The following Fedora 25 Security updates need testing: Age URL 266 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 165 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 104 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 58 https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c memcached-1.4.39-1.fc25 55 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 37 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e5ac0896e botan-1.10.16-1.fc25 35 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fa1d8ad61a mercurial-3.8.1-4.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56e23bc2b5 krb5-1.14.4-9.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f27641a807 drupal7-views-3.18-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d361de1a65 libwmf-0.2.8.4-53.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e66393536 libwpd-0.10.2-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e07d7fb18e kernel-4.12.13-200.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e314044789 oniguruma-6.1.3-3.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f7fd3fe7eb xen-4.7.3-5.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-aa7a8871b7 mingw-LibRaw-0.17.2-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-172410ec92 mpg123-1.25.6-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b97f9d82dc libmspack-0.6-0.1.alpha.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 108 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3d979eabcb gnome-online-accounts-3.22.7-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bc3c16a54f kobo-0.6.0-1.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-504aeb74ba rpcbind-0.2.4-7.rc2.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56e23bc2b5 krb5-1.14.4-9.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a44008dd1d python-pysocks-1.6.7-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d41fab42fc libssh2-1.8.0-5.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-43b6d5bc6b sssd-1.15.3-4.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-27ed767ca1 upower-0.99.6-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9126f38bc2 libatasmart-0.19-13.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2802f82ef1 webkitgtk4-2.18.0-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6ec9b7110a menu-cache-1.0.2-6.D20170913gitfd52af607c.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f7fd3fe7eb xen-4.7.3-5.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f8059ac0e5 nss-3.32.1-1.0.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e07d7fb18e kernel-4.12.13-200.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ff140ad922 libguestfs-1.36.6-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-235298fa58 python-cryptography-2.0.2-2.fc25 python-cryptography-vectors-2.0.2-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-31d7cd5eab pyOpenSSL-16.2.0-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c8a36f37e audit-2.7.8-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bd488c853f libsolv-0.6.29-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fd1b4528cd gawk-4.1.3-12.fc25 The following builds have been pushed to Fedora 25 updates-testing audit-2.7.8-1.fc25 batctl-2017.2-1.fc25 cloud-init-0.7.9-9.fc25 epix-1.2.18-1.fc25 flrig-1.3.34-1.fc25 libmspack-0.6-0.1.alpha.fc25 libsolv-0.6.29-2.fc25 nodejs-6.11.3-1.fc25 nordugrid-arc-5.4.0-1.fc25 nordugrid-arc-doc-2.0.17-1.fc25 notify-sharp3-3.0.3-4.fc25 perl-Pegex-0.64-1.fc25 php-horde-Horde-Crypt-2.7.10-1.fc25 php-horde-Horde-Editor-2.0.5-1.fc25 php-horde-horde-5.2.17-1.fc25 php-horde-kronolith-4.2.23-1.fc25 php-horde-mnemo-4.2.14-1.fc25 py4j-0.10.6-1.fc25 pyOpenSSL-16.2.0-2.fc25 python-cryptography-2.0.2-2.fc25 python-cryptography-vectors-2.0.2-1.fc25 rubygem-rmagick-2.16.0-6.fc25 setroubleshoot-3.3.12-3.fc25 tomboy-1.15.9-4.fc25 variety-0.6.6-1.fc25 vulkan-1.0.61.0-1.fc25 wingpanel-indicator-network-2.1.1-1.fc25 xrdp-0.9.3-2.fc25 Details about builds: ================================================================================ audit-2.7.8-1.fc25 (FEDORA-2017-7c8a36f37e) User space tools for 2.6 kernel auditing -------------------------------------------------------------------------------- Update Information: This update fixes auditd for use in mixed protocol environment to calculate the right one per event. This fixes a remote logging bug. Audispd now strips out EOE events for syslog plugin. Fix a python crash when passing a FILE * to auparse_init. In auparse-normalizer, correct attr's collected for mount object. -------------------------------------------------------------------------------- ================================================================================ batctl-2017.2-1.fc25 (FEDORA-2017-3ff2e2b201) B.A.T.M.A.N. advanced control and management tool -------------------------------------------------------------------------------- Update Information: Fix error messages on traceroute send failures -------------------------------------------------------------------------------- ================================================================================ cloud-init-0.7.9-9.fc25 (FEDORA-2017-5507234819) Cloud instance init scripts -------------------------------------------------------------------------------- Update Information: This update fixes issues with SSH key provisioning on Azure and XFS filesystem resizing. ---- This update fixes bugs that prevented the fs_setup.cmd and package statements in cloud-config configurations from working. It also stops NetworkManager from clobbering DNS resolver settings set by cloud-config configuration. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1490505 - cloud-init fails when calling `xfs_growfs /dev/mapper/atomicos-root` on Fedora Atomic Host https://bugzilla.redhat.com/show_bug.cgi?id=1490505 [ 2 ] Bug #1477333 - F26 cloud image fails to provision on Azure https://bugzilla.redhat.com/show_bug.cgi?id=1477333 [ 3 ] Bug #1461959 - cloud-init should configure networkmanager to not manage /etc/resolv.conf https://bugzilla.redhat.com/show_bug.cgi?id=1461959 [ 4 ] Bug #1447708 - cloud-init package module fails with python NameError exception https://bugzilla.redhat.com/show_bug.cgi?id=1447708 [ 5 ] Bug #1465440 - Cloud-init sysconifg.py called util.write_file incorrectly https://bugzilla.redhat.com/show_bug.cgi?id=1465440 -------------------------------------------------------------------------------- ================================================================================ epix-1.2.18-1.fc25 (FEDORA-2017-b13f97a323) Utilities for mathematically accurate figures -------------------------------------------------------------------------------- Update Information: - Update to 1.2.18 -------------------------------------------------------------------------------- ================================================================================ flrig-1.3.34-1.fc25 (FEDORA-2017-287e13b689) Transceiver control program -------------------------------------------------------------------------------- Update Information: Version 1.3.34 * Maintenance release doc update * update help document Save/Restore * Allow user to selectively read, save and restore transceiver operating characteristics. - expansion of previous save/restore for freq mode and bandwidth * Separated Initialization of main, separate PTT and Aux serial ports flrig shell * added Perl script for controlling flrig using the xmlrpc interface. FT1000 update * backend code update IC7300 NR scale * Changed NR scale iaw AE5ZA tests IC7200/7300 compile warning * Correct compile warning in both backends IC7100 * correct flrig always reported the mode as USB-D regardless of the radio's actual mode. * correct flrig would not set the radio to USB-D if it had previous set the radio to a different mode. * correct flrig would not set the attenuator. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1489209 - flrig-1.3.34 is available https://bugzilla.redhat.com/show_bug.cgi?id=1489209 -------------------------------------------------------------------------------- ================================================================================ libmspack-0.6-0.1.alpha.fc25 (FEDORA-2017-b97f9d82dc) Library for CAB and related files compression and decompression -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-6419 and CVE-2017-11423 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1483909 - CVE-2017-6419 libmspack, clamav: heap-based buffer overflow in mspack/lzxd.c https://bugzilla.redhat.com/show_bug.cgi?id=1483909 [ 2 ] Bug #1472776 - CVE-2017-11423 libmspack, clamav: Stack-based buffer over-read in cabd_read_string function https://bugzilla.redhat.com/show_bug.cgi?id=1472776 -------------------------------------------------------------------------------- ================================================================================ libsolv-0.6.29-2.fc25 (FEDORA-2017-bd488c853f) Package dependency solver -------------------------------------------------------------------------------- Update Information: Apply workaround for libdb-related issue -------------------------------------------------------------------------------- References: [ 1 ] Bug #1483553 - glibc dnf script error: BDB1539 Build signature doesn't match environment https://bugzilla.redhat.com/show_bug.cgi?id=1483553 -------------------------------------------------------------------------------- ================================================================================ nodejs-6.11.3-1.fc25 (FEDORA-2017-bb62ff5a33) JavaScript runtime -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-5.4.0-1.fc25 (FEDORA-2017-16d23ae45e) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: http://www.nordugrid.org/arc/releases/15.03u16/release_notes_15.03u16.html -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-doc-2.0.17-1.fc25 (FEDORA-2017-16d23ae45e) Advanced Resource Connector Documentation -------------------------------------------------------------------------------- Update Information: http://www.nordugrid.org/arc/releases/15.03u16/release_notes_15.03u16.html -------------------------------------------------------------------------------- ================================================================================ notify-sharp3-3.0.3-4.fc25 (FEDORA-2017-746ebdf69f) A C# implementation for Desktop Notifications -------------------------------------------------------------------------------- Update Information: Rebuilt for new dbus-sharp -------------------------------------------------------------------------------- ================================================================================ perl-Pegex-0.64-1.fc25 (FEDORA-2017-d39b99eafe) Pegex Parser Generator -------------------------------------------------------------------------------- Update Information: update to 0.64 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Crypt-2.7.10-1.fc25 (FEDORA-2017-bb7ae8281e) Horde Cryptography API -------------------------------------------------------------------------------- Update Information: **Horde_Crypt 2.7.10** * [jan] Correctly determine expiration dates of short living PGP keys. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Editor-2.0.5-1.fc25 (FEDORA-2017-fb6f5ebca7) Horde Editor API -------------------------------------------------------------------------------- Update Information: **Horde_Editor 2.0.5** * [jan] Mark PHP 7 as supported. -------------------------------------------------------------------------------- ================================================================================ php-horde-horde-5.2.17-1.fc25 (FEDORA-2017-58820d334a) Horde Application Framework -------------------------------------------------------------------------------- Update Information: **horde 5.2.17** * [jan] Fix returning to last URL after using the login link. * [jan] Officially support PHP 7. -------------------------------------------------------------------------------- ================================================================================ php-horde-kronolith-4.2.23-1.fc25 (FEDORA-2017-e74b790a10) A web based calendar -------------------------------------------------------------------------------- Update Information: **kronolith 4.2.23** * [jan] Officially support PHP 7. * [jan] Fix time offsets when importing CSV data with two-digit years. * [jan] Fix updating and deleting events from external CalDAV servers (martin1 AT k0k.net, Bug #14021). * [jan] Fix exporting multiple tags to iCalendar CATEGORIES (Bug #14057). -------------------------------------------------------------------------------- ================================================================================ php-horde-mnemo-4.2.14-1.fc25 (FEDORA-2017-3412f7b3a4) A web based notes manager -------------------------------------------------------------------------------- Update Information: **mnemo 4.2.14** * [jan] Officially support PHP 7. * [jan] Fix exporting multiple tags to vNote CATEGORIES (Bug #14057). -------------------------------------------------------------------------------- ================================================================================ py4j-0.10.6-1.fc25 (FEDORA-2017-464f5b4b68) Dynamically access in Python programs to arbitrary Java objects -------------------------------------------------------------------------------- Update Information: bump to 0.10.6 https://blog.py4j.org/2017/07/05/py4j-0-10-6-released/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1467882 - py4j-0.10.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1467882 -------------------------------------------------------------------------------- ================================================================================ pyOpenSSL-16.2.0-2.fc25 (FEDORA-2017-31d7cd5eab) Python wrapper module around the OpenSSL library -------------------------------------------------------------------------------- Update Information: * Fixed a memory leak in ``OpenSSL.crypto.CRL`` ([#690](https://github.com/pyca/pyopenssl/pull/691)). * Fixed a memory leak when verifying certificates with ``OpenSSL.crypto.X509StoreContext`` ([#691](https://github.com/pyca/pyopenssl/pull/691)). -------------------------------------------------------------------------------- ================================================================================ python-cryptography-2.0.2-2.fc25 (FEDORA-2017-235298fa58) PyCA's cryptography