The following Fedora 25 Security updates need testing: Age URL 162 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 60 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a3c7d077c7 perltidy-20170521-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ac7fc2fd8c picocom-2.2-2.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-926e11c76e yara-3.6.0-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-60997f0d14 oniguruma-6.1.3-2.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2113aacd2 mosquitto-1.4.12-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e698bba980 freeradius-3.0.14-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5e28afa2dd dolphin-emu-5.0-14.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0ee7b8dd2a mingw-poppler-0.45.0-2.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd42592f9a perl-File-Path-2.12-366.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-87a64155eb ansible-2.3.1.0-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-278f46fcd6 golang-1.7.6-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7dbbbafea6 runc-1.0.0-7.git6394544.fc25.2 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8348115acd log4j12-1.2.17-19.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ae00b2a30a mariadb-10.1.24-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8722576148 ettercap-0.8.2-4.2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-abbac6c64b libsndfile-1.0.28-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec3c82e64d libstaroffice-0.0.3-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3c561780c8 gajim-0.16.8-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6dcf888128 iproute-4.11.0-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-306f90d297 sssd-1.15.2-5.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ad6a31ebe1 libvirt-2.2.1-2.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9382fc88db testdisk-7.0-9.fc25 ntfs-3g-2017.3.23-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-daacf63973 glusterfs-3.10.3-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd42592f9a perl-File-Path-2.12-366.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ae00b2a30a mariadb-10.1.24-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-abbac6c64b libsndfile-1.0.28-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5e99fe2ca1 perl-threads-shared-1.57-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe59b56d77 perl-threads-2.16-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ea337b6fe2 mesa-17.0.5-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b52e769b35 kernel-4.11.3-202.fc25 The following builds have been pushed to Fedora 25 updates-testing container-selinux-2.18-1.fc25 d-feet-0.3.11-3.fc25 deluge-1.3.15-2.fc25 fusioninventory-agent-2.3.20-1.fc25 gajim-0.16.8-1.fc25 heimdall-1.4.2-1.fc25 kernel-4.11.3-202.fc25 legendsbrowser-1.12.1-4.fc25 libratbag-0.9-1.fc25 libstaroffice-0.0.3-3.fc25 mdds-1.2.3-1.fc25 mesa-17.0.5-3.fc25 minetest-0.4.16-1.fc25 mozilla-https-everywhere-5.2.18-1.fc25 nodejs-brace-expansion-1.1.7-1.fc25 pacman-5.0.2-1.fc25 php-phpmyadmin-sql-parser-4.1.7-1.fc25 php-phpseclib-2.0.6-1.fc25 php-twig2-2.4.2-1.fc25 relval-2.1.8-1.fc25 standard-test-roles-0.4-1.fc25 translate-shell-0.9.6.4-3.fc25 vrms-rpm-1.2-2.fc25 Details about builds: ================================================================================ container-selinux-2.18-1.fc25 (FEDORA-2017-78ffa38344) SELinux policies for container runtimes -------------------------------------------------------------------------------- Update Information: Fix labeling for CRI-O (ocid) packages. ---- Revert change to 2.16 which is causing issues with docker runtime leaking fifo files into containers. ---- Add labeling for cri-o -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458590 - SELinux is preventing httpd from 'open' accesses on the fifo_file fifo_file. https://bugzilla.redhat.com/show_bug.cgi?id=1458590 [ 2 ] Bug #1457312 - AVCs seen during deployment of Fedora 26 ipa-server-docker image https://bugzilla.redhat.com/show_bug.cgi?id=1457312 -------------------------------------------------------------------------------- ================================================================================ d-feet-0.3.11-3.fc25 (FEDORA-2017-28e0469802) A powerful D-Bus Debugger -------------------------------------------------------------------------------- Update Information: Don't crash at start-up on Wayland -------------------------------------------------------------------------------- References: [ 1 ] Bug #1432996 - Don't use Wnck on non-X11 https://bugzilla.redhat.com/show_bug.cgi?id=1432996 -------------------------------------------------------------------------------- ================================================================================ deluge-1.3.15-2.fc25 (FEDORA-2017-f2b8f7aeca) A GTK+ BitTorrent client with support for DHT, UPnP, and PEX -------------------------------------------------------------------------------- Update Information: Fix http://dev.deluge-torrent.org/ticket/3039 -------------------------------------------------------------------------------- ================================================================================ fusioninventory-agent-2.3.20-1.fc25 (FEDORA-2017-de31aebe0c) FusionInventory agent -------------------------------------------------------------------------------- Update Information: Update to last upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458528 - fusioninventory-agent-2.3.