The following Fedora 25 Security updates need testing: Age URL 142 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 41 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 21 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f85c37ae3d squirrelmail-1.4.22-19.fc25 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d625a8d2b lynis-2.5.0-1.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-58170ecb09 jbig2dec-0.12-4.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9699cf7eac mupdf-1.10a-6.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2cc18e2b3b smb4k-1.2.2-3.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cc606f1001 chicken-4.12.0-2.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-410749716d FlightGear-2016.3.1-4.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-40a6d19c7b FlightCrew-0.9.1-7.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-466d902289 kernel-4.10.16-200.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dc7ce3b314 chromium-58.0.3029.110-2.fc25 chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d968f5a95f wordpress-4.7.5-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0e08170fd3 libvncserver-0.9.11-2.fc25.1 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4cc8d795e0 moodle-3.1.6-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-44d0e642a4 libtirpc-1.0.1-4.rc3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9788d934f2 cinnamon-settings-daemon-3.4.0-4.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9ecf41f097 python-productmd-1.7-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6d5aa85fd7 livecd-tools-24.4-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-41124b7b1d qt5-qtbase-5.7.1-16.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e504c7cb8f nss-3.30.2-1.1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-116fdd792f pungi-4.1.15-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6a5530c175 gtk3-3.22.15-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9a20533d62 selinux-policy-3.13.1-225.16.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5a57c23040 glusterfs-3.10.2-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b8d8e95f8a tigervnc-1.8.0-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f18713a47e storaged-2.6.2-4.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-466d902289 kernel-4.10.16-200.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-67ac32a9fe firefox-53.0.2-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab09ad63d3 xorg-x11-drv-libinput-0.23.0-4.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8fe75bcfd1 fedora-repos-25-4 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1bee89e5f2 fedora-release-25-2 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bf36a5ebd6 ostree-2017.6-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9e64a52f34 gssproxy-0.7.0-7.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-44d0e642a4 libtirpc-1.0.1-4.rc3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9f5895b99c acl-2.2.52-12.fc25 The following builds have been pushed to Fedora 25 updates-testing LuxRender-1.6-14.fc25 acl-2.2.52-12.fc25 appcenter-0.2-1.fc25 assimp-3.3.1-8.fc25 cinnamon-settings-daemon-3.4.0-4.fc25 cppcheck-1.79-1.fc25 embree-2.16.0-1.fc25 erlang-rpm-macros-0.2.5-1.fc25 fedora-release-25-2 fedora-repos-25-4 firefox-53.0.2-5.fc25 freeipa-4.4.4-2.fc25 golang-github-mitchellh-cli-0-0.1.git8102d0e.fc25 golang-github-xtaci-kcp-go-3.15-1.20170517.git2fd1e3d.fc25 gssproxy-0.7.0-7.fc25 ipv6gen-1.0-1.fc25 libtirpc-1.0.1-4.rc3.fc25 libvncserver-0.9.11-2.fc25.1 lightdm-settings-1.0.7-2.fc25 mc-4.8.19-5.fc25 moodle-3.1.6-1.fc25 ostree-2017.6-2.fc25 python-avocado-50.0-1.fc25 python-cassandra-driver-3.9.0-3.fc25 python-texttable-0.9.0-1.fc25 systemtap-3.1-5.fc25 xorg-x11-drv-libinput-0.23.0-4.fc25 xrdp-0.9.2-12.fc25 Details about builds: ================================================================================ LuxRender-1.6-14.fc25 (FEDORA-2017-4e21ba7652) Lux Renderer, an unbiased rendering system -------------------------------------------------------------------------------- Update Information: New upstream update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1434810 - embree-2.16.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1434810 -------------------------------------------------------------------------------- ================================================================================ acl-2.2.52-12.fc25 (FEDORA-2017-9f5895b99c) Access control list utilities -------------------------------------------------------------------------------- Update Information: - fix spurious acl_check() failure on setfacl --restore (#1451826) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451826 - "setfacl --restore" fails due to use of uninitialized memory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1451826 -------------------------------------------------------------------------------- ================================================================================ appcenter-0.2-1.fc25 (FEDORA-2017-c431d6d8db) Software Center for the Pantheon desktop -------------------------------------------------------------------------------- Update Information: Update to version 0.2. More information at: https://launchpad.net/appcenter/loki/0.