The following Fedora 25 Security updates need testing: Age URL 223 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 121 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 61 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 26 https://bodhi.fedoraproject.org/updates/FEDORA-2017-90ad72e684 irssi-1.0.4-1.fc25 26 https://bodhi.fedoraproject.org/updates/FEDORA-2017-33c8085c5d groovy18-1.8.9-28.fc25 20 https://bodhi.fedoraproject.org/updates/FEDORA-2017-86cfcbbae8 libstaroffice-0.0.4-1.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-82b5035f76 chicken-4.12.0-3.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c memcached-1.4.39-1.fc25 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe04b06b64 python-tablib-0.11.5-1.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c039552fa community-mysql-5.7.19-1.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1fe6d2b86 nasm-2.13.01-3.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56b8f257af sscep-0.6.1-5.20160525git2052ee1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ed31e1f941 remmina-1.2.0-0.39.20170724git0387ee0.fc25 freerdp-2.0.0-31.20170724gitf8c9f43.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4ede204115 python-dbusmock-0.11.1-6.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-85eb9f7a36 supervisor-3.2.4-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-127e76d78d cacti-1.1.16-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-be3df4fe14 java-1.8.0-openjdk-aarch32-1.8.0.141-1.170721.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b9433ad88e knot-resolver-1.3.2-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b812362f61 php-horde-Horde-Core-2.30.0-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-26f9e09c8a php-horde-Horde-Form-2.0.18-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-17f457262c php-horde-Horde-Url-2.2.6-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c19905c9b php-horde-horde-5.2.16-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-692c05119d php-horde-kronolith-4.2.22-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-34d34904f5 php-horde-nag-4.2.15-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-449b22158f php-horde-turba-4.2.20-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ff06ff0ec9 gsoap-2.8.30-2.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f452765e1e jackson-databind-2.7.6-3.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bfbc5de1b1 varnish-5.0.0-4.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 65 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 20 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2312ac9d9 pungi-4.1.17-1.fc25 18 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b67562744 ca-certificates-2017.2.16-1.0.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-91b708222e sssd-1.15.3-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bda5c103f3 file-5.29-7.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f6246f77bc hwdata-0.303-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bed0d7ff15 libidn2-2.0.3-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-35ca60d005 upower-0.99.5-1.fc25.1 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-aa3d808449 gnome-online-accounts-3.22.6-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c9898a7430 expat-2.2.3-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-96773ef690 libsolv-0.6.28-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-27b797304f appstream-data-25-21.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-226cbd995b libvirt-2.2.1-3.fc25 The following builds have been pushed to Fedora 25 updates-testing 64tass-1.53.1515-1.fc25 aime-8.20170803-1.fc25 appcenter-0.2.5-1.fc25 appstream-data-25-21.fc25 bindfs-1.13.7-3.fc25 cgnslib-3.3.1-1.fc25 chocolate-doom-2.3.0-1.fc25 cjs-3.4.3-4.fc25 cri-o-1.0.0.beta.0-1.git66d96e7.fc25 cvechecker-3.8-1.fc25 fedrepo-req-0.5.0-1.fc25 golang-github-petermattis-goid-0-0.2.git0ded858.fc25 golang-github-remyoudompheng-bigfft-0-0.2.git3da9816.fc25 gsequencer-0.9.4-1.fc25 hplip-3.17.6-1.fc25 imaptest-20170719-1.fc25 libepubgen-0.0.1-1.fc25 libvirt-2.2.1-3.fc25 modtools-0.0.1-4.fc25 perl-Text-Fuzzy-0.26-4.fc25 php-consolidation-annotated-command-2.4.11-1.fc25 php-libvirt-0.5.4-1.fc25 php-mikey179-vfsstream-1.6.5-1.fc25 python-sqlalchemy-1.0.19-1.fc25 shutter-0.93.1-8.fc25 xfce4-whiskermenu-plugin-1.7.3-1.fc25 Details about builds: ================================================================================ 64tass-1.53.1515-1.fc25 (FEDORA-2017-50fb128f4c) 6502 assembler -------------------------------------------------------------------------------- Update Information: - Rebuilt for new upstream release 1.53.1515, fixes rhbz #1447034 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1447034 - 64tass-1.53.1515 is available https://bugzilla.redhat.com/show_bug.cgi?id=1447034 -------------------------------------------------------------------------------- ================================================================================ aime-8.20170803-1.fc25 (FEDORA-2017-02eaa206ae) An application embeddable programming language interpreter -------------------------------------------------------------------------------- Update Information: - Updated to new 8.20170803 upstream version, fixes rhbz #1476248 ---- - Updated to new 8.20170727 upstream version, fixes rhbz #1476248 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1476248 - aime-8.20170727 is available https://bugzilla.redhat.com/show_bug.cgi?id=1476248 -------------------------------------------------------------------------------- ================================================================================ appcenter-0.2.5-1.fc25 (FEDORA-2017-fdb18fc919) Software Center for the Pantheon desktop -------------------------------------------------------------------------------- Update Information: Update to version 0.2.5. -------------------------------------------------------------------------------- ================================================================================ appstream-data-25-21.fc25 (FEDORA-2017-27b797304f) Fedora AppStream metadata -------------------------------------------------------------------------------- Update Information: New metadata version -------------------------------------------------------------------------------- ================================================================================ bindfs-1.13.7-3.fc25 (FEDORA-2017-0a2862f079) Fuse filesystem to mirror a directory -------------------------------------------------------------------------------- Update Information: - Rebuilt for new upstream release, spec cleanup, fixes rhbz#1423275 - Fixes #1282073 RFE; Build for epel7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1282073 - RFE; Build for epel7 https://bugzilla.redhat.com/show_bug.cgi?id=1282073 -------------------------------------------------------------------------------- ================================================================================ cgnslib-3.3.1-1.fc25 (FEDORA-2017-7179d99b94) Computational Fluid Dynamics General Notation System -------------------------------------------------------------------------------- Update Information: Update to version 3.3.1, see https://github.com/CGNS/CGNS/releases/tag/v3.3.1 for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1471762 - cgnslib-3.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1471762 -------------------------------------------------------------------------------- ================================================================================ chocolate-doom-2.3.0-1.fc25 (FEDORA-2017-8551af2c6a) Historically compatible Doom engine -------------------------------------------------------------------------------- Update Information: - Rebuilt for new upstream release 2.3.0 fixes rhbz #1446935 - Fix Provides replace bundled md5 for sha1 rhbz #1249213 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1446935 - update 2.3.0 https://bugzilla.redhat.com/show_bug.cgi?id=1446935 [ 2 ] Bug #1249213 - chocolate-doom now bundles an sha-1 implementation, not an md5 one https://bugzilla.redhat.com/show_bug.cgi?id=1249213 -------------------------------------------------------------------------------- ================================================================================ cjs-3.4.3-4.fc25 (FEDORA-2017-ee7c13c0ae) Javascript Bindings for Cinnamon -------------------------------------------------------------------------------- Update Information: Patch to fix 1472008 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1472008 - [abrt] cinnamon: js::GCMethods<JSObject*>::needsPostBarrier(): cinnamon killed by signal 11 https://bugzilla.redhat.com/show_bug.cgi?id=1472008 -------------------------------------------------------------------------------- ================================================================================ cri-o-1.0.0.beta.0-1.git66d96e7.fc25 (FEDORA-2017-a93e752144) OCI-based implementation of Kubernetes Container Runtime Interface -------------------------------------------------------------------------------- Update Information: Beta release. Now with OCI Support -------------------------------------------------------------------------------- ================================================================================ cvechecker-3.8-1.fc25 (FEDORA-2017-fa6edc8a8c) Tool for compare packages installed in your system with CVE database -------------------------------------------------------------------------------- Update Information: newpackage for cvechecker -------------------------------------------------------------------------------- ================================================================================ fedrepo-req-0.5.0-1.fc25 (FEDORA-2017-c14c568838) CLI for Fedora package repo requests -------------------------------------------------------------------------------- Update Information: Initial release ---- Initial release. Since Pagure over dist-git is not up in production, the default URL used in /etc/fedrepo_req/config.ini will not work when using fedrepo-req-admin, but this tool is required once Pagure over dist- git is deployed. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469331 - Review Request: fedrepo-req - A CLI tool that provides an easy way to submit ticket requests for packaging tasks in Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1469331 -------------------------------------------------------------------------------- ================================================================================ golang-github-petermattis-goid-0-0.2.git0ded858.fc25 (FEDORA-2017-0180757608) Programmatic retrieval of goroutine IDs -------------------------------------------------------------------------------- Update Information: Bump to commit 0ded858. -------------------------------------------------------------------------------- ================================================================================ golang-github-remyoudompheng-bigfft-0-0.2.git3da9816.fc25 (FEDORA-2017-357e53032c) Big integer multiplication library using FFT for Go -------------------------------------------------------------------------------- Update Information: Bump to commit 3da9816. -------------------------------------------------------------------------------- ================================================================================ gsequencer-0.9.4-1.fc25 (FEDORA-2017-ea2730f0ce) Advanced Gtk+ Sequencer audio processing engine -------------------------------------------------------------------------------- Update Information: new upstream ---- modified version because bug fixes available ---- modified version because new features available -------------------------------------------------------------------------------- ================================================================================ hplip-3.17.6-1.fc25 (FEDORA-2017-673aa98802) HP Linux Imaging and Printing Project -------------------------------------------------------------------------------- Update Information: Rebase to 3.17.6 -------------------------------------------------------------------------------- ================================================================================ imaptest-20170719-1.fc25 (FEDORA-2017-97279710cf) A generic IMAP server compliancy tester -------------------------------------------------------------------------------- Update Information: ImapTest 20170719 ================= * Added UIDFETCH state for doing UID FETCH 1:* FLAGS once * Handle "\Recent flag in multiple sessions" as a state error. * This also allows stopping on it with error_quit parameter. ImapTest 20170619 ================= * profile: Use UID EXPUNGE only if UIDPLUS capability is advertised * profile: Don't create Spam/Drafts/Sent if they aren't used ImapTest 20170612 ================= * tests: Allow testing for untagged BYE+disconnection * tests: Fix !sleep actually sleep ImapTest 20170531 ================= * tests: Add !output <text with $variables> directive to print to stdout * tests: Add !sleep <time> directive ImapTest 20170505 ================= * tests: Support optionally existing untagged reply. * Using "? reply" instead of "* reply" does this. It's useful with ignore_extra_untagged:no. * tests: Fix ignore_extra_untagged error handling to reset between tests * tests: Add ignore_extra_untagged setting * tests: Allow "$" to skip over any imap arg * tests: Fix checking parameter count with $!unordered=n * It shouldn't include the $!directives themselves in the count. Fixes: Error: tests/foo line 3: Invalid list argument count, chain size=2 ImapTest 20170419 ================= * tests: Fix untagged reply handling with state:nonauth ImapTest 20170418 ================= * tests: Allow LOGOUT command to be used in scripts. ImapTest 20170215 ================= * Fix compiler warnings with 32bit time_t ImapTest 20170131 ================= * global: Replaced all instances of memset(p, 0, sizeof(*p)) with the new i_zero() macro. ImapTest 20170124 ================= * Removed unused variable ImapTest 20170102 ================= * Fixed various bool vs. int mixups. * Found using Clang -Wstrict-bool. * Fixed lib_signals_set_handler() call: it takes flags, not a boolean. * Found using Clang -Wstrict-bool. * global: unsigned int:1 -> bool:1 * Updated copyright notices to match the normal