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1458528 -------------------------------------------------------------------------------- ================================================================================ gajim-0.16.8-1.fc25 (FEDORA-2017-3c561780c8) Jabber client written in PyGTK -------------------------------------------------------------------------------- Update Information: Gajim 0.16.8 * Fix rejoining MUCs after connection loss * Fix Groupchat invites * Fix encoding problems with newer GnuPG versions * Fix old messages randomly reappearing in the chat window * Fix some problems with IBB filetransfer * Make XEP-0146 Commands opt-in * Improve sending messages to your own resources * Improve reliability of delivery recipes * Many minor bugfixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1456364 - CVE-2016-10376 gajim: XEP-0146 makes it possible to extract plain-text from OTR sessions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1456364 [ 2 ] Bug #1458616 - gajim-0.16.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1458616 -------------------------------------------------------------------------------- ================================================================================ heimdall-1.4.2-1.fc25 (FEDORA-2017-53af4b5e33) Flash firmware on to Samsung Galaxy S devices -------------------------------------------------------------------------------- Update Information: Version 1.4.2 -------------------------------------------------------------------------------- ================================================================================ kernel-4.11.3-202.fc25 (FEDORA-2017-b52e769b35) The Linux kernel -------------------------------------------------------------------------------- Update Information: Incremental update to fix a number of issues, notably an issue with IPSEC -------------------------------------------------------------------------------- References: [ 1 ] Bug #1455780 - 4.11 kernels cause problems with certain Intel NVMe disks https://bugzilla.redhat.com/show_bug.cgi?id=1455780 [ 2 ] Bug #1447031 - ChromeOS keyboard backlight doesn't work https://bugzilla.redhat.com/show_bug.cgi?id=1447031 [ 3 ] Bug #1458222 - with last kernel 4.11.3-200 VPN l2tp+ipsec not work property https://bugzilla.redhat.com/show_bug.cgi?id=1458222 [ 4 ] Bug #1458499 - 4.11.x breaks tcp over udp for eg. ipsec connections (due to esp4 bug) https://bugzilla.redhat.com/show_bug.cgi?id=1458499 -------------------------------------------------------------------------------- ================================================================================ legendsbrowser-1.12.1-4.fc25 (FEDORA-2017-21bc90e27f) Java-based legends viewer for Dwarf Fortress -------------------------------------------------------------------------------- Update Information: Update to latest upstream release, 1.12.1, a small bugfix release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458561 - legendsbrowser-1.12.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1458561 -------------------------------------------------------------------------------- ================================================================================ libratbag-0.9-1.fc25 (FEDORA-2017-6473722962) Programmable input device library -------------------------------------------------------------------------------- Update Information: libratbag v0.9 -------------------------------------------------------------------------------- ================================================================================ libstaroffice-0.0.3-3.fc25 (FEDORA-2017-ec3c82e64d) A library for import of binary StarOffice documents -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-9432 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458799 - CVE-2017-9432 libstaroffice: Stack-buffer overflow in the StarWriterStruct::DatabaseName::read https://bugzilla.redhat.com/show_bug.cgi?id=1458799 -------------------------------------------------------------------------------- ================================================================================ mdds-1.2.3-1.fc25 (FEDORA-2017-68255bb4dc) A collection of multi-dimensional data structures and indexing algorithms -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ================================================================================ mesa-17.0.5-3.fc25 (FEDORA-2017-ea337b6fe2) Mesa graphics libraries -------------------------------------------------------------------------------- Update Information: Add a fix for all pixmaps in Xwayland on fermi GPUs using nouveau coming up as black boxes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1411447 - GTK+ 2 images appear as black boxes under XWayland with NVIDIA/nouveau https://bugzilla.redhat.com/show_bug.cgi?id=1411447 -------------------------------------------------------------------------------- ================================================================================ minetest-0.4.16-1.fc25 (FEDORA-2017-1f25ef4d06) Multiplayer infinite-world block sandbox with survival mode -------------------------------------------------------------------------------- Update Information: 0.4.16 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1421412 - minetest included font is licensing problem https://bugzilla.redhat.com/show_bug.cgi?id=1421412 [ 2 ] Bug #1458530 - minetest-0.4.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1458530 -------------------------------------------------------------------------------- ================================================================================ mozilla-https-everywhere-5.2.18-1.fc25 (FEDORA-2017-2d7c5bdbdc) HTTPS/HSTS enforcement extension for Mozilla Firefox and SeaMonkey -------------------------------------------------------------------------------- Update Information: Stop submitting to SSL Observatory when connected to Tor. More ruleset fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1454510 - mozilla-https-everywhere-5.2.