The following Fedora 25 Security updates need testing: Age URL 156 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 54 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a3c7d077c7 perltidy-20170521-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8e9bd58cbb dropbear-2017.75-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c7c3f7ed26 libtasn1-4.12-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ac7fc2fd8c picocom-2.2-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-926e11c76e yara-3.6.0-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-60997f0d14 oniguruma-6.1.3-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2113aacd2 mosquitto-1.4.12-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e698bba980 freeradius-3.0.14-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-690eedcf41 poppler-0.45.0-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5e28afa2dd dolphin-emu-5.0-14.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0ee7b8dd2a mingw-poppler-0.45.0-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-22f1a8404e wget-1.18-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-54580efa82 sudo-1.8.20p2-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd42592f9a perl-File-Path-2.12-366.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1a705b1ff4 libtiff-4.0.8-1.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6dcf888128 iproute-4.11.0-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01cceaebe9 python-pycurl-7.43.0-6.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c7c3f7ed26 libtasn1-4.12-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-daacf63973 glusterfs-3.10.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd42592f9a perl-File-Path-2.12-366.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-54580efa82 sudo-1.8.20p2-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d450dcef7b libdrm-2.4.81-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-306f90d297 sssd-1.15.2-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ad6a31ebe1 libvirt-2.2.1-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9382fc88db testdisk-7.0-9.fc25 ntfs-3g-2017.3.23-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-94c0774edd rpcbind-0.2.4-6.rc2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-690eedcf41 poppler-0.45.0-3.fc25 The following builds have been pushed to Fedora 25 updates-testing appcenter-0.2.3-1.fc25 cinnamon-3.4.1-2.fc25 cinnamon-desktop-3.4.1-1.fc25 cinnamon-session-3.4.0-6.fc25 cinnamon-settings-daemon-3.4.1-1.fc25 cinnamon-translations-3.4.2-1.fc25 cjs-3.4.1-1.fc25 glusterfs-3.10.3-1.fc25 gnome-boxes-3.22.4-3.fc25 inxi-2.3.11-1.fc25 libdrm-2.4.81-1.fc25 nemo-3.4.2-1.fc25 perl-CPAN-Perl-Releases-3.22-1.fc25 perl-Crypt-OpenSSL-EC-1.3-1.fc25 perl-File-Path-2.12-366.fc25 perl-Module-CoreList-5.20170531-1.fc25 python-moksha-hub-1.4.9-1.fc25 python-tqdm-4.14.0-1.fc25 rudiments-1.0.5-1.fc25 sudo-1.8.20p2-1.fc25 wget-1.18-3.fc25 Details about builds: ================================================================================ appcenter-0.2.3-1.fc25 (FEDORA-2017-73f26aab9a) Software Center for the Pantheon desktop -------------------------------------------------------------------------------- Update Information: Update to version 0.2.3. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457576 - appcenter-0.2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457576 -------------------------------------------------------------------------------- ================================================================================ cinnamon-3.4.1-2.fc25 (FEDORA-2017-1ae435e0c0) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: Update - Revert 'remove network-applet' -------------------------------------------------------------------------------- References: [ 1 ] Bug #1454869 - [abrt] nemo: nemo_centered_placement_grid_clear_grid_for_selection(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454869 [ 2 ] Bug #1454930 - [abrt] nemo: nemo_centered_placement_grid_get_next_free_position(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454930 [ 3 ] Bug #1383173 - [abrt] cinnamon: nm_setting_ip6_config_clear_addresses(): python2.7 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1383173 [ 4 ] Bug #1429934 - None (or only a few) desktop icons shown after login https://bugzilla.redhat.com/show_bug.cgi?id=1429934 [ 5 ] Bug #1452870 - In Cinnamon 3.4.0, UK English panel menus show German for 'Remove'. https://bugzilla.redhat.com/show_bug.cgi?id=1452870 [ 6 ] Bug #1452876 - Invalid symlink in /usr/bin/cinnamon-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1452876 -------------------------------------------------------------------------------- ================================================================================ cinnamon-desktop-3.4.1-1.fc25 (FEDORA-2017-1ae435e0c0) Shared code among cinnamon-session, nemo, etc -------------------------------------------------------------------------------- Update Information: Update - Revert 'remove network-applet' -------------------------------------------------------------------------------- References: [ 1 ] Bug #1454869 - [abrt] nemo: