The following Fedora 25 Security updates need testing: Age URL 114 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cc029be02d tnef-1.4.14-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c0ef6054d7 python-django-1.9.13-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2a90185a04 php-pear-CAS-1.3.5-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6ef28e38d6 dovecot-2.2.29.1-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8dce7a3940 backintime-1.1.20-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-11ac1e31eb yara-3.5.0-7.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-80763c8c03 collectd-5.7.1-3.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-15e7445d67 libdwarf-20170416-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5261ba4605 tomcat-8.0.43-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9c6430c2e2 pcre2-10.23-6.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-34f6e70fdd libnl3-3.2.29-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-55a8f10223 libarchive-3.2.2-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f40aa3d64 ansible-2.3.0.0-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe6e14dcf9 community-mysql-5.7.18-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-31c64a0bbf firefox-53.0-2.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4efaae68fe thunderbird-52.0-2.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3c25dd541a livecd-tools-24.3-2.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-19451b76d6 highlight-3.36-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0bc9e0eb4e kernel-4.10.11-200.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-34f6e70fdd libnl3-3.2.29-3.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9c6430c2e2 pcre2-10.23-6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-31c64a0bbf firefox-53.0-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1e88f6d54e pyOpenSSL-16.2.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fab97376e7 xorg-x11-drv-nouveau-1.0.14-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-949b43e75b gdb-7.12.1-48.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5ed5539420 koji-1.12.0-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0af0456dcc selinux-policy-3.13.1-225.13.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8086405c6f audit-2.7.6-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4c85c68d16 koji-1.12.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-55a8f10223 libarchive-3.2.2-2.fc25 The following builds have been pushed to Fedora 25 updates-testing ansible-2.3.0.0-3.fc25 batik-1.8-8.fc25 community-mysql-5.7.18-2.fc25 firefox-53.0-2.fc25 gdb-7.12.1-48.fc25 gnome-documents-3.22.3-1.fc25 ibus-libpinyin-1.9.0-1.fc25 koji-1.12.0-2.fc25 libimagequant-2.9.1-1.fc25 libpinyin-2.0.0-1.fc25 lumina-desktop-1.2.0-2.p1.Ld700dea.fc25 mate-icon-theme-1.16.2-1.fc25 nodejs-emojione-2.2.7-3.fc25 nvme-cli-1.2-2.fc25 pngquant-2.9.1-1.fc25 pyOpenSSL-16.2.0-1.fc25 python-libcloud-2.0.0rc2-1.fc25 rubygem-unf_ext-0.0.7.4-1.fc25 selinux-policy-3.13.1-225.13.fc25 squidGuard-1.4-28.fc25 xorg-x11-drv-nouveau-1.0.14-2.fc25 Details about builds: ================================================================================ ansible-2.3.0.0-3.fc25 (FEDORA-2017-3f40aa3d64) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Backport fix for https://github.com/ansible/ansible/issues/22572 ---- Many bugfixes and improvements. See https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of changes. rst and html docs have been split out into a ansible-docs subpackage. Includes fix for CVE-2017-7466 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1441355 - CVE-2017-7466 ansible: Arbitrary code execution on control node (incomplete fix for CVE-2016-9587) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1441355 -------------------------------------------------------------------------------- ================================================================================ batik-1.8-8.fc25 (FEDORA-2017-9532333e56) Scalable Vector Graphics for Java -------------------------------------------------------------------------------- Update Information: Add missing requires on xmlgraphics-commons -------------------------------------------------------------------------------- References: [ 1 ] Bug #1443567 - missing Requires: xmlgraphics-commons in squiggle and rasterizer subpackage https://bugzilla.redhat.com/show_bug.cgi?id=1443567 -------------------------------------------------------------------------------- ================================================================================ community-mysql-5.7.18-2.fc25 (FEDORA-2017-fe6e14dcf9) MySQL client programs and shared libraries -------------------------------------------------------------------------------- Update Information: Update to 5.7.18 CVEs fixed by this update can be found here: http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1414386 - CVE-2017-3265 community-mysql: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1414386 [ 2 ] Bug #1443407 - CVE-2017-3308 CVE-2017-3309 CVE-2017-3329 CVE-2017-3450 CVE-2017-3453 CVE-2017-3456 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3599 CVE-2017-3600 community-mysql: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1443407 [ 3 ] Bug #1441001 - community-mysql-5.7.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1441001 -------------------------------------------------------------------------------- ================================================================================ firefox-53.0-2.fc25 (FEDORA-2017-31c64a0bbf) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - update to latest upstream (53.0) -------------------------------------------------------------------------------- ================================================================================ gdb-7.12.1-48.fc25 (FEDORA-2017-949b43e75b) A stub package for GNU source-level debugger -------------------------------------------------------------------------------- Update Information: Fix reported gdb-vla-intel-stringbt-fix.patch regression (SuSE). -------------------------------------------------------------------------------- ================================================================================ gnome-documents-3.22.3-1.fc25 (FEDORA-2017-b1fe55aca9) A document manager application for GNOME -------------------------------------------------------------------------------- Update Information: * Make sure that load jobs are cancelled * Don't leak the URI when thumbnailing -------------------------------------------------------------------------------- ================================================================================ ibus-libpinyin-1.9.0-1.fc25 (FEDORA-2017-b138d8ad6b) Intelligent Pinyin engine based on libpinyin for IBus -------------------------------------------------------------------------------- Update Information: new upstream release. -------------------------------------------------------------------------------- ================================================================================ koji-1.12.0-2.fc25 (FEDORA-2017-5ed5539420) Build system tools -------------------------------------------------------------------------------- Update Information: update to upstream 1.12.0, add bugfix -------------------------------------------------------------------------------- ================================================================================ libimagequant-2.9.1-1.fc25 (FEDORA-2017-b3a6b7e404) Palette quantization library -------------------------------------------------------------------------------- Update Information: update to pngquant-2.9.1 and libimagequant-2.9.1 -------------------------------------------------------------------------------- ================================================================================ libpinyin-2.0.0-1.fc25 (FEDORA-2017-b138d8ad6b) Library to deal with pinyin -------------------------------------------------------------------------------- Update Information: new upstream release. -------------------------------------------------------------------------------- ================================================================================ lumina-desktop-1.2.0-2.p1.Ld700dea.fc25 (FEDORA-2017-3660d45953) A lightweight, portable desktop environment -------------------------------------------------------------------------------- Update Information: fix dependency to filesystem subpackage, it is noarch -------------------------------------------------------------------------------- ================================================================================ mate-icon-theme-1.16.2-1.fc25 (FEDORA-2017-a53d36cc38) Icon theme for MATE Desktop -------------------------------------------------------------------------------- Update Information: - update to new upstream release - fix some broken flags -------------------------------------------------------------------------------- ================================================================================ nodejs-emojione-2.2.7-3.fc25 (FEDORA-2017-f030165dc0) EmojiOne is a complete set of emojis designed for the web -------------------------------------------------------------------------------- Update Information: package.js* are now moved from base package to json package. -------------------------------------------------------------------------------- ================================================================================ nvme-cli-1.2-2.fc25 (FEDORA-2017-36903e3d1a) NVMe management command line interface -------------------------------------------------------------------------------- Update Information: Update to 1.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1433163 - nvme-cli-1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1433163 -------------------------------------------------------------------------------- ================================================================================ pngquant-2.9.1-1.fc25 (FEDORA-2017-b3a6b7e404) PNG quantization tool for reducing image file size -------------------------------------------------------------------------------- Update Information: update to pngquant-2.9.1 and libimagequant-2.9.1 -------------------------------------------------------------------------------- ================================================================================ pyOpenSSL-16.2.0-1.fc25 (FEDORA-2017-1e88f6d54e) Python wrapper module around the OpenSSL library -------------------------------------------------------------------------------- Update Information: Update to latest upstream version with bug fixes and enhancements. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442554 - Regression in get_signature_algorithm() https://bugzilla.redhat.com/show_bug.cgi?id=1442554 -------------------------------------------------------------------------------- ================================================================================ python-libcloud-2.0.0rc2-1.fc25 (FEDORA-2017-86830481b2) A Python library to address multiple cloud provider APIs -------------------------------------------------------------------------------- Update Information: Apache Libcloud version 2.0.0rc2 upgrade -------------------------------------------------------------------------------- ================================================================================ rubygem-unf_ext-0.0.7.4-1.fc25 (FEDORA-2017-f2fe458e0f) Unicode Normalization Form support library for CRuby -------------------------------------------------------------------------------- Update Information: New version 0.0.7.4 is released. -------------------------------------------------------------------------------- ================================================================================ selinux-policy-3.13.1-225.13.fc25 (FEDORA-2017-0af0456dcc) SELinux policy configuration -------------------------------------------------------------------------------- Update Information: More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=881140 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1402381 - denied { connectto } comm="ods-signer" path="/run/opendnssec/engine.sock" https://bugzilla.redhat.com/show_bug.cgi?id=1402381 [ 2 ] Bug #1442571 - SELinux is preventing umount from 'open' accesses on the file /run/mount/utab. https://bugzilla.redhat.com/show_bug.cgi?id=1442571 [ 3 ] Bug #1442443 - SELinux prevents Lirc from writing to /sys/ https://bugzilla.redhat.com/show_bug.cgi?id=1442443 [ 4 ] Bug #1436830 - SELinux is preventing hdparm from 'ioctl' accesses on the blk_file /dev/sr0. https://bugzilla.redhat.com/show_bug.cgi?id=1436830 [ 5 ] Bug #1430963 - rpc.gssd fails to call into gssproxy https://bugzilla.redhat.com/show_bug.cgi?id=1430963 [ 6 ] Bug #1426953 - None https://bugzilla.redhat.com/show_bug.cgi?id=1426953 [ 7 ] Bug #1385090 - SELinux is preventing gnome-shell from 'getattr' accesses on the chr_file /dev/loop-control. https://bugzilla.redhat.com/show_bug.cgi?id=1385090 -------------------------------------------------------------------------------- ================================================================================ squidGuard-1.4-28.fc25 (FEDORA-2017-2cacf8847a) Filter, redirector and access controller plugin for squid -------------------------------------------------------------------------------- Update Information: Maintenance changes only: - Helper protocol patch (bug #1443273, bug #1418267) - Fix logrotate configuration (bug #1394601) - Fix typo in transparent- proxying.service -------------------------------------------------------------------------------- References: [ 1 ] Bug #1443273 - squidGuard does not work with current squid in F25 (and probably other versions) https://bugzilla.redhat.com/show_bug.cgi?id=1443273 [ 2 ] Bug #1418267 - UPGRADE WARNING from squid "url rewriter responded with garbage" https://bugzilla.redhat.com/show_bug.cgi?id=1418267 [ 3 ] Bug #1394601 - squidGuard logrotate config uses wildcard incorrectly https://bugzilla.redhat.com/show_bug.cgi?id=1394601 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-nouveau-1.0.14-2.fc25 (FEDORA-2017-fab97376e7) Xorg X11 nouveau video driver for NVIDIA graphics chipsets -------------------------------------------------------------------------------- Update Information: Fixes crashing that resulted from the 1.0.14-1 update. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