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451941 - appcenter-0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1451941 -------------------------------------------------------------------------------- ================================================================================ assimp-3.3.1-8.fc25 (FEDORA-2017-19a8ab1e3b) Library to import various 3D model formats into applications -------------------------------------------------------------------------------- Update Information: Fix pkgconfig directory prefix issues -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451859 - assimp broken - bad pkgconfig file https://bugzilla.redhat.com/show_bug.cgi?id=1451859 -------------------------------------------------------------------------------- ================================================================================ cinnamon-settings-daemon-3.4.0-4.fc25 (FEDORA-2017-9788d934f2) The daemon sharing settings from CINNAMON to GTK+/KDE applications -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276641 - cinnamon-settings-daemon: csd-datetime does not authorize users [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1276641 [ 2 ] Bug #1452054 - [abrt] cinnamon-settings-daemon: _g_log_abort(): csd-keyboard killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1452054 [ 3 ] Bug #1448716 - [abrt] cinnamon-settings-daemon: up_exported_daemon_get_lid_is_closed(): cinnamon-settings-daemon killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1448716 [ 4 ] Bug #1409106 - [abrt] cinnamon-settings-daemon: gnome_rr_config_load_current(): cinnamon-settings-daemon killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1409106 [ 5 ] Bug #1369406 - [abrt] cinnamon-settings-daemon: _g_log_abort(): cinnamon-settings-daemon killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1369406 [ 6 ] Bug #1364686 - [abrt] cinnamon-settings-daemon: XPending(): csd-locate-pointer killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1364686 [ 7 ] Bug #1352451 - [abrt] cinnamon-settings-daemon: _g_log_abort(): csd-locate-pointer killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1352451 [ 8 ] Bug #1286360 - [abrt] cinnamon-settings-daemon: cd_device_dbus_properties_changed_cb(): cinnamon-settings-daemon killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1286360 -------------------------------------------------------------------------------- ================================================================================ cppcheck-1.79-1.fc25 (FEDORA-2017-d891f317df) Tool for static C/C++ code analysis -------------------------------------------------------------------------------- Update Information: Update to 1.79. The configuration files are now found again. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1427788 - cppcheck-gui can't find std.cfg installed with the package https://bugzilla.redhat.com/show_bug.cgi?id=1427788 [ 2 ] Bug #1438165 - cppcheck-1.79 is available https://bugzilla.redhat.com/show_bug.cgi?id=1438165 -------------------------------------------------------------------------------- ================================================================================ embree-2.16.0-1.fc25 (FEDORA-2017-4e21ba7652) Collection of high-performance ray tracing kernels developed at Intel -------------------------------------------------------------------------------- Update Information: New upstream update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1434810 - embree-2.16.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1434810 -------------------------------------------------------------------------------- ================================================================================ erlang-rpm-macros-0.2.5-1.fc25 (FEDORA-2017-a3452f339c) Macros for simplifying building of Erlang packages -------------------------------------------------------------------------------- Update Information: * Ver. 0.2.5 -------------------------------------------------------------------------------- ================================================================================ fedora-release-25-2 (FEDORA-2017-1bee89e5f2) Fedora release files -------------------------------------------------------------------------------- Update Information: Fixes Bug #145458 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451458 - systemd presets request - ostree-remount https://bugzilla.redhat.com/show_bug.cgi?id=1451458 -------------------------------------------------------------------------------- ================================================================================ fedora-repos-25-4 (FEDORA-2017-8fe75bcfd1) Fedora package repositories -------------------------------------------------------------------------------- Update Information: Adding Fedora Modular key and fedora-14 secondary arch key -------------------------------------------------------------------------------- ================================================================================ firefox-53.0.2-5.fc25 (FEDORA-2017-67ac32a9fe) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - Fixed Arm builds -------------------------------------------------------------------------------- ================================================================================ freeipa-4.4.4-2.fc25 (FEDORA-2017-8dbc509682) The Identity, Policy and Audit system -------------------------------------------------------------------------------- Update Information: - Fixes #1405814 ipa plugins: ERROR an internal error occured - Also fixes these BZs reported for F26, but also present in F25: - Fixes #1446744 python2-ipaclient subpackage does not own /usr/lib/python2.7/site- packages/ipaclient/plugins - Fixes #1440525 surplus 'the' in output of `ipa- adtrust-install` -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405814 - ipa plugins: ERROR an internal error occured. https://bugzilla.redhat.com/show_bug.cgi?id=1405814 -------------------------------------------------------------------------------- ================================================================================ golang-github-mitchellh-cli-0-0.1.git8102d0e.fc25 (FEDORA-2017-a52932d849) Go library for implementing command-line interfaces -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1060502 - Review Request: golang-github-mitchellh-cli - A library for implementing powerful command-line interfaces in Go https://bugzilla.redhat.com/show_bug.cgi?id=1060502 -------------------------------------------------------------------------------- ================================================================================ golang-github-xtaci-kcp-go-3.15-1.20170517.git2fd1e3d.fc25 (FEDORA-2017-55a467330b) Production-Grade Reliable-UDP Library for golang -------------------------------------------------------------------------------- Update Information: Initial package for fedora. This is one of the dependencies of syncthing. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1438089 - Review Request: golang-github-xtaci-kcp-go - Production-Grade Reliable-UDP Library for golang https://bugzilla.redhat.com/show_bug.cgi?id=1438089 -------------------------------------------------------------------------------- ================================================================================ gssproxy-0.7.0-7.fc25 (FEDORA-2017-9e64a52f34) GSSAPI Proxy -------------------------------------------------------------------------------- Update Information: * Handle upgrading broken systems without nfs-utils. * Fix segfault when no gssproxy config files are present. * Ported to gcc7. -------------------------------------------------------------------------------- ================================================================================ ipv6gen-1.0-1.fc25 (FEDORA-2017-58aa0ec7e7) IPv6 prefix generator -------------------------------------------------------------------------------- Update Information: This update introduces the ipv6gen and check-overlap utilities for working with IPv6 prefixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451156 - Review Request: ipv6gen - IPv6 prefix generator https://bugzilla.redhat.com/show_bug.cgi?id=1451156 -------------------------------------------------------------------------------- ================================================================================ libtirpc-1.0.1-4.rc3.fc25 (FEDORA-2017-44d0e642a4) Transport Independent RPC Library -------------------------------------------------------------------------------- Update Information: Fix for CVE-2017-8779 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1448127 - CVE-2017-8779 libtirpc: rpcbind: Unbounded maximum RPC data size during memory allocation for XDR strings [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1448127 -------------------------------------------------------------------------------- ================================================================================ libvncserver-0.9.11-2.fc25.1 (FEDORA-2017-0e08170fd3) Library to make writing a VNC server easy -------------------------------------------------------------------------------- Update Information: Update to latest stable release, include fixes for gnutls and gtk-vnc compatibility. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1410168 - CVE-2016-9942 libvncserver: Heap-based buffer overflow in ultra.c https://bugzilla.redhat.com/show_bug.cgi?id=1410168 [ 2 ] Bug #1410166 - CVE-2016-9941 libvncserver: Heap-based buffer overflow in rfbproto.c https://bugzilla.redhat.com/show_bug.cgi?id=1410166 -------------------------------------------------------------------------------- ================================================================================ lightdm-settings-1.0.7-2.fc25 (FEDORA-2017-61cc79a169) Configuration tool for the LightDM display manager -------------------------------------------------------------------------------- Update Information: * New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451532 - lightdm-settings-1.0.