Fedora 25 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 25 Security updates need testing:
 Age  URL
 231  https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb   exim-4.87.1-1.fc25
 130  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e   python-XStatic-jquery-ui-1.12.0.1-4.fc25
  69  https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f   nodejs-brace-expansion-1.1.7-1.fc25
  34  https://bodhi.fedoraproject.org/updates/FEDORA-2017-33c8085c5d   groovy18-1.8.9-28.fc25
  29  https://bodhi.fedoraproject.org/updates/FEDORA-2017-86cfcbbae8   libstaroffice-0.0.4-1.fc25
  23  https://bodhi.fedoraproject.org/updates/FEDORA-2017-82b5035f76   chicken-4.12.0-3.fc25
  23  https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c   memcached-1.4.39-1.fc25
  23  https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe04b06b64   python-tablib-0.11.5-1.fc25
  19  https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4   docker-distribution-2.6.2-1.git48294d9.fc25
  19  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1fe6d2b86   nasm-2.13.01-3.fc25
  14  https://bodhi.fedoraproject.org/updates/FEDORA-2017-be3df4fe14   java-1.8.0-openjdk-aarch32-1.8.0.141-1.170721.fc25
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a05e2b8545   cups-filters-1.10.0-4.fc25 qpdf-6.0.0-6.fc25
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-866fc566e0   torbrowser-launcher-0.2.8-1.fc25
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f318871e3b   ruby-2.3.4-63.fc25
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f6e3215f2b   mingw-openjpeg2-2.2.0-1.fc25
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c9d8011d69   mingw-libsoup-2.56.1-1.fc25
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-9148fe36b9   postgresql-9.5.8-1.fc25
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1d1a38bdd1   subversion-1.9.7-1.fc25
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f98cef571d   kernel-4.12.5-200.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e5ac0896e   botan-1.10.16-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-fa1d8ad61a   mercurial-3.8.1-4.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-97eb475d93   cvs-1.11.23-41.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f50b903bb4   chromium-60.0.3112.90-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c27a947af1   nginx-1.12.1-1.fc25


The following Fedora 25 Critical Path updates have yet to be approved:
 Age URL
  73  https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282   lorax-25.22-1.fc25
  29  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2312ac9d9   pungi-4.1.17-1.fc25
  26  https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b67562744   ca-certificates-2017.2.16-1.0.fc25
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-226cbd995b   libvirt-2.2.1-3.fc25
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c   nspr-4.16.0-1.fc25 nss-3.32.0-1.0.fc25 nss-softokn-3.32.0-1.1.fc25 nss-util-3.32.0-1.0.fc25
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f98cef571d   kernel-4.12.5-200.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba3e72c511   osinfo-db-20170813-1.fc25
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-67705933e3   glusterfs-3.10.5-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-bd0324f3e9   p11-kit-0.23.8-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-36c2c88b14   vim-8.0.946-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-d61e68bd21   file-5.29-8.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-837f04c39a   selinux-policy-3.13.1-225.20.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1a0a83099   firefox-55.0.1-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-97eb475d93   cvs-1.11.23-41.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-0c6291cd4b   pango-1.40.9-1.fc25


The following builds have been pushed to Fedora 25 updates-testing

    389-ds-base-1.3.5.19-1.fc25
    alpine-2.21-3.fc25
    chromium-60.0.3112.90-1.fc25
    file-5.29-8.fc25
    gnome-shell-extension-freon-27-1.fc25
    guacamole-server-0.9.13-1.fc25
    libfastjson-0.99.6-1.fc25
    libmediainfo-0.7.98-1.fc25
    libzen-0.4.36-1.fc25
    mediaconch-17.07-1.fc25
    mediainfo-0.7.98-1.fc25
    mingw-gdk-pixbuf-2.36.8-1.fc25
    nginx-1.12.1-1.fc25
    p11-kit-0.23.8-1.fc25
    php-pecl-timecop-1.2.8-1.fc25
    syncthing-0.14.36-2.fc25
    vim-8.0.946-1.fc25

Details about builds:


================================================================================
 389-ds-base-1.3.5.19-1.fc25 (FEDORA-2017-4333359de8)
 389 Directory Server (base)
--------------------------------------------------------------------------------
Update Information:

Bump verison to 1.3.5.19
--------------------------------------------------------------------------------


================================================================================
 alpine-2.21-3.fc25 (FEDORA-2017-09f9691ebe)
 powerful, easy to use console email client
--------------------------------------------------------------------------------
Update Information:

alpine 2.21, update URL, .spec cosmetics
--------------------------------------------------------------------------------


