The following Fedora 25 Security updates need testing: Age URL 211 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 110 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 49 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-90ad72e684 irssi-1.0.4-1.fc25 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c844713925 qt5-qtwebkit-5.212.0-0.5.alpha2.fc25 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-33c8085c5d groovy18-1.8.9-28.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-90cf7a82de minicom-2.7.1-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-86cfcbbae8 libstaroffice-0.0.4-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bcf1bc0775 mingw-librsvg2-2.40.18-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-82b5035f76 chicken-4.12.0-3.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-20cdb2063a runc-1.0.1-1.gitc5ec254.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b0918e3905 moodle-3.1.7-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c memcached-1.4.39-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe04b06b64 python-tablib-0.11.5-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b9e4c24094 subversion-1.9.6-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-05254795cf mingw-c-ares-1.13.0-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cd5d8cac23 seamonkey-2.48-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2ec83f11c1 glpi-9.1.6-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-73d6a0dfbb webkitgtk4-2.16.6-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b4154d6f6 open-vm-tools-10.1.5-5.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c039552fa community-mysql-5.7.19-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01ce69c6bf rt-4.4.1-9.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1fe6d2b86 nasm-2.13.01-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56b8f257af sscep-0.6.1-5.20160525git2052ee1.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 53 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e587cfd70e supermin-5.1.18-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2312ac9d9 pungi-4.1.17-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b67562744 ca-certificates-2017.2.16-1.0.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-73d6a0dfbb webkitgtk4-2.16.6-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d398be67a8 upower-0.99.5-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-612ec6607c net-snmp-5.7.3-15.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bda5c103f3 file-5.29-6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-91b708222e sssd-1.15.3-1.fc25 The following builds have been pushed to Fedora 25 updates-testing WebCalendar-1.2.7-9.fc25 colorful-1.3-1.fc25 docker-distribution-2.6.2-1.git48294d9.fc25 epix-1.2.17-1.fc25 file-5.29-6.fc25 flr-0.0.4-2.fc25 gfal2-2.14.1-1.fc25 gfal2-python-1.9.3-1.fc25 gfal2-util-1.5.1-1.fc25 gfalFS-1.5.2-1.fc25 kompose-1.0.0-2.fc25 mozilla-noscript-5.0.7.1-1.fc25 nasm-2.13.01-3.fc25 net-snmp-5.7.3-15.fc25 openqa-4.4-50.20170409gitfead7af.fc25 origin-1.5.1-3.fc25 os-autoinst-4.4-21.20170410git97928a2.fc25 perl-Data-Peek-0.47-1.fc25 python-pefile-2017.5.26-2.fc25 rt-4.4.1-9.fc25 sscep-0.6.1-5.20160525git2052ee1.fc25 sssd-1.15.3-1.fc25 texstudio-2.12.6-1.fc25 vdr-epg-daemon-1.1.121-1.fc25 wine-2.13-1.fc25 Details about builds: ================================================================================ WebCalendar-1.2.7-9.fc25 (FEDORA-2017-5731125498) Single/multi-user web-based calendar application -------------------------------------------------------------------------------- Update Information: - Patch "php7" for PHP version 7 compatibility. - Patch "groupsarrayinit" to fix an array initialization (PHP 7.1 compat.) - PHP 4 support dropped. - Patch "adminthemexss" to check validity of admin theme upon change. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1471128 - Code needs to be updated for PHP 7.0.x and 7.1.x https://bugzilla.redhat.com/show_bug.cgi?id=1471128 -------------------------------------------------------------------------------- ================================================================================ colorful-1.3-1.fc25 (FEDORA-2017-03dbe1c9c9) Side-view shooter game -------------------------------------------------------------------------------- Update Information: Update to new upstream release (v.1.3) -------------------------------------------------------------------------------- ================================================================================ docker-distribution-2.6.2-1.git48294d9.fc25 (FEDORA-2017-2232fe97b4) Docker toolset to pack, ship, store, and deliver content -------------------------------------------------------------------------------- Update Information: Resolves: #1474893, #1474894 - CVE-2017-11468 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1474893 - CVE-2017-11468 docker-distribution: Does not properly restrict the amount of content accepted from a user https://bugzilla.redhat.com/show_bug.cgi?id=1474893 -------------------------------------------------------------------------------- ================================================================================ epix-1.2.17-1.fc25 (FEDORA-2017-6ca04db7cd) Utilities for mathematically accurate figures -------------------------------------------------------------------------------- Update Information: - Update to 1.2.17 -------------------------------------------------------------------------------- ================================================================================ file-5.29-6.fc25 (FEDORA-2017-bda5c103f3) A