The following Fedora 25 Security updates need testing: Age URL 240 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 138 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 78 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 37 https://bodhi.fedoraproject.org/updates/FEDORA-2017-86cfcbbae8 libstaroffice-0.0.4-1.fc25 32 https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c memcached-1.4.39-1.fc25 28 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 22 https://bodhi.fedoraproject.org/updates/FEDORA-2017-be3df4fe14 java-1.8.0-openjdk-aarch32-1.8.0.141-1.170721.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9148fe36b9 postgresql-9.5.8-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e5ac0896e botan-1.10.16-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fa1d8ad61a mercurial-3.8.1-4.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-97eb475d93 cvs-1.11.23-41.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a52a46ba78 xen-4.7.3-2.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-df343b3e09 chromium-60.0.3112.101-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-270ab2baa3 glibc-2.24-10.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a00a087fd4 tomcat-8.0.46-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2f1ca6beb7 cacti-1.1.19-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-98e8569b33 dnsdist-1.2.0-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2317191f8a taglib-1.11.1-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-902970c18f drupal8-8.3.7-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6a0389a6a7 groovy18-1.8.9-30.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bdd0b565ef thunderbird-52.3.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0b31bc9c5 mingw-libzip-1.1.3-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fa6784d0bd libsndfile-1.0.28-6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7dacb3c21c augeas-1.8.1-1.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 82 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba3e72c511 osinfo-db-20170813-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-67705933e3 glusterfs-3.10.5-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-837f04c39a selinux-policy-3.13.1-225.20.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-97eb475d93 cvs-1.11.23-41.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0c6291cd4b pango-1.40.9-1.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bd0324f3e9 p11-kit-0.23.8-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ee474bb41c file-5.29-9.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e9a1ddb533 rpm-4.13.0.1-2.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a52a46ba78 xen-4.7.3-2.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e22c6d53db mariadb-10.1.26-2.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ed2a089d21 lz4-1.8.0-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-270ab2baa3 glibc-2.24-10.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c nspr-4.16.0-1.fc25 nss-3.32.0-1.1.fc25 nss-softokn-3.32.0-1.2.fc25 nss-util-3.32.0-1.0.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2317191f8a taglib-1.11.1-5.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a6fc26e60e vim-8.0.983-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0442143306 gdk-pixbuf2-2.36.9-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-08a8ae97e7 gnutls-3.5.15-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7dacb3c21c augeas-1.8.1-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9badc4b4fa upower-0.99.5-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fa6784d0bd libsndfile-1.0.28-6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e8df43a1e0 python3-3.5.4-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a2f2ef5a3c NetworkManager-1.4.6-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bdd0b565ef thunderbird-52.3.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9168a2790d libglvnd-0.2.999-24.20170818git8d4d03f.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-966ff8db5a pungi-4.1.18-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-66902d17b7 firefox-55.0.2-2.fc25 The following builds have been pushed to Fedora 25 updates-testing 2ping-4.1-1.fc25 augeas-1.8.1-1.fc25 berry-1.0.0-3.fc25 feh-2.19.3-1.fc25 firefox-55.0.2-2.fc25 freecad-0.16-10.fc25 golang-github-MakeNowJust-heredoc-0-0.9.gitbb23615.fc25 golang-github-vishvananda-netlink-0-0.15.gitf5a6f69.fc25 golang-googlecode-net-0-0.40.git1c05540.fc25 golang-googlecode-text-0-0.21.git3bd178b.fc25 guayadeque-0.4.5-0.9.beta1git8137051.fc25 libsndfile-1.0.28-6.fc25 metamath-0.149-1.fc25 mingw-libzip-1.1.3-2.fc25 nuvola-app-jupiter-broadcasting-1.1-2.fc25 pam_script-1.1.9-1.fc25 php-gecko-packages-gecko-php-unit-2.2-1.fc25 py3status-3.6-2.fc25 python-jaydebeapi-1.1.1-1.fc25 python-tinydb-3.4.1-1.fc25 python3-3.5.4-1.fc25 rubygem-asciidoctor-1.5.6.1-1.fc25 upower-0.99.5-2.fc25 yersinia-0.8.2-1.fc25 Details about builds: ================================================================================ 2ping-4.1-1.fc25 (FEDORA-2017-9b5877f95a) Bi-directional ping utility -------------------------------------------------------------------------------- Update Information: Upgrade -------------------------------------------------------------------------------- ================================================================================ augeas-1.8.1-1.fc25 (FEDORA-2017-7dacb3c21c) A library for changing configuration files -------------------------------------------------------------------------------- Update Information: New upstream version 1.8.1. Fixes CVE-2017-7555 (RHBZ#1482340). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1482340 - CVE-2017-7555 augeas: Improper handling of escaped strings leading to memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1482340 -------------------------------------------------------------------------------- ================================================================================ berry-1.0.0-3.fc25 (FEDORA-2017-33a5fa83e5) Modern and light image viewer -------------------------------------------------------------------------------- Update Information: * Wed Aug 23 2017 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 1.0.0-3 - add license breakdown * Tue Aug 22 2017 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 1.0.0-2 - add %%{name}.appdata.xml - dropped /sbin/ldconfig not needed - dropped update-desktop-database should not be used on Fedora 24+ - dropped update-mime-info it's obsolete - add %%find-lang to handle translation * Fri Jul 14 2017 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 1.0.0-1 - Initial release -------------------------------------------------------------------------------- ================================================================================ feh-2.19.3-1.fc25 (FEDORA-2017-70732ff5c3) Fast command line image viewer using Imlib2 -------------------------------------------------------------------------------- Update Information: update -------------------------------------------------------------------------------- ================================================================================ firefox-55.0.2-2.fc25 (FEDORA-2017-66902d17b7) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - new upstream release (55.0.2) -------------------------------------------------------------------------------- ================================================================================ freecad-0.16-10.fc25 (FEDORA-2017-b05ac8a723) A general purpose 3D CAD modeler -------------------------------------------------------------------------------- Update Information: Add qt-assistant as install requirement, fixes RHBZ#1484186. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1484186 - Packaging: Freecad required package qt-assistant to display Help file https://bugzilla.redhat.com/show_bug.cgi?id=1484186 -------------------------------------------------------------------------------- ================================================================================ golang-github-MakeNowJust-heredoc-0-0.9.gitbb23615.fc25 (FEDORA-2017-903347cd34) Package heredoc provides the here-document with keeping indent -------------------------------------------------------------------------------- Update Information: Bump to bb23615498cded5e105af4ce27de75b089cbe851 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1365480 - Tracker for golang-github-MakeNowJust-heredoc https://bugzilla.redhat.com/show_bug.cgi?id=1365480 -------------------------------------------------------------------------------- ================================================================================ golang-github-vishvananda-netlink-0-0.15.gitf5a6f69.fc25 (FEDORA-2017-a6febde27f) Simple netlink library for go -------------------------------------------------------------------------------- Update Information: Bump to upstream f5a6f697a596c788d474984a38a0ac4ba0719e93 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398575 - FTBFS on s390x and ppc64 https://bugzilla.redhat.com/show_bug.cgi?id=1398575 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-net-0-0.40.git1c05540.fc25 (FEDORA-2017-133c63ab59) Supplementary Go networking libraries -------------------------------------------------------------------------------- Update Information: Bump to upstream 1c05540f6879653db88113bc4a2b70aec4bd491f -------------------------------------------------------------------------------- References: [ 1 ] Bug #1326890 - FTBFS with gcc-go on s390x https://bugzilla.redhat.com/show_bug.cgi?id=1326890 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-text-0-0.21.git3bd178b.fc25 (FEDORA-2017-33b3d69a9e) Supplementary Go text libraries -------------------------------------------------------------------------------- Update Information: Bump to upstream 3bd178b88a8180be2df394a1fbb81313916f0e7b -------------------------------------------------------------------------------- References: [ 1 ] Bug #1254601 - Tracker for golang-googlecode-text https://bugzilla.redhat.com/show_bug.cgi?id=1254601 -------------------------------------------------------------------------------- ================================================================================ guayadeque-0.4.5-0.9.beta1git8137051.fc25 (FEDORA-2017-6427230d0a) Music player -------------------------------------------------------------------------------- Update Information: Update to 0.4.5-0.9.beta1git8137051 -------------------------------------------------------------------------------- ================================================================================ libsndfile-1.0.28-6.fc25 (FEDORA-2017-fa6784d0bd) Library for reading and writing sound files -------------------------------------------------------------------------------- Update Information: fixes heap-based Buffer Overflow in psf_binheader_writef function (#1483140, CVE-2017-12562) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1483140 - CVE-2017-12562 libsndfile: Heap-based Buffer Overflow in psf_binheader_writef function in common.c https://bugzilla.redhat.com/show_bug.cgi?id=1483140 -------------------------------------------------------------------------------- ================================================================================ metamath-0.149-1.fc25 (FEDORA-2017-88ab7c23dd) Construct mathematics from basic axioms -------------------------------------------------------------------------------- Update Information: Changes in version 0.148: - Many changes to set.mm - Add "Dummy variable x is distinct from all other variables." to proof web page - Hyperlink "Dummy variable(s)" Changes in version 0.149: - add a subsubsection "tiny" header with separator "-.-." to table of contents and theorem list; see HELP WRITE THEOREM_LIST - remove bug check 255 - change mmset.html links to ../mpeuni/mmset.html so they will work in NF Explorer etc. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1482724 - metamath-0.148 is available https://bugzilla.redhat.com/show_bug.cgi?id=1482724 [ 2 ] Bug #1484389 - metamath-0.149 is available https://bugzilla.redhat.com/show_bug.cgi?id=1484389 -------------------------------------------------------------------------------- ================================================================================ mingw-libzip-1.1.3-2.fc25 (FEDORA-2017-f0b31bc9c5) C library for reading, creating, and modifying zip archives -------------------------------------------------------------------------------- Update Information: This update fixes CVE-2017-12858. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1484514 - CVE-2017-12858 libzip: Double free in _zip_dirent_read function in zip_dirent.c https://bugzilla.redhat.com/show_bug.cgi?id=1484514 -------------------------------------------------------------------------------- ================================================================================ nuvola-app-jupiter-broadcasting-1.1-2.fc25 (FEDORA-2017-e7fb899f91) Jupiter Broadcasting plugin for Nuvola Player -------------------------------------------------------------------------------- Update Information: * Wed Aug 23 2017 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 1.1-2 - use the %%configure macro - DESTDIR=%%{buildroot} is not needed after %%make_install - fix typo - Use correct Source0 -------------------------------------------------------------------------------- ================================================================================ pam_script-1.1.9-1.fc25 (FEDORA-2017-7f64ec7c71) PAM module for executing scripts -------------------------------------------------------------------------------- Update Information: Upstream bugfix release -------------------------------------------------------------------------------- ================================================================================ php-gecko-packages-gecko-php-unit-2.2-1.fc25 (FEDORA-2017-0178afb8a7) Additional PHPUnit asserts and constraints -------------------------------------------------------------------------------- Update Information: **Changelog for v2.2** - Aug 23, 2017 - Fix duplicate copy in README - Travis - retry composer info, show packages installed - Update CS to PHP-CS-Fixer 2.4 - Better exception messages on construction of `FilePermissionsIsIdenticalConstraint` - More strict testing and remove useless escaping - Remove dependency on `ctype` extension - Add missing CHANGELOG.md file -------------------------------------------------------------------------------- ================================================================================ py3status-3.6-2.fc25 (FEDORA-2017-a8aefc8154) An extensible i3status wrapper written in python -------------------------------------------------------------------------------- Update Information: update to version 3.6 add -doc subpackage don't build -doc subpackage for F25, there is a weird error -------------------------------------------------------------------------------- References: [ 1 ] Bug #1483985 - py3status-3.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1483985 -------------------------------------------------------------------------------- ================================================================================ python-jaydebeapi-1.1.1-1.fc25 (FEDORA-2017-331666fe74) Bridge from JDBC database drivers to Python DB-API -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1483459 - Review Request: python-jaydebeapi - Bridge from JDBC database drivers to Python DB-API https://bugzilla.redhat.com/show_bug.cgi?id=1483459 -------------------------------------------------------------------------------- ================================================================================ python-tinydb-3.4.1-1.fc25 (FEDORA-2017-6a397dfd5a) TinyDB is a tiny, document oriented database -------------------------------------------------------------------------------- Update Information: Update to latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1458967 - python-tinydb-3.4.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1458967 -------------------------------------------------------------------------------- ================================================================================ python3-3.5.4-1.fc25 (FEDORA-2017-e8df43a1e0) Version 3 of the Python programming language aka Python 3000 -------------------------------------------------------------------------------- Update Information: Upstream release 3.5.4 fixes many bugs; see https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-4 By upstream policy, only bugfixes are included in this minor-version release. Several fixes we patched in Fedora are included in the upstream release; Fedora patches for these were removed (bpo-29537, bpo-29243, --system-site-packages). -------------------------------------------------------------------------------- ================================================================================ rubygem-asciidoctor-1.5.6.1-1.fc25 (FEDORA-2017-0f9eadef71) A fast, open source AsciiDoc implementation in Ruby -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ upower-0.99.5-2.fc25 (FEDORA-2017-9badc4b4fa) Power Management Service -------------------------------------------------------------------------------- Update Information: Add patch to not correctly close the inhibitor FD -------------------------------------------------------------------------------- ================================================================================ yersinia-0.8.2-1.fc25 (FEDORA-2017-abea6555ad) Network protocols tester and attacker -------------------------------------------------------------------------------- Update Information: Update to latest upstream release 0.8.2 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
