The following Fedora 25 Security updates need testing: Age URL 173 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 72 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7dbbbafea6 runc-1.0.0-7.git6394544.fc25.2 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec3c82e64d libstaroffice-0.0.3-3.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-63789c8c29 tomcat-8.0.44-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bcfa3569d6 libmwaw-0.3.11-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a66e2c5b62 chromium-59.0.3071.86-3.fc25 chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-62aacc1474 mercurial-3.8.1-3.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bd92718a5a pungi-4.1.16-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d530a04779 pcre2-10.23-8.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c4b191036b vim-8.0.642-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a83e0e61d6 fwupd-0.9.4-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2a026bd3a1 audit-2.7.7-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c1937fe117 qt5-qtdeclarative-5.7.1-8.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fc2e82175e gstreamer1-vaapi-1.10.5-1.fc25 gstreamer1-plugins-ugly-free-1.10.5-1.fc25 gstreamer1-plugins-bad-free-1.10.5-1.fc25 gstreamer1-plugins-good-1.10.5-1.fc25 gst-editing-services-1.10.5-1.fc25 python-gstreamer1-1.10.5-1.fc25 gstreamer1-rtsp-server-1.10.5-1.fc25 gstreamer1-plugins-base-1.10.5-1.fc25 gstreamer1-1.10.5-1.fc25 The following builds have been pushed to Fedora 25 updates-testing MySQL-zrm-3.0-15.fc25 chromium-59.0.3071.86-3.fc25 chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc25 mbuffer-20170515-1.fc25 mercurial-3.8.1-3.fc25 mosquitto-1.4.12-2.fc25 perl-MetaCPAN-API-0.51-1.fc25 python-XStatic-Patternfly-Bootstrap-Treeview-2.1.3.2-1.fc25 python-influxdb-4.1.1-2.fc25 smuxi-1.0.7-1.fc25 sway-0.13.0-1.fc25 Details about builds: ================================================================================ MySQL-zrm-3.0-15.fc25 (FEDORA-2017-97afc58a48) MySQL backup manager -------------------------------------------------------------------------------- Update Information: - Check exit status of all commands in pipes (bug #1151623) - Do not use --same- order with -c for tar (bug #1458038) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458038 - Backup data file is empty due to invalid tar parameters, but still reports success https://bugzilla.redhat.com/show_bug.cgi?id=1458038 -------------------------------------------------------------------------------- ================================================================================ chromium-59.0.3071.86-3.fc25 (FEDORA-2017-a66e2c5b62) A WebKit (Blink) powered web browser -------------------------------------------------------------------------------- Update Information: Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083, CVE-2017-5085 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459037 - CVE-2017-5085 chromium-browser: inappropriate javascript execution on webui pages https://bugzilla.redhat.com/show_bug.cgi?id=1459037 [ 2 ] Bug #1459036 - CVE-2017-5083 chromium-browser: ui spoofing in blink https://bugzilla.redhat.com/show_bug.cgi?id=1459036 [ 3 ] Bug #1459035 - CVE-2017-5082 chromium-browser: insufficient hardening in credit card editor https://bugzilla.redhat.com/show_bug.cgi?id=1459035 [ 4 ] Bug #1459034 - CVE-2017-5081 chromium-browser: extension verification bypass https://bugzilla.redhat.com/show_bug.cgi?id=1459034 [ 5 ] Bug #1459033 - CVE-2017-5080 chromium-browser: use after free in credit card autofill https://bugzilla.redhat.com/show_bug.cgi?id=1459033 [ 6 ] Bug #1459032 - CVE-2017-5079 chromium-browser: ui spoofing in blink https://bugzilla.redhat.com/show_bug.cgi?id=1459032 [ 7 ] Bug #1459031 - CVE-2017-5078 chromium-browser: possible command injection in mailto handling https://bugzilla.redhat.com/show_bug.cgi?id=1459031 [ 8 ] Bug #1459030 - CVE-2017-5077 chromium-browser: heap buffer overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1459030 [ 9 ] Bug #1459029 - CVE-2017-5076 chromium-browser: address spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1459029 [ 10 ] Bug #1459028 - CVE-2017-5086 chromium-browser: address spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1459028 [ 11 ] Bug #1459027 - CVE-2017-5075 chromium-browser: information leak in csp reporting https://bugzilla.redhat.com/show_bug.cgi?id=1459027 [ 12 ] Bug #1459025 - CVE-2017-5074 chromium-browser: use after free in apps bluetooth https://bugzilla.redhat.com/show_bug.cgi?id=1459025 [ 13 ] Bug #1459024 - CVE-2017-5073 chromium-browser: use after free in print preview https://bugzilla.redhat.com/show_bug.cgi?id=1459024 [ 14 ] Bug #1459023 - CVE-2017-5072 chromium-browser: address spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1459023 [ 15 ] Bug #1459022 - CVE-2017-5071 chromium-browser: out of bounds read in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1459022 [ 16 ] Bug #1459021 - CVE-2017-5070 chromium-browser: type confusion in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1459021 -------------------------------------------------------------------------------- ================================================================================ chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc25 (FEDORA-2017-a66e2c5b62) Google Native Client Toolchain -------------------------------------------------------------------------------- Update Information: Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083, CVE-2017-5085 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459037 - CVE-2017-5085 chromium-browser: inappropriate javascript execution on webui pages