The following Fedora 25 Security updates need testing: Age URL 212 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 111 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 50 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-90ad72e684 irssi-1.0.4-1.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c844713925 qt5-qtwebkit-5.212.0-0.5.alpha2.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-33c8085c5d groovy18-1.8.9-28.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-86cfcbbae8 libstaroffice-0.0.4-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bcf1bc0775 mingw-librsvg2-2.40.18-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-82b5035f76 chicken-4.12.0-3.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-20cdb2063a runc-1.0.1-1.gitc5ec254.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b0918e3905 moodle-3.1.7-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c memcached-1.4.39-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe04b06b64 python-tablib-0.11.5-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b9e4c24094 subversion-1.9.6-2.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-05254795cf mingw-c-ares-1.13.0-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cd5d8cac23 seamonkey-2.48-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2ec83f11c1 glpi-9.1.6-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-73d6a0dfbb webkitgtk4-2.16.6-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b4154d6f6 open-vm-tools-10.1.5-5.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c039552fa community-mysql-5.7.19-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01ce69c6bf rt-4.4.1-9.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1fe6d2b86 nasm-2.13.01-3.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56b8f257af sscep-0.6.1-5.20160525git2052ee1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7faa3d2e78 ruby-2.3.3-62.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f838eb0c5e php-PHPMailer-5.2.24-1.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 54 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e587cfd70e supermin-5.1.18-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2312ac9d9 pungi-4.1.17-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b67562744 ca-certificates-2017.2.16-1.0.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-73d6a0dfbb webkitgtk4-2.16.6-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-612ec6607c net-snmp-5.7.3-15.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-91b708222e sssd-1.15.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c75f9d414a ibus-1.5.14-6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b6e69c8a5b gdk-pixbuf2-2.36.7-2.fc25 The following builds have been pushed to Fedora 25 updates-testing apr-1.6.2-1.fc25 casync-2-1.fc25 elixir-1.4.5-1.fc25 gdk-pixbuf2-2.36.7-2.fc25 gfal2-2.14.2-1.fc25 gnome-valgrind-session-1.1-14.fc25 ibus-1.5.14-6.fc25 lollypop-0.9.244-1.fc25 mimedefang-2.80-1.fc25 php-PHPMailer-5.2.24-1.fc25 polymake-3.0r2-5.fc25 python-caja-1.18.1-1.fc25 python-pyxs-0.4.1-1.fc25 python-qt5-5.7-7.fc25 rolekit-0.5.2-1.fc25 ruby-2.3.3-62.fc25 rubygem-rdoc-4.2.2-3.fc25 xpra-2.1-2.fc25 Details about builds: ================================================================================ apr-1.6.2-1.fc25 (FEDORA-2017-0193fbdd2f) Apache Portable Runtime library -------------------------------------------------------------------------------- Update Information: This update has the latest upstream release of the Apache Portable Runtime, including numerous bug fixes and enhancements. See http://www.apache.org/dist/apr/CHANGES-APR-1.6 for more information. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1460830 - apr-1.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1460830 -------------------------------------------------------------------------------- ================================================================================ casync-2-1.fc25 (FEDORA-2017-84d649deca) Content Addressable Data Synchronizer -------------------------------------------------------------------------------- Update Information: Latest version: sftp support, selinux attributes, btrfs subvolume information, new man page, various fixes. No need to reboot or log out. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1475299 - casync-v2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1475299 -------------------------------------------------------------------------------- ================================================================================ elixir-1.4.5-1.fc25 (FEDORA-2017-d695bd729b) A modern approach to programming for the Erlang VM -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ================================================================================ gdk-pixbuf2-2.36.7-2.fc25 (FEDORA-2017-b6e69c8a5b) An image loading library -------------------------------------------------------------------------------- Update Information: This update fixes a 2.36.7 regression with handling .ico files that contain multiple icons. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1475286 - After updating gdk-pixbuf2, *.ico format support seems broken https://bugzilla.redhat.com/show_bug.cgi?id=1475286 -------------------------------------------------------------------------------- ================================================================================ gfal2-2.14.2-1.fc25 (FEDORA-2017-866845b90a) Grid file access library 2.0 -------------------------------------------------------------------------------- Update Information: New upstream release 2.14.2 -------------------------------------------------------------------------------- ================================================================================ gnome-valgrind-session-1.1-14.fc25 (FEDORA-2017-3532b06ebc) Run an entire GNOME session under valgrind -------------------------------------------------------------------------------- Update Information: Don't blow up on modern machines! -------------------------------------------------------------------------------- References: [ 1 ] Bug #1376444 - valgrind breaks due to option "--alignment=8" https://bugzilla.redhat.com/show_bug.cgi?id=1376444 -------------------------------------------------------------------------------- ================================================================================ ibus-1.5.14-6.fc25 (FEDORA-2017-c75f9d414a) Intelligent Input Bus for Linux OS -------------------------------------------------------------------------------- Update Information: Enhanced a DBus logic not to occur the SEGVs. All related bugs are hard to be reproduced and not sure if they are fixed. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1446816 - [abrt] ibus: XkbUseExtension(): ibus-ui-gtk3 killed by signal 11 https://bugzilla.redhat.com/show_bug.cgi?id=1446816 [ 2 ] Bug #1368593 - [abrt] ibus: XkbFreeClientMap(): ibus-ui-gtk3 killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1368593 [ 3 ] Bug #1350291 - [abrt] ibus: bus_dbus_impl_dispatch_message_by_rule(): ibus-daemon killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1350291 [ 4 ] Bug #1385349 - [abrt] ibus: bus_panel_proxy_focus_in(): ibus-daemon killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1385349 [ 5 ] Bug #1349148 - [abrt] ibus: bus_panel_proxy_focus_in(): ibus-daemon killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1349148 -------------------------------------------------------------------------------- ================================================================================ lollypop-0.9.244-1.fc25 (FEDORA-2017-9502ff776c) Music player for GNOME -------------------------------------------------------------------------------- Update Information: - Remove rhythmbox2lollypop since it moved to lollypop-cli - Update lollypop- portal to 3a3a8b1 - Update to 0.9.244 -------------------------------------------------------------------------------- ================================================================================ mimedefang-2.80-1.fc25 (FEDORA-2017-71ed74233d) E-Mail filtering framework using Sendmail's Milter interface -------------------------------------------------------------------------------- Update Information: MIMEDefang 2.80 =============== * md-mx-ctrl: Add newline to mimedefang- multiplexor output that lacks a newline * mimedefang-util: Properly substitute @PERL@ at configure time * mimedefang-multiplexor.c: Move variable declarations to start of compound statement to avoid problems with older C compilers * mimedefang.pl: Add an extra level of subdirectories in the quarantine to avoid 32K subdirectory limit on ext3; idea by Kevin McGrail * Note incompatibility: Quarantine subdirectory naming changed * mimedefang.c: Fix bug that caused Queue-ID not to show up when using MIMEDefang with Postfix (thanks to Kris Deugau) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1474551 - mimedefang-2.80 is available https://bugzilla.redhat.com/show_bug.cgi?id=1474551 -------------------------------------------------------------------------------- ================================================================================ php-PHPMailer-5.2.24-1.fc25 (FEDORA-2017-f838eb0c5e) PHP email transport class with a lot of features -------------------------------------------------------------------------------- Update Information: Update to 5.2.24: fixes XSS vulnerability CVE-2017-11503. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1474418 - CVE-2017-11503 php-PHPMailer: phpmailer: XSS in code_generator.php [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474418 -------------------------------------------------------------------------------- ================================================================================ polymake-3.0r2-5.fc25 (FEDORA-2017-78a1ab5fb0) Algorithms on convex polytopes and polyhedra -------------------------------------------------------------------------------- Update Information: This is a rebuild for perl 5.24.1. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1475096 - Cannot update perl because of polymake https://bugzilla.redhat.com/show_bug.cgi?id=1475096 -------------------------------------------------------------------------------- ================================================================================ python-caja-1.18.1-1.fc25 (FEDORA-2017-4136f544e2) Python bindings for Caja -------------------------------------------------------------------------------- Update Information: - update to 1.18.1 -------------------------------------------------------------------------------- ================================================================================ python-pyxs-0.4.1-1.fc25 (FEDORA-2017-89f0d6ae05) Pure Python bindings to XenStore -------------------------------------------------------------------------------- Update Information: New package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1475035 - Review Request: python-pyxs - Pure Python bindings to XenStore https://bugzilla.redhat.com/show_bug.cgi?id=1475035 -------------------------------------------------------------------------------- ================================================================================ python-qt5-5.7-7.fc25 (FEDORA-2017-a14d76a140) PyQt5 is Python bindings for Qt5 -------------------------------------------------------------------------------- Update Information: the new update fixes following issue: runarbitrary code execution due to insecure loading of Python module from the current working directory -------------------------------------------------------------------------------- References: [ 1 ] Bug #1348507 - Arbitrary code execution due to insecure loading of Python module(s) from CWD https://bugzilla.redhat.com/show_bug.cgi?id=1348507 -------------------------------------------------------------------------------- ================================================================================ rolekit-0.5.2-1.fc25 (FEDORA-2017-f1b40cba6b) A server daemon with D-Bus interface providing a server roles -------------------------------------------------------------------------------- Update Information: Fix incorrect ipa-server-install invocation for Domain Controller deployment. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469298 - Domain controller role: incorrect ipa-server-install invocation on Rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1469298 -------------------------------------------------------------------------------- ================================================================================ ruby-2.3.3-62.fc25 (FEDORA-2017-7faa3d2e78) An interpreter of object-oriented scripting language -------------------------------------------------------------------------------- Update Information: Fix IV Reuse in GCM Mode. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1381526 - CVE-2016-7798 ruby: IV Reuse in GCM Mode https://bugzilla.redhat.com/show_bug.cgi?id=1381526 -------------------------------------------------------------------------------- ================================================================================ rubygem-rdoc-4.2.2-3.fc25 (FEDORA-2017-29526f04d3) RDoc produces HTML and command-line documentation for Ruby projects -------------------------------------------------------------------------------- Update Information: Fix the RI path. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458131 - RI can't find Array#new docs https://bugzilla.redhat.com/show_bug.cgi?id=1458131 -------------------------------------------------------------------------------- ================================================================================ xpra-2.1-2.fc25 (FEDORA-2017-7d965f0d77) Remote display server for applications and desktops -------------------------------------------------------------------------------- Update Information: - Update to 2.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1475316 - xpra-2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1475316 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