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1451532 -------------------------------------------------------------------------------- ================================================================================ mc-4.8.19-5.fc25 (FEDORA-2017-1b5ff551e7) User-friendly text console file manager and visual shell -------------------------------------------------------------------------------- Update Information: Patch correction. ---- Patch for tmpdir and wrapper scripts. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1433602 - Extends TMPDIR_DEFAULT to mc-wrapper scripts - exit to CWD https://bugzilla.redhat.com/show_bug.cgi?id=1433602 -------------------------------------------------------------------------------- ================================================================================ moodle-3.1.6-1.fc25 (FEDORA-2017-4cc8d795e0) A Course Management System -------------------------------------------------------------------------------- Update Information: Fix for multiple CVEs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1451671 - CVE-2017-7489 CVE-2017-7490 CVE-2017-7491 moodle: Multiple security vulnerabilities [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1451671 -------------------------------------------------------------------------------- ================================================================================ ostree-2017.6-2.fc25 (FEDORA-2017-bf36a5ebd6) Tool for managing bootable, immutable filesystem trees -------------------------------------------------------------------------------- Update Information: New upstream version. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1436750 - 'ostree admin unlock' mounts an overlay with the incorrect SELinux label https://bugzilla.redhat.com/show_bug.cgi?id=1436750 -------------------------------------------------------------------------------- ================================================================================ python-avocado-50.0-1.fc25 (FEDORA-2017-e01433a14a) Framework with tools and libraries for Automated Testing -------------------------------------------------------------------------------- Update Information: Sync python-avocado with latest upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431413 - python-avocado-50.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1431413 -------------------------------------------------------------------------------- ================================================================================ python-cassandra-driver-3.9.0-3.fc25 (FEDORA-2017-37e979d098) Python driver for Apache Cassandra -------------------------------------------------------------------------------- Update Information: Skip only specific tests on centrain unsupported platforms -------------------------------------------------------------------------------- ================================================================================ python-texttable-0.9.0-1.fc25 (FEDORA-2017-eaaaf0b30d) Python module to generate a formatted text table, using ASCII characters -------------------------------------------------------------------------------- Update Information: * [proper handling of unicode in headers](https://github.com/foutaise/texttable/ commit/383fd51ca21c8b486f62efe27d7e2274021537b3) * [refactor handling of text ty pes](https://github.com/foutaise/texttable/commit/33fe600184aa71be9f4f1a73e0ebe4 d87fbbd7be) * [add east asian multibyte support](https://github.com/foutaise/tex ttable/commit/02bfc75e63e5ec6c6b96c349a8e16182fa4b04d0) * [Relative col widths]( https://github.com/foutaise/texttable/commit/1b3924895e8dc310b058177b2517fdaf393 13f00) * [improve cells width to fit max_width parameter](https://github.com/fou taise/texttable/commit/fe64d4cb4e291509ed0e033b740aa8daad755be5) * [simplify _draw_line method](https://github.com/foutaise/texttable/commit/34adf7b4cac69569 762285cc4aff57584a49f977) -------------------------------------------------------------------------------- ================================================================================ systemtap-3.1-5.fc25 (FEDORA-2017-faafa4bdf6) Programmable system-wide instrumentation system -------------------------------------------------------------------------------- Update Information: Build with dsmith's bz1448099 patches for support of kernel 4.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450193 - stap is non functional on f26 https://bugzilla.redhat.com/show_bug.cgi?id=1450193 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-libinput-0.23.0-4.fc25 (FEDORA-2017-ab09ad63d3) Xorg X11 libinput input driver -------------------------------------------------------------------------------- Update Information: Add a new option to provide a workaround for the slow pointer movement on hidpi screens -------------------------------------------------------------------------------- References: [ 1 ] Bug #1413306 - Pointer speed on some Dell laptops (XPS 13, Precision 5510...) too slow with recent libinput (inc. 1.6) https://bugzilla.redhat.com/show_bug.cgi?id=1413306 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.9.2-12.fc25 (FEDORA-2017-8918ebf522) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: Document problems/workaround with clipboard support in TigerVNC 1.8.0. ---- Allow parameters in ini files to contain equal characters in values. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