utility for determining file types -------------------------------------------------------------------------------- Update Information: - fixed recognition of gnu message catalog (.mo) files -------------------------------------------------------------------------------- References: [ 1 ] Bug #1226215 - file does not recognize "GNU message catalog" (.mo) file correctly https://bugzilla.redhat.com/show_bug.cgi?id=1226215 -------------------------------------------------------------------------------- ================================================================================ flr-0.0.4-2.fc25 (FEDORA-2017-a40f55ff93) Fedora Releng python libraries and command line tools -------------------------------------------------------------------------------- Update Information: Fix unreported missing python dependency. -------------------------------------------------------------------------------- ================================================================================ gfal2-2.14.1-1.fc25 (FEDORA-2017-866845b90a) Grid file access library 2.0 -------------------------------------------------------------------------------- Update Information: New upstream release 2.14.1 -------------------------------------------------------------------------------- ================================================================================ gfal2-python-1.9.3-1.fc25 (FEDORA-2017-6960a5a4e0) Python bindings for gfal 2 -------------------------------------------------------------------------------- Update Information: Upstream release 1.9.3 -------------------------------------------------------------------------------- ================================================================================ gfal2-util-1.5.1-1.fc25 (FEDORA-2017-2f841b86ad) GFAL2 utility tools -------------------------------------------------------------------------------- Update Information: New upstream release 1.5.1 -------------------------------------------------------------------------------- ================================================================================ gfalFS-1.5.2-1.fc25 (FEDORA-2017-5b1d5a7277) Filesystem client based on GFAL 2.0 -------------------------------------------------------------------------------- Update Information: Upstream release 1.5.2 -------------------------------------------------------------------------------- ================================================================================ kompose-1.0.0-2.fc25 (FEDORA-2017-ddfb4a8ef8) Tool to move from 'docker-compose' to Kubernetes -------------------------------------------------------------------------------- Update Information: Update arch for spec. ---- Update to latest version 1.0.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473669 - kompose-v1.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1473669 -------------------------------------------------------------------------------- ================================================================================ mozilla-noscript-5.0.7.1-1.fc25 (FEDORA-2017-e6fd99971d) JavaScript white list extension for Mozilla Firefox -------------------------------------------------------------------------------- Update Information: * [WebExt] Fixed incompatibility with Firefox 54 * [WebExt] Initiated preference migration via embedded WebExtension * [e10s] Fixed HTTP redirection issues with e10s enabled (thanks PLD for reporting) * [Surrogate] Updated googletag replacement (thanks barbaz) * Fixed HTML5 Media documents blockage delay if no other embedded content is forbidden (thanks Georg Koppen for reporting) * [XSS] Fixed bug causing false positives (thanks Georg Koppen for reporting) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1474552 - mozilla-noscript-5.0.7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1474552 -------------------------------------------------------------------------------- ================================================================================ nasm-2.13.01-3.fc25 (FEDORA-2017-a1fe6d2b86) A portable x86 assembler which uses Intel-like syntax -------------------------------------------------------------------------------- Update Information: Fix use-after-free and heap buffer overflow vulnerabilities (CVE-2017-10686, CVE-2017-11111) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1472882 - CVE-2017-10686 nasm: Use-after-free in the detoken() function https://bugzilla.redhat.com/show_bug.cgi?id=1472882 [ 2 ] Bug #1472884 - CVE-2017-11111 nasm: Heap buffer overflow in the preproc.c https://bugzilla.redhat.com/show_bug.cgi?id=1472884 -------------------------------------------------------------------------------- ================================================================================ net-snmp-5.7.3-15.fc25 (FEDORA-2017-612ec6607c) A collection of SNMP protocol tools and libraries -------------------------------------------------------------------------------- Update Information: Update mysql library patch -------------------------------------------------------------------------------- ================================================================================ openqa-4.4-50.20170409gitfead7af.fc25 (FEDORA-2017-df8136926a) OS-level automated testing framework -------------------------------------------------------------------------------- Update Information: These updates make openQA and os-autoinst `Recommend` git. Neither actually requires git to be installed to work, but both will produce non-fatal errors/warnings when it isn't, as reported in https://bugzilla.redhat.com/show_bug.cgi?id=1467086 . -------------------------------------------------------------------------------- References: [ 1 ] Bug #1467086 - Some openqa machines have problems lack of git https://bugzilla.redhat.com/show_bug.cgi?id=1467086 -------------------------------------------------------------------------------- ================================================================================ origin-1.5.1-3.fc25 (FEDORA-2017-d0f3601822) Open Source Container Management by Red Hat -------------------------------------------------------------------------------- Update Information: Update to fix unreported bug in origin-excluder -------------------------------------------------------------------------------- ================================================================================ os-autoinst-4.4-21.20170410git97928a2.fc25 (FEDORA-2017-df8136926a) OS-level test automation -------------------------------------------------------------------------------- Update Information: These updates make openQA and os-autoinst `Recommend` git. Neither actually requires git to be installed to work, but both will produce non-fatal errors/warnings when it isn't, as reported in https://bugzilla.redhat.com/show_bug.cgi?id=1467086 . -------------------------------------------------------------------------------- References: [ 1 ] Bug #1467086 - Some openqa machines have problems lack of git https://bugzilla.redhat.com/show_bug.cgi?id=1467086 -------------------------------------------------------------------------------- ================================================================================ perl-Data-Peek-0.47-1.fc25 (FEDORA-2017-bb65cf8c75) Collection of low-level debug facilities -------------------------------------------------------------------------------- Update Information: This release fixes stack handling. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1475050 - perl-Data-Peek-0.47 is available https://bugzilla.redhat.com/show_bug.cgi?id=1475050 -------------------------------------------------------------------------------- ================================================================================ python-pefile-2017.5.26-2.fc25 (FEDORA-2017-ae03a14a1a) Python module for working with Portable Executable files -------------------------------------------------------------------------------- Update Information: Fix requirement (rhbz #1474447) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1474447 - Python-pefile package is missing dependency to python-future https://bugzilla.redhat.com/show_bug.cgi?id=1474447 -------------------------------------------------------------------------------- ================================================================================ rt-4.4.1-9.fc25 (FEDORA-2017-01ce69c6bf) Request tracker -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-6127 CVE-2017-5361 CVE-2017-5943 CVE-2017-5944 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1475084 - CVE-2016-6127 CVE-2017-5361 CVE-2017-5943 CVE-2017-5944 rt: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1475084 -------------------------------------------------------------------------------- ================================================================================ sscep-0.6.1-5.20160525git2052ee1.fc25 (FEDORA-2017-56b8f257af) Simple SCEP client with modifications for engine support & more -------------------------------------------------------------------------------- Update Information: Changed compiler flags to include RPM_OPT_FLAGS and RPM_LD_FLAGS. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1294960 - sscep-0.6.1-1.20151228git68e354a not built with $RPM_OPT/LD_FLAGS, smp_mflags https://bugzilla.redhat.com/show_bug.cgi?id=1294960 -------------------------------------------------------------------------------- ================================================================================ sssd-1.15.3-1.fc25 (FEDORA-2017-91b708222e) System Security Services Daemon -------------------------------------------------------------------------------- Update Information: New upstream release 1.15.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1435662 - With multiple subdomain sections id command output for user is not displayed for both domains https://bugzilla.redhat.com/show_bug.cgi?id=1435662 -------------------------------------------------------------------------------- ================================================================================ texstudio-2.12.6-1.fc25 (FEDORA-2017-14f31be977) A feature-rich editor for LaTeX documents -------------------------------------------------------------------------------- Update Information: - update to 2.12.6 - http://texstudio.sourceforge.net/manual/current/CHANGELOG.txt -------------------------------------------------------------------------------- ================================================================================ vdr-epg-daemon-1.1.121-1.fc25 (FEDORA-2017-cccb0a01d6) A daemon to download EPG data from internet and manage it in a mysql database -------------------------------------------------------------------------------- Update Information: Update to 1.1.121 -------------------------------------------------------------------------------- ================================================================================ wine-2.13-1.fc25 (FEDORA-2017-66a2ac0bb4) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: Wine-staging https://wine-staging.com/news/2017-07-25-release-2.13.html Winehq https://www.winehq.org/announce/2.13 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473878 - wine-2.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1473878 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
