The following Fedora 25 Security updates need testing: Age URL 198 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 97 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 40 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7dbbbafea6 runc-1.0.0-7.git6394544.fc25.2 36 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec3c82e64d libstaroffice-0.0.3-3.fc25 36 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bcfa3569d6 libmwaw-0.3.11-3.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9dd1004ad8 jabberd-2.6.1-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1ca18683e4 openldap-2.4.44-11.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f8e32f160e cacti-1.1.12-2.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b9e4c24094 subversion-1.9.6-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b0a2770a9b knot-2.4.5-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-90ad72e684 irssi-1.0.4-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-efdd962fee putty-0.70-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c844713925 qt5-qtwebkit-5.212.0-0.5.alpha2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-33c8085c5d groovy18-1.8.9-28.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a7a488d8d0 qt5-qtwebengine-5.9.1-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-92643d70b7 knot-resolver-1.3.1-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9ded7c5670 httpd-2.4.27-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-447e926933 sqlite-3.14.2-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7eaec3353d poppler-0.45.0-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d6a9e0c9c heimdal-7.4.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f941184db1 qemu-2.7.1-7.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cdead07e99 evince-3.22.1-5.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 40 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 19 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0187b2a605 selinux-policy-3.13.1-225.19.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-118505dd77 libsoup-2.56.0-3.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-caf28c1846 flatpak-0.9.7-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a90ed7e59d libtirpc-1.0.2-0.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1ca18683e4 openldap-2.4.44-11.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7cd9e81996 quota-4.03-8.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b18eded0a5 glusterfs-3.10.4-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-00d20db471 samba-4.5.11-0.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-efabd0d782 ostree-2017.8-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-447e926933 sqlite-3.14.2-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ebeb4bb332 mariadb-10.1.25-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fad15283f8 koji-1.13.0-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9075f30365 vim-8.0.705-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ddd2aa1a04 xen-4.7.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e587cfd70e supermin-5.1.18-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f21d307d97 nss-3.31.0-1.0.fc25 nss-softokn-3.31.0-1.0.fc25 nss-util-3.31.0-1.0.fc25 nspr-4.15.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-04bf7c03b8 libproxy-0.4.15-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f941184db1 qemu-2.7.1-7.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7eaec3353d poppler-0.45.0-5.fc25 The following builds have been pushed to Fedora 25 updates-testing 389-ds-base-1.3.5.18-1.fc25 cook-2.34-13.fc25 distribution-gpg-keys-1.12-1.fc25 evince-3.22.1-5.fc25 gnome-shell-extension-media-player-indicator-0-0.13.20170712gitba389fa.fc25 heimdal-7.4.0-1.fc25 hotspot-1.0.0-1.fc25 libproxy-0.4.15-2.fc25 libtaskotron-0.4.23-1.fc25 microcode_ctl-2.1-16.fc25 nagios-plugins-2.2.1-3git.fc25 nspr-4.15.0-1.fc25 nss-3.31.0-1.0.fc25 nss-softokn-3.31.0-1.0.fc25 nss-util-3.31.0-1.0.fc25 oci-systemd-hook-0.1.8-1.gitd899a8e.fc25 perl-PAR-Packer-1.035-3.fc25 php-aws-php-sns-message-validator-1.2.0-1.fc25 php-phpmyadmin-sql-parser-4.1.9-1.fc25 poppler-0.45.0-5.fc25 qemu-2.7.1-7.fc25 snapd-glib-1.15-1.fc25 supermin-5.1.18-1.fc25 wine-2.12-1.fc25 Details about builds: ================================================================================ 389-ds-base-1.3.5.18-1.fc25 (FEDORA-2017-a4824a5fb4) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: Bump version to 1.3.5.18 -------------------------------------------------------------------------------- ================================================================================ cook-2.34-13.fc25 (FEDORA-2017-4cd9ebf9cb) File construction tool -------------------------------------------------------------------------------- Update Information: This release fixes building documentation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1307402 - cook: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1307402 -------------------------------------------------------------------------------- ================================================================================ distribution-gpg-keys-1.12-1.fc25 (FEDORA-2017-80e4f4cdb9) GPG keys of various Linux distributions -------------------------------------------------------------------------------- Update Information: Updated Copr gpg keys. -------------------------------------------------------------------------------- ================================================================================ evince-3.22.1-5.fc25 (FEDORA-2017-cdead07e99) Document viewer -------------------------------------------------------------------------------- Update Information: - CVE-2017-1000083: Evince command injection vulnerability in CBT handler (#1468488) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1468488 - CVE-2017-1000083 evince: command injection via filename in tar-compressed comics archive https://bugzilla.redhat.com/show_bug.cgi?id=1468488 -------------------------------------------------------------------------------- ================================================================================ gnome-shell-extension-media-player-indicator-0-0.13.20170712gitba389fa.fc25 (FEDORA-2017-87bb93dd89) Control MPRIS2 capable media players: Rhythmbox, Banshee, Clementine and more -------------------------------------------------------------------------------- Update Information: Update to 0-0.13.20170712gitba389fa -------------------------------------------------------------------------------- ================================================================================ heimdal-7.4.0-1.fc25 (FEDORA-2017-5d6a9e0c9c) A Kerberos 5 implementation without export restrictions -------------------------------------------------------------------------------- Update Information: Update to 7.4.0 GA release (CVE-2017-11103) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469998 - CVE-2017-11103 heimdal: krb5: Metadata taken from the unauthenticated plaintext [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1469998 -------------------------------------------------------------------------------- ================================================================================ hotspot-1.0.0-1.fc25 (FEDORA-2017-6588dc96d6) The Linux perf GUI for performance analysis -------------------------------------------------------------------------------- Update Information: A standalone GUI for performance data. Attempting to provide a UI like KCachegrind around Linux perf. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469396 - Review Request: hotspot - The Linux perf GUI for performance analysis https://bugzilla.redhat.com/show_bug.cgi?id=1469396 -------------------------------------------------------------------------------- ================================================================================ libproxy-0.4.15-2.fc25 (FEDORA-2017-04bf7c03b8) A library handling all the details of proxy configuration -------------------------------------------------------------------------------- Update Information: Fix crash when using PAC files -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459779 - [abrt] glib-networking: JS_AbortIfWrongThread(): glib-pacrunner killed by signal 11 https://bugzilla.redhat.com/show_bug.cgi?id=1459779 -------------------------------------------------------------------------------- ================================================================================ libtaskotron-0.4.23-1.fc25 (FEDORA-2017-ff47530b6a) Taskotron Support Library -------------------------------------------------------------------------------- Update Information: - documentation improvements - DNF_REPO item type removed - default task artifact now points to artifacts root dir instead of task log - fix rpm deps handling via dnf on Fedora 26 (but only support package names and filepaths as deps in task formulas) -------------------------------------------------------------------------------- ================================================================================ microcode_ctl-2.1-16.fc25 (FEDORA-2017-a0cfed1db1) Tool to transform and deploy CPU microcode update for x86 -------------------------------------------------------------------------------- Update Information: Update to upstream 2.1-13. 20170707 -------------------------------------------------------------------------------- ================================================================================ nagios-plugins-2.2.1-3git.fc25 (FEDORA-2017-8d031793bf) Host/service/network monitoring program plugins for Nagios -------------------------------------------------------------------------------- Update Information: Updated patches to fix check_http problems ---- Update to git for 20170703 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1052740 - SELinux is preventing check_log via NRPE from read and open var_log_t files https://bugzilla.redhat.com/show_bug.cgi?id=1052740 [ 2 ] Bug #1204683 - check_ide_smart cannot be started by nrpe https://bugzilla.redhat.com/show_bug.cgi?id=1204683 [ 3 ] Bug #1210380 - SELinux prevents check_mailq from executing postfix when run via NRPE https://bugzilla.redhat.com/show_bug.cgi?id=1210380 [ 4 ] Bug #1256848 - nagios-plugins-log has incorrect paths to egrep/tail (EL6) https://bugzilla.redhat.com/show_bug.cgi?id=1256848 [ 5 ] Bug #1423008 - nagios-plugins-2.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1423008 [ 6 ] Bug #1427925 - check_http 2.2.0-4 fails if Transfer-Encoding ends the header https://bugzilla.redhat.com/show_bug.cgi?id=1427925 [ 7 ] Bug #1463674 - check_http segfaults once Location header terminates with additional 0x0a and is last header line https://bugzilla.redhat.com/show_bug.cgi?id=1463674 [ 8 ] Bug #1465784 - nagios http plugin is old and buggy https://bugzilla.redhat.com/show_bug.cgi?id=1465784 -------------------------------------------------------------------------------- ================================================================================ nspr-4.15.0-1.fc25 (FEDORA-2017-f21d307d97) Netscape Portable Runtime -------------------------------------------------------------------------------- Update Information: Updates the nss family of packages to upstream NSS 3.31 and NSPR 4.15. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes -------------------------------------------------------------------------------- ================================================================================ nss-3.31.0-1.0.fc25 (FEDORA-2017-f21d307d97) Network Security Services -------------------------------------------------------------------------------- Update Information: Updates the nss family of packages to upstream NSS 3.31 and NSPR 4.15. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes -------------------------------------------------------------------------------- ================================================================================ nss-softokn-3.31.0-1.0.fc25 (FEDORA-2017-f21d307d97) Network Security Services Softoken Module -------------------------------------------------------------------------------- Update Information: Updates the nss family of packages to upstream NSS 3.31 and NSPR 4.15. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes -------------------------------------------------------------------------------- ================================================================================ nss-util-3.31.0-1.0.fc25 (FEDORA-2017-f21d307d97) Network Security Services Utilities Library -------------------------------------------------------------------------------- Update Information: Updates the nss family of packages to upstream NSS 3.31 and NSPR 4.15. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.31_release_notes -------------------------------------------------------------------------------- ================================================================================ oci-systemd-hook-0.1.8-1.gitd899a8e.fc25 (FEDORA-2017-40b2825920) OCI systemd hook for docker -------------------------------------------------------------------------------- Update Information: Allow users to selectively disable oci-systemd-hook -------------------------------------------------------------------------------- ChangeLog: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1404450 - unable to disable oci-systemd-hook on Atomic Host https://bugzilla.redhat.com/show_bug.cgi?id=1404450 -------------------------------------------------------------------------------- ================================================================================ perl-PAR-Packer-1.035-3.fc25 (FEDORA-2017-3d42ac2eb2) PAR Packager -------------------------------------------------------------------------------- Update Information: This release adds a dependency on the same Perl version perl-PAR-Packer was built against this how PAR::Packer is implemented. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1470542 - PAR::Packer requires the same perl version it was built against https://bugzilla.redhat.com/show_bug.cgi?id=1470542 -------------------------------------------------------------------------------- ================================================================================ php-aws-php-sns-message-validator-1.2.0-1.fc25 (FEDORA-2017-a8557d01d5) Amazon SNS message validation -------------------------------------------------------------------------------- Update Information: ## 1.2.0 * Adds support for creating an instance of `Aws\Sns\Message` from a PSR-7 Request or ServerRequest. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1470413 - php-aws-php-sns-message-validator-1.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1470413 -------------------------------------------------------------------------------- ================================================================================ php-phpmyadmin-sql-parser-4.1.9-1.fc25 (FEDORA-2017-07ae08ea8f) A validating SQL lexer and parser with a focus on MySQL dialect -------------------------------------------------------------------------------- Update Information: **Version 4.1.9** - 2017-07-12 * Various code cleanups. * Improved error handling of several invalid statements. ---- **Version 4.1.8** - 2017-07-09 * Fixed parsing SQL comment at the end of query. * Improved handing of non utf-8 strings. * Added query flag for SET queries. -------------------------------------------------------------------------------- ================================================================================ poppler-0.45.0-5.fc25 (FEDORA-2017-7eaec3353d) PDF rendering library -------------------------------------------------------------------------------- Update Information: * various flaws: CVE-2017-7515 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865 ---- * CVE-2017-9406 CVE-2017-9408 various memory leak flaws -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459067 - CVE-2017-7515 CVE-2017-9775 CVE-2017-9776 CVE-2017-9865 poppler: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1459067 [ 2 ] Bug #1458703 - CVE-2017-9406 CVE-2017-9408 poppler: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1458703 -------------------------------------------------------------------------------- ================================================================================ qemu-2.7.1-7.fc25 (FEDORA-2017-f941184db1) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * CVE-2017-7718: cirrus: OOB read access issue (bz #1443443) * CVE-2016-9603: cirrus: heap buffer overflow via vnc connection (bz #1432040) * CVE-2017-7377: 9pfs: fix file descriptor leak (bz #1437872) * CVE-2017-7980: cirrus: OOB r/w access issues in bitblt (bz #1444372) * CVE-2017-8112: vmw_pvscsi: infinite loop in pvscsi_log2 (bz #1445622) * CVE-2017-8309: audio: host memory lekage via capture buffer (bz #1446520) * CVE-2017-8379: input: host memory lekage via keyboard events (bz #1446560) * CVE-2017-8380: scsi: megasas: out-of-bounds read in megasas_mmio_write (bz #1446578) * CVE-2017-9060: virtio-gpu: host memory leakage in Virtio GPU device (bz #1452598) * CVE-2017-9310: net: infinite loop in e1000e NIC emulation (bz #1452623) * CVE-2017-9330: usb: ohci: infinite loop due to incorrect return value (bz #1457699) * CVE-2017-9374: usb: ehci host memory leakage during hotunplug (bz #1459137) * CVE-2017-10806: usb-redirect: stack buffer overflow in debug logging (bz #1468497) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1443441 - CVE-2017-7718 Qemu: display: cirrus: OOB read access issue https://bugzilla.redhat.com/show_bug.cgi?id=1443441 [ 2 ] Bug #1430056 - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection https://bugzilla.redhat.com/show_bug.cgi?id=1430056 [ 3 ] Bug #1437871 - CVE-2017-7377 Qemu: 9pfs: host memory leakage via v9fs_create https://bugzilla.redhat.com/show_bug.cgi?id=1437871 [ 4 ] Bug #1444371 - CVE-2017-7980 Qemu: display: cirrus: OOB r/w access issues in bitblt routines https://bugzilla.redhat.com/show_bug.cgi?id=1444371 [ 5 ] Bug #1445621 - CVE-2017-8112 Qemu: scsi: vmw_pvscsi: infinite loop in pvscsi_log2 https://bugzilla.redhat.com/show_bug.cgi?id=1445621 [ 6 ] Bug #1446517 - CVE-2017-8309 Qemu: audio: host memory leakage via capture buffer https://bugzilla.redhat.com/show_bug.cgi?id=1446517 [ 7 ] Bug #1446547 - CVE-2017-8379 Qemu: input: host memory lekage via keyboard events https://bugzilla.redhat.com/show_bug.cgi?id=1446547 [ 8 ] Bug #1446577 - CVE-2017-8380 Qemu: scsi: megasas: out-of-bounds read in megasas_mmio_write https://bugzilla.redhat.com/show_bug.cgi?id=1446577 [ 9 ] Bug #1452597 - CVE-2017-9060 Qemu: virtio-gpu: host memory leakage in Virtio GPU device https://bugzilla.redhat.com/show_bug.cgi?id=1452597 [ 10 ] Bug #1452620 - CVE-2017-9310 Qemu: net: infinite loop in e1000e NIC emulation https://bugzilla.redhat.com/show_bug.cgi?id=1452620 [ 11 ] Bug #1457697 - CVE-2017-9330 Qemu: usb: ohci: infinite loop due to incorrect return value https://bugzilla.redhat.com/show_bug.cgi?id=1457697 [ 12 ] Bug #1459132 - CVE-2017-9374 Qemu: usb: ehci host memory leakage during hotunplug https://bugzilla.redhat.com/show_bug.cgi?id=1459132 [ 13 ] Bug #1468496 - CVE-2017-10806 Qemu: usb-redirect: stack buffer overflow in debug logging https://bugzilla.redhat.com/show_bug.cgi?id=1468496 -------------------------------------------------------------------------------- ================================================================================ snapd-glib-1.15-1.fc25 (FEDORA-2017-f3da5ab6fc) Library providing a GLib interface to snapd -------------------------------------------------------------------------------- Update Information: Update to snapd-glib v1.15. Overview of changes since v1.13: From v1.15: * Marked `snapd_system_information_get_confinement` as stable * Correctly stop requests if cancelled From v1.14: * New API: - `snapd_app_get_desktop_file` - `snapd_snap_get_title` - `snapd_system_information_get_confinement` (unstable) * Don't timeout waiting for snapd * Add version defines so can do conditional compilation on new features * Fix compilation with PolKit >= 0.114 * Fix snapd-qt compilation in clang * Fix snapd-qt compilation on systems that use different versions of MOC * snapd-qt improvements to better match best practice * Include enum headers in `snapd-glib.h` * Fix compile warnings using clang * Documentation improvements -------------------------------------------------------------------------------- References: [ 1 ] Bug #1468236 - snapd-glib-1.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1468236 -------------------------------------------------------------------------------- ================================================================================ supermin-5.1.18-1.fc25 (FEDORA-2017-e587cfd70e) Tool for creating supermin appliances -------------------------------------------------------------------------------- Update Information: New upstream release 5.1.18. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1470157 - symbolic links are broken https://bugzilla.redhat.com/show_bug.cgi?id=1470157 -------------------------------------------------------------------------------- ================================================================================ wine-2.12-1.fc25 (FEDORA-2017-aa94ffe3b9) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: Wine - Audio driver for Android. - Some performance improvements with async I/O. - More RegEdit file parser improvements. - Beginnings for MSI user interface support. - Various bug fixes. Wine-staging - Support for depth bias / depth clamping in D3D11. - Support for copying between resources with compatible DXGI formats. - Use OpenGL core context when necessary. - Various smaller bug fixes and improvements. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1468794 - wine-2.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=1468794 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