================================================================================
 chromium-60.0.3112.90-1.fc25 (FEDORA-2017-f50b903bb4)
 A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:

Chromium 60. Security fix for CVE-2017-5091, CVE-2017-5092, CVE-2017-5093,
CVE-2017-5094, CVE-2017-5095, CVE-2017-5096, CVE-2017-5097, CVE-2017-5098,
CVE-2017-5099, CVE-2017-5100, CVE-2017-5101, CVE-2017-5102, CVE-2017-5103,
CVE-2017-5104, CVE-2017-7000, CVE-2017-5105, CVE-2017-5106, CVE-2017-5107,
CVE-2017-5108, CVE-2017-5109, CVE-2017-5110.  New subpackage -headless.  ----
Update to 59.0.3071.115
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1475213 - CVE-2017-5110 chromium-browser: ui spoofing in payments dialog
        https://bugzilla.redhat.com/show_bug.cgi?id=1475213
  [ 2 ] Bug #1475212 - CVE-2017-5109 chromium-browser: ui spoofing in browser
        https://bugzilla.redhat.com/show_bug.cgi?id=1475212
  [ 3 ] Bug #1475211 - CVE-2017-5108 chromium-browser: type confusion in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1475211
  [ 4 ] Bug #1475210 - CVE-2017-5107 chromium-browser: user information leak via svg
        https://bugzilla.redhat.com/show_bug.cgi?id=1475210
  [ 5 ] Bug #1475209 - CVE-2017-5106 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1475209
  [ 6 ] Bug #1475208 - CVE-2017-5105 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1475208
  [ 7 ] Bug #1475207 - CVE-2017-7000 chromium-browser: pointer disclosure in sqlite
        https://bugzilla.redhat.com/show_bug.cgi?id=1475207
  [ 8 ] Bug #1475206 - CVE-2017-5104 chromium-browser: ui spoofing in browser
        https://bugzilla.redhat.com/show_bug.cgi?id=1475206
  [ 9 ] Bug #1475205 - CVE-2017-5103 chromium-browser: uninitialized use in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1475205
  [ 10 ] Bug #1475204 - CVE-2017-5102 chromium-browser: uninitialized use in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1475204
  [ 11 ] Bug #1475203 - CVE-2017-5101 chromium-browser: url spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1475203
  [ 12 ] Bug #1475202 - CVE-2017-5100 chromium-browser: use after free in chrome apps
        https://bugzilla.redhat.com/show_bug.cgi?id=1475202
  [ 13 ] Bug #1475201 - CVE-2017-5099 chromium-browser: out-of-bounds write in ppapi
        https://bugzilla.redhat.com/show_bug.cgi?id=1475201
  [ 14 ] Bug #1475200 - CVE-2017-5098 chromium-browser: use after free in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1475200
  [ 15 ] Bug #1475199 - CVE-2017-5097 chromium-browser: out-of-bounds read in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1475199
  [ 16 ] Bug #1475198 - CVE-2017-5096 chromium-browser: user information leak via android intents
        https://bugzilla.redhat.com/show_bug.cgi?id=1475198
  [ 17 ] Bug #1475197 - CVE-2017-5095 chromium-browser: out-of-bounds write in pdfium
        https://bugzilla.redhat.com/show_bug.cgi?id=1475197
  [ 18 ] Bug #1475196 - CVE-2017-5094 chromium-browser: type confusion in extensions
        https://bugzilla.redhat.com/show_bug.cgi?id=1475196
  [ 19 ] Bug #1475195 - CVE-2017-5093 chromium-browser: ui spoofing in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1475195
  [ 20 ] Bug #1475194 - CVE-2017-5092 chromium-browser: use after free in ppapi
        https://bugzilla.redhat.com/show_bug.cgi?id=1475194
  [ 21 ] Bug #1475193 - CVE-2017-5091 chromium-browser: use after free in indexeddb
        https://bugzilla.redhat.com/show_bug.cgi?id=1475193
--------------------------------------------------------------------------------


================================================================================
 file-5.29-8.fc25 (FEDORA-2017-d61e68bd21)
 A utility for determining file types
--------------------------------------------------------------------------------
Update Information:

- New magic file entry - gconv - Recognition of iconv/gconv module cache
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1342428 - file(1) does not recognize iconv/gconv modules cache
        https://bugzilla.redhat.com/show_bug.cgi?id=1342428
--------------------------------------------------------------------------------


================================================================================
 gnome-shell-extension-freon-27-1.fc25 (FEDORA-2017-16daff81d8)
 GNOME Shell extension to display system temperature, voltage, and fan speed
--------------------------------------------------------------------------------
Update Information:

Bump to upstream version 27, which fixes Nvidia GPU label detection.  ----  Bump
to upstream version 26, which adds support for multiple simultaneous graphics
cards.  ----  Bump to upstream version 25, which adds German localization.
--------------------------------------------------------------------------------


================================================================================
 guacamole-server-0.9.13-1.fc25 (FEDORA-2017-4a35c133a5)
 Server-side native components that form the Guacamole proxy
--------------------------------------------------------------------------------
Update Information:

Update to official 0.9.13.
--------------------------------------------------------------------------------


================================================================================
 libfastjson-0.99.6-1.fc25 (FEDORA-2017-4a5b1b3ed4)
 A JSON implementation in C
--------------------------------------------------------------------------------
Update Information:

rebase to v0.99.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1462723 - libfastjson-v0.99.6 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1462723
--------------------------------------------------------------------------------


================================================================================
 libmediainfo-0.7.98-1.fc25 (FEDORA-2017-2b2288ad68)
 Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:

Update mediainfo to 0.7.98.
--------------------------------------------------------------------------------


================================================================================
 libzen-0.4.36-1.fc25 (FEDORA-2017-2b2288ad68)
 Shared library for libmediainfo and medianfo*
--------------------------------------------------------------------------------
Update Information:

Update mediainfo to 0.7.98.
--------------------------------------------------------------------------------


================================================================================
 mediaconch-17.07-1.fc25 (FEDORA-2017-36514b6c23)
 Most relevant technical and tag data for video and audio files (CLI)
--------------------------------------------------------------------------------
Update Information:

Update to 17.07
--------------------------------------------------------------------------------


================================================================================
 mediainfo-0.7.98-1.fc25 (FEDORA-2017-2b2288ad68)
 Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:

Update mediainfo to 0.7.98.
--------------------------------------------------------------------------------


================================================================================
 mingw-gdk-pixbuf-2.36.8-1.fc25 (FEDORA-2017-8e3983960b)
 MinGW Windows GDK Pixbuf library
--------------------------------------------------------------------------------
Update Information:

MinGW cross compiled gdk-pixbuf 2.36.8 release.
--------------------------------------------------------------------------------


================================================================================
 nginx-1.12.1-1.fc25 (FEDORA-2017-c27a947af1)
 A high performance web server and reverse proxy server
--------------------------------------------------------------------------------
Update Information:

This update includes nginx 1.12.1, fixing CVE-2017-7529, and adds the
http_auth_request module.  See http://mailman.nginx.org/pipermail/nginx-
announce/2017/000200.html for more information on CVE-2017-7529.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1471106 - [patch] enable nginx http_auth_request_module
        https://bugzilla.redhat.com/show_bug.cgi?id=1471106
  [ 2 ] Bug #1469924 - CVE-2017-7529 nginx: Integer overflow in nginx range filter module leading to memory disclosure [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1469924
--------------------------------------------------------------------------------


================================================================================
 p11-kit-0.23.8-1.fc25 (FEDORA-2017-bd0324f3e9)
 Library for loading and sharing PKCS#11 modules
--------------------------------------------------------------------------------
Update Information:

This updates p11-kit to the latest upstream release:
https://github.com/p11-glue/p11-kit/releases/tag/0.23.8  The previous package
was based on 0.23.2, and so this update includes a fix for rhbz#1477676.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1477676 - trust anchor complains about invalid attribute and fails when a new certificate tries to store into trust place
        https://bugzilla.redhat.com/show_bug.cgi?id=1477676
--------------------------------------------------------------------------------


================================================================================
 php-pecl-timecop-1.2.8-1.fc25 (FEDORA-2017-cc6482c5c9)
 Time travel and freezing extension
--------------------------------------------------------------------------------
Update Information:

A PHP extension providing "time travel" and "time freezing" capabilities,
inspired by ruby timecop gem.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1468454 - Review Request: php-pecl-timecop - Time travel and freezing extension
        https://bugzilla.redhat.com/show_bug.cgi?id=1468454
--------------------------------------------------------------------------------


================================================================================
 syncthing-0.14.36-2.fc25 (FEDORA-2017-407a2d92db)
 Continuous File Synchronization
--------------------------------------------------------------------------------
Update Information:

Initial package for fedora.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1427634 - Review Request: syncthing - Continuous File Synchronization
        https://bugzilla.redhat.com/show_bug.cgi?id=1427634
--------------------------------------------------------------------------------


================================================================================
 vim-8.0.946-1.fc25 (FEDORA-2017-36c2c88b14)
 The VIM editor
--------------------------------------------------------------------------------
Update Information:

The newest upstream commit.
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux