemd unit file for Xvnc.
--------------------------------------------------------------------------------


================================================================================
 tnef-1.4.14-1.fc25 (FEDORA-2017-cc029be02d)
 Extract files from email attachments like WINMAIL.DAT
--------------------------------------------------------------------------------
Update Information:

Release 1.4.14 includes security bug fixes introduced in 1.4.13 and a further
bug fix.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1427434 - CVE-2017-6307 CVE-2017-6308 CVE-2017-6309 CVE-2017-6310 tnef: Multiple vulnerabilities fixed in 1.4.13 [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1427434
--------------------------------------------------------------------------------


================================================================================
 tripwire-2.4.3.5-1.fc25 (FEDORA-2017-f6038624d1)
 IDS (Intrusion Detection System)
--------------------------------------------------------------------------------
Update Information:

update to 2.4.3.5
--------------------------------------------------------------------------------


================================================================================
 xen-4.7.2-5.fc25 (FEDORA-2017-054729ab08)
 Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:

Qemu: 9pfs: host memory leakage via v9fs_create [CVE-2017-7377] (#1437873) x86:
broken check in memory_exchange() permits PV guest breakout [XSA-212,
CVE-2017-7228] (#1438804)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1437871 - CVE-2017-7377 Qemu: 9pfs: host memory leakage via v9fs_create
        https://bugzilla.redhat.com/show_bug.cgi?id=1437871
  [ 2 ] Bug #1434741 - CVE-2017-7228 xsa212 xen: x86: broken check in memory_exchange() permits PV guest breakout (XSA-212)
        https://bugzilla.redhat.com/show_bug.cgi?id=1434741
--------------------------------------------------------------------------------


================================================================================
 xonotic-0.8.2-2.fc25 (FEDORA-2017-f2d32dbc45)
 Multiplayer, deathmatch oriented first person shooter
--------------------------------------------------------------------------------
Update Information:

Build dedicated server.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1203793 - xonotic-dedicated fails to build
        https://bugzilla.redhat.com/show_bug.cgi?id=1203793
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux