The following Fedora 25 Security updates need testing: Age URL 139 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 38 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 18 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f85c37ae3d squirrelmail-1.4.22-19.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d625a8d2b lynis-2.5.0-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-58170ecb09 jbig2dec-0.12-4.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9699cf7eac mupdf-1.10a-6.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2cc18e2b3b smb4k-1.2.2-3.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cfc20d5d45 jasper-1.900.13-4.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a8f4562bf5 postgresql-9.5.7-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cc606f1001 chicken-4.12.0-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7fc53a671f deluge-1.3.15-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6950ea5d05 pcmanfm-1.2.5-2.fc25 menu-cache-1.0.2-4.D20170514git56f6668459.fc25 lxterminal-0.3.0-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-410749716d FlightGear-2016.3.1-4.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9ecf41f097 python-productmd-1.7-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6d5aa85fd7 livecd-tools-24.4-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f30fb666b2 python-beautifulsoup4-4.6.0-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-41124b7b1d qt5-qtbase-5.7.1-16.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cfc20d5d45 jasper-1.900.13-4.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01d88d3c06 ipxe-20161108-1.gitb991c67.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e504c7cb8f nss-3.30.2-1.1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-116fdd792f pungi-4.1.15-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6a5530c175 gtk3-3.22.15-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6950ea5d05 pcmanfm-1.2.5-2.fc25 menu-cache-1.0.2-4.D20170514git56f6668459.fc25 lxterminal-0.3.0-3.fc25 The following builds have been pushed to Fedora 25 updates-testing FlightGear-2016.3.1-4.fc25 aisleriot-3.22.2-1.fc25 gtk3-3.22.15-1.fc25 gucharmap-9.0.4-1.fc25 hitori-3.22.3-1.fc25 lightdm-settings-1.0.5-1.fc25 lxterminal-0.3.0-3.fc25 magic-8.1.166-1.fc25 mapserver-7.0.5-1.git208bb3a.fc25 menu-cache-1.0.2-4.D20170514git56f6668459.fc25 mint-x-icons-1.4.2-4.fc25 pcmanfm-1.2.5-2.fc25 perl-Devel-PPPort-3.36-1.fc25 perl-IPC-Cmd-0.98-1.fc25 perl-Inline-C-0.77-1.fc25 perl-Net-HTTP-6.15-1.fc25 php-egulias-email-validator-1.2.13-3.fc25 php-gitter-0.3.0-8.fc25 php-gliph-0.1.8-7.fc25 php-guzzlehttp-guzzle-5.3.1-3.fc25 php-guzzlehttp-ringphp-1.1.0-9.fc25 php-guzzlehttp-streams-3.0.0-9.fc25 php-pecl-xdebug-2.5.4-1.fc25 puzzle-master-2.5.3-1.fc25 qmapshack-1.8.1-1.fc25 xfce4-terminal-0.8.5.1-1.fc25 Details about builds: ================================================================================ FlightGear-2016.3.1-4.fc25 (FEDORA-2017-410749716d) The FlightGear Flight Simulator -------------------------------------------------------------------------------- Update Information: This updates fixes a security bug in the route manager, to prevent it from overwriting arbitrary files (CVE-2017-8921) -------------------------------------------------------------------------------- ================================================================================ aisleriot-3.22.2-1.fc25 (FEDORA-2017-aeb21d856e) A collection of card games -------------------------------------------------------------------------------- Update Information: aisleriot 3.22.2 release with translation updates. -------------------------------------------------------------------------------- ================================================================================ gtk3-3.22.15-1.fc25 (FEDORA-2017-6a5530c175) The GIMP ToolKit (GTK+), a library for creating GUIs for X -------------------------------------------------------------------------------- Update Information: gtk+ 3.22.15 release. For details, see: * https://mail.gnome.org/archives/ftp- release-list/2017-May/msg00043.html * https://mail.gnome.org/archives/ftp- release-list/2017-May/msg00050.html * https://mail.gnome.org/archives/ftp- release-list/2017-May/msg00057.html -------------------------------------------------------------------------------- ================================================================================ gucharmap-9.0.4-1.fc25 (FEDORA-2017-5797b99c30) Unicode character picker and font browser -------------------------------------------------------------------------------- Update Information: gucharmap 9.0.4 release with translation updates. -------------------------------------------------------------------------------- ================================================================================ hitori-3.22.3-1.fc25 (FEDORA-2017-828196431e) Logic puzzle game for GNOME -------------------------------------------------------------------------------- Update Information: hitori 3.22.3 release. For details, see https://mail.gnome.org/archives/ftp- release-list/2017-April/msg00214.html -------------------------------------------------------------------------------- ================================================================================ lightdm-settings-1.0.5-1.fc25 (FEDORA-2017-c30d8a502c) Configuration tool for the LightDM display manager -------------------------------------------------------------------------------- Update Information: * New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450706 - lightdm-settings-1.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450706 -------------------------------------------------------------------------------- ================================================================================ lxterminal-0.3.0-3.fc25 (FEDORA-2017-6950ea5d05) Desktop-independent VTE-based terminal emulator -------------------------------------------------------------------------------- Update Information: A potential security flaw is found on LXDE products, which create socket under /tmp with some predictable names, which may leads to DOS. The security flow on lxterminal is now assigned as CVE-2016-10369. Some other components also had similar issues. These new rpms should fix these issues. At least relogin is required to make this fix effect. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1449114 - CVE-2016-10369 lxterminal: Insecure use of /tmp for a socket file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1449114 -------------------------------------------------------------------------------- ================================================================================ magic-8.1.166-1.fc25 (FEDORA-2017-5187753978) A very capable VLSI layout tool -------------------------------------------------------------------------------- Update Information: New version 8.1.166 is released. -------------------------------------------------------------------------------- ================================================================================ mapserver-7.0.5-1.git208bb3a.fc25 (FEDORA-2017-d4df066361) Environment for building spatially-enabled internet applications -------------------------------------------------------------------------------- Update Information: Update to 7.0.5 -------------------------------------------------------------------------------- ================================================================================ menu-cache-1.0.2-4.D20170514git56f6668459.fc25 (FEDORA-2017-6950ea5d05) Caching mechanism for freedesktop.org compliant menus -------------------------------------------------------------------------------- Update Information: A potential security flaw is found on LXDE products, which create socket under /tmp with some predictable names, which may leads to DOS. The security flow on lxterminal is now assigned as CVE-2016-10369. Some other components also had similar issues. These new rpms should fix these issues. At least relogin is required to make this fix effect. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1449114 - CVE-2016-10369 lxterminal: Insecure use of /tmp for a socket file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1449114 -------------------------------------------------------------------------------- ================================================================================ mint-x-icons-1.4.2-4.fc25 (FEDORA-2017-49a9e8e245) Icon theme for Linux Mint -------------------------------------------------------------------------------- Update Information: Fix wifi icons -------------------------------------------------------------------------------- ================================================================================ pcmanfm-1.2.5-2.fc25 (FEDORA-2017-6950ea5d05) Extremly fast and lightweight file manager -------------------------------------------------------------------------------- Update Information: A potential security flaw is found on LXDE products, which create socket under /tmp with some predictable names, which may leads to DOS. The security flow on lxterminal is now assigned as CVE-2016-10369. Some other components also had similar issues. These new rpms should fix these issues. At least relogin is required to make this fix effect. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1449114 - CVE-2016-10369 lxterminal: Insecure use of /tmp for a socket file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1449114 -------------------------------------------------------------------------------- ================================================================================ perl-Devel-PPPort-3.36-1.fc25 (FEDORA-2017-d728c1dcb3) Perl Pollution Portability header generator -------------------------------------------------------------------------------- Update Information: This release fixes building on Perl without "." in @INC path. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450650 - perl-Devel-PPPort-3.36 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450650 -------------------------------------------------------------------------------- ================================================================================ perl-IPC-Cmd-0.98-1.fc25 (FEDORA-2017-64d82d382c) Finding and running system commands made easy -------------------------------------------------------------------------------- Update Information: This release fixes can_run() test not to search working directory. It also adds wait_loop_callback for run_forked(). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450538 - perl-IPC-Cmd-0.98 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450538 -------------------------------------------------------------------------------- ================================================================================ perl-Inline-C-0.77-1.fc25 (FEDORA-2017-06e6373ea2) Write Perl subroutines in C -------------------------------------------------------------------------------- Update Information: This release fixes tests and updates documentation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450537 - perl-Inline-C-0.77 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450537 -------------------------------------------------------------------------------- ================================================================================ perl-Net-HTTP-6.15-1.fc25 (FEDORA-2017-fd9aa2b5d0) Low-level HTTP connection (client) -------------------------------------------------------------------------------- Update Information: This release fixes a test. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450543 - perl-Net-HTTP-6.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450543 -------------------------------------------------------------------------------- ================================================================================ php-egulias-email-validator-1.2.13-3.fc25 (FEDORA-2017-b1ebeb526b) A library for validating emails -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-gitter-0.3.0-8.fc25 (FEDORA-2017-b1ebeb526b) Object oriented interaction with Git repositories -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-gliph-0.1.8-7.fc25 (FEDORA-2017-b1ebeb526b) A graph library for PHP -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-guzzle-5.3.1-3.fc25 (FEDORA-2017-b1ebeb526b) PHP HTTP client and webservice framework -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-ringphp-1.1.0-9.fc25 (FEDORA-2017-b1ebeb526b) Simple handler system used to power clients and servers in PHP -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-streams-3.0.0-9.fc25 (FEDORA-2017-b1ebeb526b) Provides a simple abstraction over streams of data -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-pecl-xdebug-2.5.4-1.fc25 (FEDORA-2017-da9b8c1a42) PECL package for debugging PHP scripts -------------------------------------------------------------------------------- Update Information: ** Xdebug 2.5.4** - 2017-05-15 * Fixed bug #799: Function traces report base class instead of object name * Fixed bug #1421: Fix set_time_limit hanging on PHP 5.6 when pcntl_exec does not exist (Frode E. Moe) * Fixed bug #1429: Code coverage does not cover null coalesce * Fixed bug #1434: Code coverage segfaults on 32-bit arch -------------------------------------------------------------------------------- ================================================================================ puzzle-master-2.5.3-1.fc25 (FEDORA-2017-db507bd924) Fun jigsaw puzzle game -------------------------------------------------------------------------------- Update Information: Use new upstream release v2.5.3 -------------------------------------------------------------------------------- ================================================================================ qmapshack-1.8.1-1.fc25 (FEDORA-2017-689420e0e2) GPS mapping and management tool -------------------------------------------------------------------------------- Update Information: - updated to 1.8.1 - https://bitbucket.org/maproom/qmapshack/raw/87b93cd14edc78c 57da70b66b33b013965d6dfe2/changelog.txt -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450653 - qmapshack-1.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450653 -------------------------------------------------------------------------------- ================================================================================ xfce4-terminal-0.8.5.1-1.fc25 (FEDORA-2017-3d226f0c56) Terminal Emulator for the Xfce Desktop environment -------------------------------------------------------------------------------- Update Information: - Update to 0.8.5.1 - lots of bug fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431694 - [abrt] xfce4-terminal: _vte_table_free(): xfce4-terminal killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1431694 [ 2 ] Bug #1353342 - xfce4-terminal disappears on remote display when monitor goes into energy saving mode https://bugzilla.redhat.com/show_bug.cgi?id=1353342 [ 3 ] Bug #1349050 - [abrt] xfce4-terminal: _g_log_abort(): xfce4-terminal killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1349050 [ 4 ] Bug #1427164 - [abrt] xfce4-terminal: rawmemchr(): xfce4-terminal killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1427164 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