library -------------------------------------------------------------------------------- Update Information: * PyCA upstream release 2.0.2 * modernize spec -------------------------------------------------------------------------------- ================================================================================ python-cryptography-vectors-2.0.2-1.fc25 (FEDORA-2017-235298fa58) Test vectors for the cryptography package -------------------------------------------------------------------------------- Update Information: * PyCA upstream release 2.0.2 * modernize spec -------------------------------------------------------------------------------- ================================================================================ rubygem-rmagick-2.16.0-6.fc25 (FEDORA-2017-e53376ff56) Ruby binding to ImageMagick -------------------------------------------------------------------------------- Update Information: Rebuilt for ImageMagick 6.9.9-13 -------------------------------------------------------------------------------- ================================================================================ setroubleshoot-3.3.12-3.fc25 (FEDORA-2017-be0959ff2c) Helps troubleshoot SELinux problems -------------------------------------------------------------------------------- Update Information: setroubleshootd was change in order not to catch POSIX signals, see https://bugzilla.redhat.com/show_bug.cgi?id=1366004#c35 for more information. Also, this update contains several backported fixes from the latest upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1366004 - [abrt] setroubleshoot-server: service.py:647:_message_cb:SystemError: <built-in function isinstance> returned a result with an error set https://bugzilla.redhat.com/show_bug.cgi?id=1366004 [ 2 ] Bug #1419245 - [abrt] setroubleshoot-server: service.py:647:_message_cb:SystemError: <built-in function isinstance> returned a result with an error set https://bugzilla.redhat.com/show_bug.cgi?id=1419245 [ 3 ] Bug #1484736 - With selinuxfs unmounted, sealert produces a traceback https://bugzilla.redhat.com/show_bug.cgi?id=1484736 [ 4 ] Bug #1492761 - [abrt] setroubleshoot-server: add_row(): browser.py:456:add_row:GLib.GError: gtk-css-provider-error-quark: <broken file>:1:0Failed to import: Error opening file /usr/share/setroubleshoot/gui/style.css: No such file or directory (2) https://bugzilla.redhat.com/show_bug.cgi?id=1492761 -------------------------------------------------------------------------------- ================================================================================ tomboy-1.15.9-4.fc25 (FEDORA-2017-059c473dbd) Note-taking application -------------------------------------------------------------------------------- Update Information: Use dbus-sharp 2 for Fedora 25 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1491910 - tomboy dependency issue https://bugzilla.redhat.com/show_bug.cgi?id=1491910 -------------------------------------------------------------------------------- ================================================================================ variety-0.6.6-1.fc25 (FEDORA-2017-a9f65288a2) Wallpaper changer that automatically downloads wallpapers -------------------------------------------------------------------------------- Update Information: Update to 0.6.6 -------------------------------------------------------------------------------- ================================================================================ vulkan-1.0.61.0-1.fc25 (FEDORA-2017-74aa4262f9) Vulkan loader and validation layers -------------------------------------------------------------------------------- Update Information: Update to 1.0.61.0 release -------------------------------------------------------------------------------- ================================================================================ wingpanel-indicator-network-2.1.1-1.fc25 (FEDORA-2017-79432a93ab) Network Indicator for wingpanel -------------------------------------------------------------------------------- Update Information: Update to version 2.1.1. More information: https://github.com/elementary /wingpanel-indicator-network/issues?q=is%3Aclosed+milestone%3A2.1.1 ---- Update to version 2.1.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1490892 - wingpanel-indicator-network-2.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1490892 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.9.3-2.fc25 (FEDORA-2017-6f119c8a00) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: Attempt to fix bug #1492822. Add patch to clean leftover sockets. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1492822 - xrdp cannot reuse display numbers because of leftover sockets https://bugzilla.redhat.com/show_bug.cgi?id=1492822 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