nemo_centered_placement_grid_clear_grid_for_selection(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454869 [ 2 ] Bug #1454930 - [abrt] nemo: nemo_centered_placement_grid_get_next_free_position(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454930 [ 3 ] Bug #1383173 - [abrt] cinnamon: nm_setting_ip6_config_clear_addresses(): python2.7 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1383173 [ 4 ] Bug #1429934 - None (or only a few) desktop icons shown after login https://bugzilla.redhat.com/show_bug.cgi?id=1429934 [ 5 ] Bug #1452870 - In Cinnamon 3.4.0, UK English panel menus show German for 'Remove'. https://bugzilla.redhat.com/show_bug.cgi?id=1452870 [ 6 ] Bug #1452876 - Invalid symlink in /usr/bin/cinnamon-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1452876 -------------------------------------------------------------------------------- ================================================================================ cinnamon-session-3.4.0-6.fc25 (FEDORA-2017-1ae435e0c0) Cinnamon session manager -------------------------------------------------------------------------------- Update Information: Update - Revert 'remove network-applet' -------------------------------------------------------------------------------- References: [ 1 ] Bug #1454869 - [abrt] nemo: nemo_centered_placement_grid_clear_grid_for_selection(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454869 [ 2 ] Bug #1454930 - [abrt] nemo: nemo_centered_placement_grid_get_next_free_position(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454930 [ 3 ] Bug #1383173 - [abrt] cinnamon: nm_setting_ip6_config_clear_addresses(): python2.7 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1383173 [ 4 ] Bug #1429934 - None (or only a few) desktop icons shown after login https://bugzilla.redhat.com/show_bug.cgi?id=1429934 [ 5 ] Bug #1452870 - In Cinnamon 3.4.0, UK English panel menus show German for 'Remove'. https://bugzilla.redhat.com/show_bug.cgi?id=1452870 [ 6 ] Bug #1452876 - Invalid symlink in /usr/bin/cinnamon-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1452876 -------------------------------------------------------------------------------- ================================================================================ cinnamon-settings-daemon-3.4.1-1.fc25 (FEDORA-2017-1ae435e0c0) The daemon sharing settings from CINNAMON to GTK+/KDE applications -------------------------------------------------------------------------------- Update Information: Update - Revert 'remove network-applet' -------------------------------------------------------------------------------- References: [ 1 ] Bug #1454869 - [abrt] nemo: nemo_centered_placement_grid_clear_grid_for_selection(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454869 [ 2 ] Bug #1454930 - [abrt] nemo: nemo_centered_placement_grid_get_next_free_position(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454930 [ 3 ] Bug #1383173 - [abrt] cinnamon: nm_setting_ip6_config_clear_addresses(): python2.7 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1383173 [ 4 ] Bug #1429934 - None (or only a few) desktop icons shown after login https://bugzilla.redhat.com/show_bug.cgi?id=1429934 [ 5 ] Bug #1452870 - In Cinnamon 3.4.0, UK English panel menus show German for 'Remove'. https://bugzilla.redhat.com/show_bug.cgi?id=1452870 [ 6 ] Bug #1452876 - Invalid symlink in /usr/bin/cinnamon-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1452876 -------------------------------------------------------------------------------- ================================================================================ cinnamon-translations-3.4.2-1.fc25 (FEDORA-2017-1ae435e0c0) Translations for Cinnamon and Nemo -------------------------------------------------------------------------------- Update Information: Update - Revert 'remove network-applet' -------------------------------------------------------------------------------- References: [ 1 ] Bug #1454869 - [abrt] nemo: nemo_centered_placement_grid_clear_grid_for_selection(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454869 [ 2 ] Bug #1454930 - [abrt] nemo: nemo_centered_placement_grid_get_next_free_position(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454930 [ 3 ] Bug #1383173 - [abrt] cinnamon: nm_setting_ip6_config_clear_addresses(): python2.7 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1383173 [ 4 ] Bug #1429934 - None (or only a few) desktop icons shown after login https://bugzilla.redhat.com/show_bug.cgi?id=1429934 [ 5 ] Bug #1452870 - In Cinnamon 3.4.0, UK English panel menus show German for 'Remove'. https://bugzilla.redhat.com/show_bug.cgi?id=1452870 [ 6 ] Bug #1452876 - Invalid symlink in /usr/bin/cinnamon-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1452876 -------------------------------------------------------------------------------- ================================================================================ cjs-3.4.1-1.fc25 (FEDORA-2017-1ae435e0c0) Javascript Bindings for Cinnamon -------------------------------------------------------------------------------- Update Information: Update - Revert 'remove