Dovecot style and included the year 2017. ImapTest 20170101 ================= * Dropped IETF mailbox URL encoding in favor of Dovecot's lib/uri-util. ImapTest 20161230 ================= * Adjusted to changes in Dovecot: lmtp- client moved to lib-smtp. * This way, imaptest no longer depends on dovecot- storage.so. ImapTest 20161229 ================= * Adjusted to changes in Dovecot message part API. * Consolidated envelope parsing in one place. ImapTest 20161219 ================= * user: Use var_expand in user_get_new_mailbox ImapTest 20161218 ================= * Turn user format assert crash into a fatal error ImapTest 20161216 ================= * Add run-test.sh to .gitignore ImapTest 20161213 ================= * Do not log error if UID(s) are missing in SEARCH if EXPUNGEISSUED is seen * Parse tests in ordered manner * This is to avoid problems if you want to execute files in test directory using some particular order. ImapTest 20161104 ================= * Fully fix literal handling. * 13870004147e39accae9806eb332870bdf881816 broke some tests. ImapTest 20161101 ================= * imaptest: include missing time.h header ImapTest 20161031 ================= * Added missing mailbox-source-private.h * Added random_msg_size parameter to generate completely random garbage mails. * Code cleanup - move mbox-specific mailbox_source code to its own file. * Code cleanup - Hide struct mailbox_source to .c file. * Code cleanup: Don't refer to mailbox_source's istream directly while handling IMAP APPEND. * This allows creating other istreams what can be APPENDed. * test-exec: Don't assert-crash on invalid test file * Fix compiler warnings about write() return value ImapTest 20161005 ================= * user: Dangerously silence -Wformat- nonliteral * Taking a format string from the outside world normally suicide. And the only thing worse than suicide is being persistently nagged about it. * However, the previous patch should mean that suicide is now impossible, so this really is just nagging now. (Even if it's possible to open up new holes in the future.) * conf: Sanitise format strings from tainted sources * Make sure the '%' expressions only have int type, and the quantity is no greater than the number of ints we'll actually be passing. %i is allowed in case people forget it should be %d. Only /%[0-9]*[id]/ is considered valid for formatting ints at this point. * This makes the previous dangerous patch that touched the username parsing not so dangerous any more. ImapTest 20160902 ================= * configure.ac: include EXTRA_CFLAGS in CFLAGS ImapTest 20160701 ================= * Actually, never continue creating connection to a same user. * Even with 10% chance of doing it, it's a lot of them with high enough client counts. It also makes much more sense to just do it randomly. If you want to test multiple connections to the same user, just user a low enough user count and high enough client count. * Don't create so many concurrent connections to the same user. ImapTest 20160518 ================= * Dovecot API change: buffer_reset() -> buffer_set_used_size() * Added a few missing items to .gitignore. ImapTest 20160516 ================= * Avoid using o_stream_send_istream() return value. * Its API will change. ImapTest 20160428 ================= * Added "msubs" test for randomly subscribing/unsubscribing. * Fixed assert-crash when timers overflowed after running for a while. ImapTest 20160426 ================= * tests: Improved SEARCH FLAGS tests * This catches a bug in Dovecot <2.2.24. ImapTest 20160208 ================= * tests/append-binary: Be more flexible with non- BINARY FETCH result * It's not necessarily base64 encoded. It's also possible that the result contains extra line feeds, like with Dovecot mbox. ImapTest 20160118 ================= * Fixed append-binary test to actually work * tests: Added MULTIAPPEND test -------------------------------------------------------------------------------- ================================================================================ libepubgen-0.0.1-1.fc25 (FEDORA-2017-a69038207c) An EPUB generator library -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ================================================================================ libvirt-2.2.1-3.fc25 (FEDORA-2017-226cbd995b) Library providing a simple virtualization API -------------------------------------------------------------------------------- Update Information: * Enable ZFS storage driver (bz #1471912) * Don't use cgroup mount points from /proc/mounts that are hidden (bz #1470593) * disk driver name=... should be optional (bz #1473091) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1470593 - Don't use cgroup mount points from /proc/mounts that are hidden https://bugzilla.redhat.com/show_bug.cgi?id=1470593 -------------------------------------------------------------------------------- ================================================================================ modtools-0.0.1-4.fc25 (FEDORA-2017-b35fa30e5d) Utilities for creating and managing modules -------------------------------------------------------------------------------- Update Information: add dist tag -------------------------------------------------------------------------------- References: [ 1 ] Bug #1466844 - Review Request: modtools - Utilities for creating and managing modules https://bugzilla.redhat.com/show_bug.cgi?id=1466844 -------------------------------------------------------------------------------- ================================================================================ perl-Text-Fuzzy-0.26-4.fc25 (FEDORA-2017-c2fd78257f) Partial string matching using edit distances -------------------------------------------------------------------------------- Update Information: Fixing Perl interpreter path -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469110 - perl-Text-Fuzzy-0.26 is available https://bugzilla.redhat.com/show_bug.cgi?id=1469110 -------------------------------------------------------------------------------- ================================================================================ php-consolidation-annotated-command-2.4.11-1.fc25 (FEDORA-2017-effbc32193) Initialize Symfony Console commands from annotated command class methods -------------------------------------------------------------------------------- Update Information: ### 2.4.11 - 27 July 2017 - Back out #102: do not change behavior of word wrap based on STDOUT redirection. ### 2.4.10 - 21 July 2017 - Add a method CommandProcessor::setPassExceptions() to allow applicationsto prevent the command processor from catching exceptions thrown by command methods and hooks. (#103) ### 2.4.9 - 20 Jul 2017 - Automatically disable wordwrap when the terminal is not connected to STDOUT (#102) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1473682 - php-consolidation-annotated-command-2.4.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1473682 -------------------------------------------------------------------------------- ================================================================================ php-libvirt-0.5.4-1.fc25 (FEDORA-2017-6f7aa17ddd) PHP language bindings for Libvirt -------------------------------------------------------------------------------- Update Information: Upgrade to 0.5.4 -------------------------------------------------------------------------------- ================================================================================ php-mikey179-vfsstream-1.6.5-1.fc25 (FEDORA-2017-c2d4ac2861) PHP stream wrapper for a virtual file system -------------------------------------------------------------------------------- Update Information: **Version 1.6.5** (2017-08-01) * fixed #157 seeking before beginning of file should fail, reported and fixed by merijnvdk * structure array in `vfsStream::create()` and `vfsStream::setup()` now can contain instances of `org\bovigo\vfs\content\FileContent` and `org\bovigo\vfs\vfsStreamFile`, patch provided by Joshua Smith (jsmitty12) -------------------------------------------------------------------------------- ================================================================================ python-sqlalchemy-1.0.19-1.fc25 (FEDORA-2017-f6ba038dd5) Modular and flexible ORM library for python -------------------------------------------------------------------------------- Update Information: This update contains a new upstream bugfix release. The upstream [changelog](ht tp://docs.sqlalchemy.org/en/latest/changelog/changelog_10.html#change-1.0.19) contains a list of all changes in version 1.0.19. -------------------------------------------------------------------------------- ================================================================================ shutter-0.93.1-8.fc25 (FEDORA-2017-8bdba19eb7) GTK+2-based screenshot application written in Perl -------------------------------------------------------------------------------- Update Information: Fix runtime dependencies, add ImageMagick. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1435789 - ImageMagick missing from dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1435789 -------------------------------------------------------------------------------- ================================================================================ xfce4-whiskermenu-plugin-1.7.3-1.fc25 (FEDORA-2017-3b9562ebec) An alternate application launcher for Xfce -------------------------------------------------------------------------------- Update Information: - Update 1.7.3 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