https://bugzilla.redhat.com/show_bug.cgi?id=1459037 [ 2 ] Bug #1459036 - CVE-2017-5083 chromium-browser: ui spoofing in blink https://bugzilla.redhat.com/show_bug.cgi?id=1459036 [ 3 ] Bug #1459035 - CVE-2017-5082 chromium-browser: insufficient hardening in credit card editor https://bugzilla.redhat.com/show_bug.cgi?id=1459035 [ 4 ] Bug #1459034 - CVE-2017-5081 chromium-browser: extension verification bypass https://bugzilla.redhat.com/show_bug.cgi?id=1459034 [ 5 ] Bug #1459033 - CVE-2017-5080 chromium-browser: use after free in credit card autofill https://bugzilla.redhat.com/show_bug.cgi?id=1459033 [ 6 ] Bug #1459032 - CVE-2017-5079 chromium-browser: ui spoofing in blink https://bugzilla.redhat.com/show_bug.cgi?id=1459032 [ 7 ] Bug #1459031 - CVE-2017-5078 chromium-browser: possible command injection in mailto handling https://bugzilla.redhat.com/show_bug.cgi?id=1459031 [ 8 ] Bug #1459030 - CVE-2017-5077 chromium-browser: heap buffer overflow in skia https://bugzilla.redhat.com/show_bug.cgi?id=1459030 [ 9 ] Bug #1459029 - CVE-2017-5076 chromium-browser: address spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1459029 [ 10 ] Bug #1459028 - CVE-2017-5086 chromium-browser: address spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1459028 [ 11 ] Bug #1459027 - CVE-2017-5075 chromium-browser: information leak in csp reporting https://bugzilla.redhat.com/show_bug.cgi?id=1459027 [ 12 ] Bug #1459025 - CVE-2017-5074 chromium-browser: use after free in apps bluetooth https://bugzilla.redhat.com/show_bug.cgi?id=1459025 [ 13 ] Bug #1459024 - CVE-2017-5073 chromium-browser: use after free in print preview https://bugzilla.redhat.com/show_bug.cgi?id=1459024 [ 14 ] Bug #1459023 - CVE-2017-5072 chromium-browser: address spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1459023 [ 15 ] Bug #1459022 - CVE-2017-5071 chromium-browser: out of bounds read in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1459022 [ 16 ] Bug #1459021 - CVE-2017-5070 chromium-browser: type confusion in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1459021 -------------------------------------------------------------------------------- ================================================================================ mbuffer-20170515-1.fc25 (FEDORA-2017-10a630a517) Measuring Buffer is an enhanced version of buffer -------------------------------------------------------------------------------- Update Information: Update to new upstream version 20170515 -------------------------------------------------------------------------------- ================================================================================ mercurial-3.8.1-3.fc25 (FEDORA-2017-62aacc1474) Mercurial -- a distributed SCM -------------------------------------------------------------------------------- Update Information: Fixes CVE-2017-9462. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459485 - CVE-2017-9462 mercurial: Python debugger accessible to authorized users [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1459485 -------------------------------------------------------------------------------- ================================================================================ mosquitto-1.4.12-2.fc25 (FEDORA-2017-0efaec1e6c) An Open Source MQTT v3.1/v3.1.1 Broker -------------------------------------------------------------------------------- Update Information: Rebuild for libwebsockets -------------------------------------------------------------------------------- ================================================================================ perl-MetaCPAN-API-0.51-1.fc25 (FEDORA-2017-390164a5ee) A comprehensive, DWIM-featured API to MetaCPAN -------------------------------------------------------------------------------- Update Information: Updated to current upstream release using v1 API; the MetaCPAN service no longer supports the old v0 API. -------------------------------------------------------------------------------- ================================================================================ python-XStatic-Patternfly-Bootstrap-Treeview-2.1.3.2-1.fc25 (FEDORA-2017-3c751e6c6a) Patternfly Bootstrap Treeview CSS/JS framework (XStatic packaging standard) -------------------------------------------------------------------------------- Update Information: Initial version of the package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1447089 - None https://bugzilla.redhat.com/show_bug.cgi?id=1447089 -------------------------------------------------------------------------------- ================================================================================ python-influxdb-4.1.1-2.fc25 (FEDORA-2017-54cc632748) InfluxDB client -------------------------------------------------------------------------------- Update Information: Update from uptsream, ---- Update from uptsream, -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442584 - python-influxdb-v4.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1442584 -------------------------------------------------------------------------------- ================================================================================ smuxi-1.0.7-1.fc25 (FEDORA-2017-97db694f02) Powerful, flexible, user-friendly chat client -------------------------------------------------------------------------------- Update Information: - Update to 1.0.7 -------------------------------------------------------------------------------- ================================================================================ sway-0.13.0-1.fc25 (FEDORA-2017-9e1037e7e8) i3-compatible window manager for Wayland -------------------------------------------------------------------------------- Update Information: update to 0.13 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