network-applet' -------------------------------------------------------------------------------- References: [ 1 ] Bug #1454869 - [abrt] nemo: nemo_centered_placement_grid_clear_grid_for_selection(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454869 [ 2 ] Bug #1454930 - [abrt] nemo: nemo_centered_placement_grid_get_next_free_position(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454930 [ 3 ] Bug #1383173 - [abrt] cinnamon: nm_setting_ip6_config_clear_addresses(): python2.7 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1383173 [ 4 ] Bug #1429934 - None (or only a few) desktop icons shown after login https://bugzilla.redhat.com/show_bug.cgi?id=1429934 [ 5 ] Bug #1452870 - In Cinnamon 3.4.0, UK English panel menus show German for 'Remove'. https://bugzilla.redhat.com/show_bug.cgi?id=1452870 [ 6 ] Bug #1452876 - Invalid symlink in /usr/bin/cinnamon-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1452876 -------------------------------------------------------------------------------- ================================================================================ glusterfs-3.10.3-1.fc25 (FEDORA-2017-daacf63973) Distributed File System -------------------------------------------------------------------------------- Update Information: 3.10.3 GA -------------------------------------------------------------------------------- ================================================================================ gnome-boxes-3.22.4-3.fc25 (FEDORA-2017-fde634e797) A simple GNOME 3 application to access remote or virtual systems -------------------------------------------------------------------------------- Update Information: The Vala API has changed, causing spice sessions to get disconnected. ---- Boxes C source files were generated against an old Vala version. With this update, we force every build to regenerate the C files indepedently of whether there was any change. This fixes a few bugs, including the Back button sensitivity in the New box wizard. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400294 - [abrt] gnome-boxes: boxes_wizard_toolbar_set_title_for_page(): gnome-boxes killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1400294 [ 2 ] Bug #1254784 - [abrt] gnome-boxes: boxes_wizard_toolbar_set_title_for_page(): gnome-boxes killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1254784 -------------------------------------------------------------------------------- ================================================================================ inxi-2.3.11-1.fc25 (FEDORA-2017-0996056627) A full featured system information script -------------------------------------------------------------------------------- Update Information: Update to 2.3.11. ---- Update to 2.3.9. -------------------------------------------------------------------------------- ================================================================================ libdrm-2.4.81-1.fc25 (FEDORA-2017-d450dcef7b) Direct Rendering Manager runtime library -------------------------------------------------------------------------------- Update Information: Update to 2.4.81 -------------------------------------------------------------------------------- ================================================================================ nemo-3.4.2-1.fc25 (FEDORA-2017-1ae435e0c0) File manager for Cinnamon -------------------------------------------------------------------------------- Update Information: Update - Revert 'remove network-applet' -------------------------------------------------------------------------------- References: [ 1 ] Bug #1454869 - [abrt] nemo: nemo_centered_placement_grid_clear_grid_for_selection(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454869 [ 2 ] Bug #1454930 - [abrt] nemo: nemo_centered_placement_grid_get_next_free_position(): nemo-desktop killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1454930 [ 3 ] Bug #1383173 - [abrt] cinnamon: nm_setting_ip6_config_clear_addresses(): python2.7 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1383173 [ 4 ] Bug #1429934 - None (or only a few) desktop icons shown after login https://bugzilla.redhat.com/show_bug.cgi?id=1429934 [ 5 ] Bug #1452870 - In Cinnamon 3.4.0, UK English panel menus show German for 'Remove'. https://bugzilla.redhat.com/show_bug.cgi?id=1452870 [ 6 ] Bug #1452876 - Invalid symlink in /usr/bin/cinnamon-settings-daemon https://bugzilla.redhat.com/show_bug.cgi?id=1452876 -------------------------------------------------------------------------------- ================================================================================ perl-CPAN-Perl-Releases-3.22-1.fc25 (FEDORA-2017-3a0c77fc8e) Mapping Perl releases on CPAN to the location of the tarballs -------------------------------------------------------------------------------- Update Information: Updated to the latest version ---- Updated to the latest version ---- Updated to the latest version ---- Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457578 - perl-CPAN-Perl-Releases-3.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457578 [ 2 ] Bug #1457003 - perl-CPAN-Perl-Releases-3.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457003 [ 3 ] Bug #1454970 - perl-CPAN-Perl-Releases-3.