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1454510 -------------------------------------------------------------------------------- ================================================================================ nodejs-brace-expansion-1.1.7-1.fc25 (FEDORA-2017-5d7498559f) Brace expansion as known from sh/bash -------------------------------------------------------------------------------- Update Information: Update to upstream 1.1.7 release to remediate DoS issue npm:brace- expansion:20170302 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1448380 - nodejs-brace-expansion: Regular expression denial-of-service https://bugzilla.redhat.com/show_bug.cgi?id=1448380 -------------------------------------------------------------------------------- ================================================================================ pacman-5.0.2-1.fc25 (FEDORA-2017-7a8be8f9ca) Package manager for the Arch distribution -------------------------------------------------------------------------------- Update Information: Latest update, mostly bugfixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458966 - pacman-5.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1458966 -------------------------------------------------------------------------------- ================================================================================ php-phpmyadmin-sql-parser-4.1.7-1.fc25 (FEDORA-2017-5cf3814f6e) A validating SQL lexer and parser with a focus on MySQL dialect -------------------------------------------------------------------------------- Update Information: **Version 4.1.7** - 2017-06-06 * Fixed setting combination SQL Modes. ---- **Version 4.1.6** - 2017-06-01 * Fixed building query with GROUP BY clause. -------------------------------------------------------------------------------- ================================================================================ php-phpseclib-2.0.6-1.fc25 (FEDORA-2017-febe8cd888) PHP Secure Communications Library -------------------------------------------------------------------------------- Update Information: **Version 2.0.6** - 2017-06-05 - Crypt: fix OpenSSL engine on <= PHP 5.3.6 (#1122) - Random: suppress possible E_DEPRECATED errors - RSA: reset variables if bad key was loaded ---- **Version 2.0.5** - 2017-05-07 - SSH2: don't use timeout value of 0 for fsockopen (#775) - SSH2: make it so disabling PTY closes exec() channel if it's open (#1009) - SSH2: include `<pre>` tags in getLog result when SAPI isn't CLI - SFTP: don't assume current directory when $path parameter for delete is null (#1059) - SFTP: fix put() with php://input as source (#1119) - ASN1: fix UTCTime parsing (#1110) - X509: ignore certificate transparency extension (#1073) - Crypt: OpenSSL apparently supports variable size keys (#1085) -------------------------------------------------------------------------------- ================================================================================ php-twig2-2.4.2-1.fc25 (FEDORA-2017-e32edf2ff1) The flexible, fast, and secure template engine for PHP -------------------------------------------------------------------------------- Update Information: **Version 2.4.2** (2017-06-05) * fixed namespaces introduction ---- **Version 2.4.1** (2017-06-05) * fixed namespaces introduction ---- **Version 2.4.0** (2017-06-05) * added support for PHPUnit 6 when testing extensions * fixed PHP 7.2 compatibility * fixed template name generation in Twig_Environment::createTemplate() * removed final tag on Twig_TokenParser_Include * dropped HHVM support * added namespaced aliases for all (non-deprecated) classes and interfaces * marked Twig_Filter, Twig_Function, Twig_Test, Twig_Node_Module and Twig_Profiler_Profile as final via the @final annotation -------------------------------------------------------------------------------- ================================================================================ relval-2.1.8-1.fc25 (FEDORA-2017-8045ce1e66) Tool for interacting with Fedora QA wiki pages -------------------------------------------------------------------------------- Update Information: This update provides a new minor relval release. The only change is an update to the target size of the KDE live image (for the `size-check` subcommand) to 2GB, the new target size set by the KDE SIG for Fedora 26. -------------------------------------------------------------------------------- ================================================================================ standard-test-roles-0.4-1.fc25 (FEDORA-2017-9a527ab242) Standard Test Interface Ansible roles -------------------------------------------------------------------------------- Update Information: Sync standard-test-roles with latest upstream release. -------------------------------------------------------------------------------- ================================================================================ translate-shell-0.9.6.4-3.fc25 (FEDORA-2017-142d13623f) A command-line online translator -------------------------------------------------------------------------------- Update Information: Initial release for Fedora. -------------------------------------------------------------------------------- ================================================================================ vrms-rpm-1.2-2.fc25 (FEDORA-2017-7867abc53f) Report non-free software -------------------------------------------------------------------------------- Update Information: New package - initial build & update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1433749 - Review Request: vrms-rpm - report of installed nonfree software https://bugzilla.redhat.com/show_bug.cgi?id=1433749 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
