The following Fedora 25 Security updates need testing: Age URL 220 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 119 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 58 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-90ad72e684 irssi-1.0.4-1.fc25 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c844713925 qt5-qtwebkit-5.212.0-0.5.alpha2.fc25 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-33c8085c5d groovy18-1.8.9-28.fc25 18 https://bodhi.fedoraproject.org/updates/FEDORA-2017-86cfcbbae8 libstaroffice-0.0.4-1.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-82b5035f76 chicken-4.12.0-3.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c memcached-1.4.39-1.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe04b06b64 python-tablib-0.11.5-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b9e4c24094 subversion-1.9.6-2.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c039552fa community-mysql-5.7.19-1.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1fe6d2b86 nasm-2.13.01-3.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56b8f257af sscep-0.6.1-5.20160525git2052ee1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ed31e1f941 remmina-1.2.0-0.39.20170724git0387ee0.fc25 freerdp-2.0.0-31.20170724gitf8c9f43.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4ede204115 python-dbusmock-0.11.1-6.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-85eb9f7a36 supervisor-3.2.4-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-127e76d78d cacti-1.1.16-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-be3df4fe14 java-1.8.0-openjdk-aarch32-1.8.0.141-1.170721.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b9433ad88e knot-resolver-1.3.2-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b812362f61 php-horde-Horde-Core-2.30.0-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-26f9e09c8a php-horde-Horde-Form-2.0.18-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-17f457262c php-horde-Horde-Url-2.2.6-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c19905c9b php-horde-horde-5.2.16-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-692c05119d php-horde-kronolith-4.2.22-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-34d34904f5 php-horde-nag-4.2.15-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-449b22158f php-horde-turba-4.2.20-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ff06ff0ec9 gsoap-2.8.30-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f452765e1e jackson-databind-2.7.6-3.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5bca8ec531 qpdf-6.0.0-4.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bfbc5de1b1 varnish-5.0.0-4.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 62 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 18 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2312ac9d9 pungi-4.1.17-1.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b67562744 ca-certificates-2017.2.16-1.0.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-91b708222e sssd-1.15.3-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3c4c65666b vim-8.0.823-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-47ab4eb28e dbus-1.11.16-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6ba3c7e68e pcre2-10.23-9.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-14f47083d7 gdisk-1.0.3-2.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bda5c103f3 file-5.29-7.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-35ca60d005 upower-0.99.5-1.fc25.1 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f6246f77bc hwdata-0.303-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bed0d7ff15 libidn2-2.0.3-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-aa3d808449 gnome-online-accounts-3.22.6-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c9898a7430 expat-2.2.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-96773ef690 libsolv-0.6.28-5.fc25 The following builds have been pushed to Fedora 25 updates-testing copr-dist-git-0.35-1.fc25 expat-2.2.3-1.fc25 gnome-pkg-tools-0.19.9-1.fc25 icecat-52.2.1-1.fc25 libsolv-0.6.28-5.fc25 libyui-3.3.3-1.fc25 libyui-gtk-2.44.9-9.fc25 libyui-mga-1.0.8-0.13.gita6a160e.20160313.fc25 libyui-mga-gtk-1.0.2-0.14.git22f2cf6.20131215.fc25 libyui-mga-ncurses-1.0.2-0.14.git026f2e6.20131215.fc25 libyui-mga-qt-1.0.3-0.14.gitb508e88.20140119.fc25 libyui-ncurses-2.48.3-2.fc25 libyui-qt-2.47.1-10.fc25 nodejs-6.11.2-1.fc25 openscap-daemon-0.1.7-1.fc25 php-pecl-uopz-5.0.2-1.fc25 php-zendframework-zend-validator-2.9.2-1.fc25 python-daiquiri-1.2.1-1.fc25 python-json-logger-0.1.7-1.fc25 python-yattag-1.8.0-1.fc25 varnish-5.0.0-4.fc25 Details about builds: ================================================================================ copr-dist-git-0.35-1.fc25 (FEDORA-2017-181cee7f2e) Copr services for Dist Git server -------------------------------------------------------------------------------- Update Information: fix cvs-data ignore regular expression ---- - remove --global for git config in tests so that it does not modify ~/.gitconfig - fix #106 Renaming a spec file in a newer version causes the build to fail - make get_package_name more robust - add DistGitProvider with support for multiple distgits -------------------------------------------------------------------------------- ================================================================================ expat-2.2.3-1.fc25 (FEDORA-2017-c9898a7430) An XML parser library -------------------------------------------------------------------------------- Update Information: This update includes the latest upstream release of expat, fixing a potential hang at boot time on some systems. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473266 - systemd/dbus hang since the expat has been updated to 2.2.1 https://bugzilla.redhat.com/show_bug.cgi?id=1473266 [ 2 ] Bug #1470891 - expat-2.2.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1470891 -------------------------------------------------------------------------------- ================================================================================ gnome-pkg-tools-0.19.9-1.fc25 (FEDORA-2017-c7f32944dd) Tools for the Debian GNOME Packaging Team -------------------------------------------------------------------------------- Update Information: Update to 0.19.9, see http://metadata.ftp-master.debian.org/changelogs/main/g /gnome-pkg-tools/gnome-pkg-tools_0.19.9_changelog for details. -------------------------------------------------------------------------------- ================================================================================ icecat-52.2.1-1.fc25 (FEDORA-2017-308c3ecc29) GNU version of Firefox browser -------------------------------------------------------------------------------- Update Information: - Update to 52.2.1 - ICU source code patched to work on big-endian architectures -------------------------------------------------------------------------------- ================================================================================ libsolv-0.6.28-5.fc25 (FEDORA-2017-96773ef690) Package dependency solver -------------------------------------------------------------------------------- Update Information: Backport WIT/WITHOUT richop support -------------------------------------------------------------------------------- ================================================================================ libyui-3.3.3-1.fc25 (FEDORA-2017-1092dc72f2) GUI-abstraction library -------------------------------------------------------------------------------- Update Information: * New upstream release * Dependency on cmake-filesystem is autogenerated now * Skip building of LaTeX-docs ---- * Require cmake-filesystem -------------------------------------------------------------------------------- ================================================================================ libyui-gtk-2.44.9-9.fc25 (FEDORA-2017-4dec5a520d) Gtk3 User Interface for libyui -------------------------------------------------------------------------------- Update Information: * Dependency on cmake-filesystem is autogenerated now * Skip building of LaTeX- docs ---- * Require cmake-filesystem -------------------------------------------------------------------------------- ================================================================================ libyui-mga-1.0.8-0.13.gita6a160e.20160313.fc25 (FEDORA-2017-9072036f5a) Libyui extensions for Mageia tools -------------------------------------------------------------------------------- Update Information: * Dependency on cmake-filesystem is autogenerated now * Skip building of LaTeX- docs ---- * Require cmake-filesystem -------------------------------------------------------------------------------- ================================================================================ libyui-mga-gtk-1.0.2-0.14.git22f2cf6.20131215.fc25 (FEDORA-2017-90a020e950) Libyui-Gtk extensions for Mageia tools -------------------------------------------------------------------------------- Update Information: * Dependency on cmake-filesystem is autogenerated now * Skip building of LaTeX- docs ---- * Require cmake-filesystem -------------------------------------------------------------------------------- ================================================================================ libyui-mga-ncurses-1.0.2-0.14.git026f2e6.20131215.fc25 (FEDORA-2017-86d4c858bf) Libyui-Ncurses extensions for Mageia tools -------------------------------------------------------------------------------- Update Information: * Dependency on cmake-filesystem is autogenerated now * Skip building of LaTeX- docs ---- * Require cmake-filesystem -------------------------------------------------------------------------------- ================================================================================ libyui-mga-qt-1.0.3-0.14.gitb508e88.20140119.fc25 (FEDORA-2017-1355defe47) Libyui-Qt extensions for Mageia tools -------------------------------------------------------------------------------- Update Information: * Dependency on cmake-filesystem is autogenerated now * Skip building of LaTeX- docs ---- * Require cmake-filesystem -------------------------------------------------------------------------------- ================================================================================ libyui-ncurses-2.48.3-2.fc25 (FEDORA-2017-9ed518e208) Character Based User Interface for libyui -------------------------------------------------------------------------------- Update Information: * Dependency on cmake-filesystem is autogenerated now * Skip building of LaTeX- docs ---- * New upstream release ---- * Require cmake-filesystem -------------------------------------------------------------------------------- ================================================================================ libyui-qt-2.47.1-10.fc25 (FEDORA-2017-a7d3afc7e8) Qt User Interface for libyui -------------------------------------------------------------------------------- Update Information: * Dependency on cmake-filesystem is autogenerated now * Skip building of LaTeX- docs ---- * Require cmake-filesystem -------------------------------------------------------------------------------- ================================================================================ nodejs-6.11.2-1.fc25 (FEDORA-2017-82350a8205) JavaScript runtime -------------------------------------------------------------------------------- Update Information: Update to latest v6.x release. -------------------------------------------------------------------------------- ================================================================================ openscap-daemon-0.1.7-1.fc25 (FEDORA-2017-98921394cf) Manages continuous SCAP scans of your infrastructure -------------------------------------------------------------------------------- Update Information: Update to the latest upstream release. Changes: - New features: - Scanning of any XCCDF profile in oscapd-evaluate - Detecting XCCDF profiles applicable to a given target - Generating remediation scripts based on scan results - Shortened profile IDs are accepted - Maintenance: - Several exceptions are caught - Fixed JSON output - Better error messages -------------------------------------------------------------------------------- ================================================================================ php-pecl-uopz-5.0.2-1.fc25 (FEDORA-2017-bd49f5f8ed) User Operations for Zend -------------------------------------------------------------------------------- Update Information: **Version 5.0.2** - add uopz.disable ini switch (default 0) - fix gh#43: setting hook on __invoke method doesn't work on call_user_func - fix gh#48: segmentation fault (uopz_set_return) - add 4 new functions: - uopz_call_user_func(callable function, ... args) - uopz_get_exit_status() - uopz_allow_exit(bool allow) - uopz_call_user_func_array(callable function, array args) - fix PHP 7.1 compatibility - fix PHP 7.2 compatibility -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-validator-2.9.2-1.fc25 (FEDORA-2017-c4c2268042) Zend Framework Validator component -------------------------------------------------------------------------------- Update Information: **Version 2.9.2** - 2017-07-20 - [#180](https://github.com/zendframework/zend- validator/pull/180) fixes how `Zend\Validator\File\MimeType` "closes" the open FileInfo handle for the file being validated, using `unset()` instead of `finfo_close()`; this resolves a segfault that occurs on older PHP versions. - [#174](https://github.com/zendframework/zend-validator/pull/174) fixes how `Zend\Validator\Between` handles two situations: (1) when a non-numeric value is validated against numeric min/max values, and (2) when a numeric value is validated against non-numeric min/max values. Previously, these incorrectly validated as true; now they are marked invalid. -------------------------------------------------------------------------------- ================================================================================ python-daiquiri-1.2.1-1.fc25 (FEDORA-2017-be6192725c) Library to configure Python logging easily -------------------------------------------------------------------------------- Update Information: New package python-daiquiri and new dependency python-json-logger -------------------------------------------------------------------------------- ================================================================================ python-json-logger-0.1.7-1.fc25 (FEDORA-2017-be6192725c) A python library adding a json log formatter -------------------------------------------------------------------------------- Update Information: New package python-daiquiri and new dependency python-json-logger -------------------------------------------------------------------------------- ================================================================================ python-yattag-1.8.0-1.fc25 (FEDORA-2017-af38f1f9ce) Pure python alternative to web template engines -------------------------------------------------------------------------------- Update Information: Initial 1.8.0 package version. -------------------------------------------------------------------------------- ================================================================================ varnish-5.0.0-4.fc25 (FEDORA-2017-bfbc5de1b1) High-performance HTTP accelerator -------------------------------------------------------------------------------- Update Information: New upstream release. This is a security release, with a fix for a crash bug that might be used in a denial of service attack. Details from the upstream project are found here: http://varnish-cache.org/security/VSV00001.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1477698 - CVE-2017-12425 varnish: Missing check for integer overflow when handling chunk sizes in HTTP requests [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1477698 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