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1454970 [ 4 ] Bug #1450233 - perl-CPAN-Perl-Releases-3.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1450233 -------------------------------------------------------------------------------- ================================================================================ perl-Crypt-OpenSSL-EC-1.3-1.fc25 (FEDORA-2017-b63ea953fe) Perl extension for OpenSSL EC (Elliptic Curves) library -------------------------------------------------------------------------------- Update Information: This release fixes a memory leak in Crypt::OpenSSL::EC::EC_POINT::point2hex() function. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457844 - perl-Crypt-OpenSSL-EC-1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457844 -------------------------------------------------------------------------------- ================================================================================ perl-File-Path-2.12-366.fc25 (FEDORA-2017-dd42592f9a) Create or remove directory trees -------------------------------------------------------------------------------- Update Information: This release fixes a possible setting arbitrary mode on an arbitrary file in rmtree() and remove_tree() calls known as CVE-2017-6512. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457832 - CVE-2017-6512 perl-File-Path: rmtree/remove_tree race condition https://bugzilla.redhat.com/show_bug.cgi?id=1457832 -------------------------------------------------------------------------------- ================================================================================ perl-Module-CoreList-5.20170531-1.fc25 (FEDORA-2017-e7b9102eb5) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information: This release provides data about Perl 5.27.0. ---- This release provides data for Perl 5.26.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457584 - perl-Module-CoreList-5.20170531 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457584 [ 2 ] Bug #1457010 - perl-Module-CoreList-5.20170530 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457010 -------------------------------------------------------------------------------- ================================================================================ python-moksha-hub-1.4.9-1.fc25 (FEDORA-2017-09e6308348) Hub components for Moksha -------------------------------------------------------------------------------- Update Information: One bugfix for STOMP users, which unescapes headers: https://github.com/mokshaproject/moksha/pull/40 One new feature to properly support users interacting with durable broker queues: https://github.com/mokshaproject/moksha/pull/39 -------------------------------------------------------------------------------- ================================================================================ python-tqdm-4.14.0-1.fc25 (FEDORA-2017-bb06d19dbf) A Fast, Extensible Progress Meter -------------------------------------------------------------------------------- Update Information: Update to 4.14.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1456309 - python-tqdm-4.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1456309 -------------------------------------------------------------------------------- ================================================================================ rudiments-1.0.5-1.fc25 (FEDORA-2017-093611e947) C++ class library for developing systems and applications -------------------------------------------------------------------------------- Update Information: Updated to version 1.0.5. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457586 - rudiments-1.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457586 -------------------------------------------------------------------------------- ================================================================================ sudo-1.8.20p2-1.fc25 (FEDORA-2017-54580efa82) Allows restricted root access for specified users -------------------------------------------------------------------------------- Update Information: - update to 1.8.20p2 - added sudo package to dnf/yum protected packages ---- - update to 1.8.20p1 - fixes CVE-2017-1000367 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1453074 - CVE-2017-1000367 sudo: Privilege escalation in via improper get_process_ttyname() parsing https://bugzilla.redhat.com/show_bug.cgi?id=1453074 -------------------------------------------------------------------------------- ================================================================================ wget-1.18-3.fc25 (FEDORA-2017-22f1a8404e) A utility for retrieving files using the HTTP or FTP protocols -------------------------------------------------------------------------------- Update Information: Fixed CVE-2017-6508: CRLF injection in the url_parse function in url.c -------------------------------------------------------------------------------- References: [ 1 ] Bug #1429984 - CVE-2017-6508 wget: CRLF injection in the url_parse function in url.c https://bugzilla.redhat.com/show_bug.cgi?id=1429984 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
