The following Fedora 25 Security updates need testing: Age URL 296 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 195 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 134 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 88 https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c memcached-1.4.39-1.fc25 84 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 35 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e66393536 libwpd-0.10.2-1.fc25 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e3bf383b11 gnome-shell-3.22.3-2.fc25 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01ab87482e httpd-2.4.27-4.fc25 22 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0f24bb2a9 chromium-61.0.3163.100-1.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2aa4d11993 openvpn-2.4.4-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e5ac0896e botan-1.10.17-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-515264ae24 dnsmasq-2.76-4.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9d345f250a nagios-4.3.4-3.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6bbb922009 check-mk-1.2.8p26-1.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-042c59fab9 nodejs-forwarded-0.1.2-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-805d9423f8 poppler-0.45.0-9.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b7c4334524 libXfont-1.5.2-5.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3c5282ada7 rubygem-rmagick-2.16.0-8.fc25 ImageMagick-6.9.9.19-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-88a1f4854d sssd-1.15.3-5.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2b28a055f2 tnef-1.4.15-1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6127ddb036 mingw-poppler-0.45.0-5.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d4709b0d8b xen-4.7.3-7.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6967efb3f0 thunderbird-52.4.0-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8761075ffd cacti-1.1.26-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-005f8f7f7d lucene-5.5.0-5.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7089c6e789 suricata-3.2.4-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cafcdbdde5 kernel-4.13.8-100.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5934ecf841 SDL2-2.0.5-8.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 138 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 41 https://bodhi.fedoraproject.org/updates/FEDORA-2017-504aeb74ba rpcbind-0.2.4-7.rc2.fc25 37 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a44008dd1d python-pysocks-1.6.7-1.fc25 35 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2802f82ef1 webkitgtk4-2.18.0-1.fc25 29 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d2803ce4f5 linux-firmware-20170828-77.gitb78acc9.fc25 29 https://bodhi.fedoraproject.org/updates/FEDORA-2017-235298fa58 python-cryptography-2.0.2-2.fc25 python-cryptography-vectors-2.0.2-1.fc25 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e3bf383b11 gnome-shell-3.22.3-2.fc25 20 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b78dd48284 dbus-1.11.18-1.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a45ef4d535 hwdata-0.305-1.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3fc5429e7e iproute-4.12.0-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1391851bdb vte291-0.46.3-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d6667b0ae sudo-1.8.21p2-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f36afbbe07 p11-kit-0.23.9-2.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0803060361 nss-3.33.0-1.0.fc25 nss-softokn-3.33.0-1.0.fc25 nss-util-3.33.0-1.0.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5324f52b3d koji-1.14.0-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-515264ae24 dnsmasq-2.76-4.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-00cfac3370 pungi-4.1.19-1.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ae3e7ab916 glusterfs-3.10.6-3.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-41e6f8d803 breeze-icon-theme-5.38.0-2.fc25 extra-cmake-modules-5.38.0-2.fc25 kf5-5.38.0-1.fc25 kf5-attica-5.38.0-1.fc25 kf5-baloo-5.38.0-1.fc25 kf5-bluez-qt-5.38.0-1.fc25 kf5-frameworkintegration-5.38.0-1.fc25 kf5-kactivities-5.38.0-1.fc25 kf5-kactivities-stats-5.38.0-1.fc25 kf5-kapidox-5.38.0-1.fc25 kf5-karchive-5.38.0-1.fc25 kf5-kauth-5.38.0-1.fc25 kf5-kbookmarks-5.38.0-1.fc25 kf5-kcmutils-5.38.0-1.fc25 kf5-kcodecs-5.38.0-1.fc25 kf5-kcompletion-5.38.0-1.fc25 kf5-kconfig-5.38.0-5.fc25 kf5-kconfigwidgets-5.38.0-1.fc25 kf5-kcoreaddons-5.38.0-1.fc25 kf5-kcrash-5.38.0-1.fc25 kf5-kdbusaddons-5.38.0-1.fc25 kf5-kdeclarative-5.38.0-1.fc25 kf5-kded-5.38.0-1.fc25 kf5-kdelibs4support-5.38.0-1.fc25 kf5-kdesignerplugin-5.38.0-1.fc25 kf5-kdesu-5.38.0-1.fc25 kf5-kdewebkit-5.38.0-1.fc25 kf5-kdnssd-5.38.0-1.fc25 kf5-kdoctools-5.38.0-1.fc25 kf5-kemoticons-5.38.0-1.fc25 kf5-kfilemetadata-5.38.0-1.fc25 kf5-kglobalaccel-5.38.1-1.fc25 kf5-kguiad dons-5.38.0-1.fc25 kf5-khtml-5.38.0-1.fc25 kf5-ki18n-5.38.0-1.fc25 kf5-kiconthemes-5.38.0-1.fc25 kf5-kidletime-5.38.0-1.fc25 kf5-kimageformats-5.38.0-1.fc25 kf5-kinit-5.38.0-1.fc25 kf5-kio-5.38.0-1.fc25 kf5-kitemmodels-5.38.0-1.fc25 kf5-kitemviews-5.38.0-1.fc25 kf5-kjobwidgets-5.38.0-1.fc25 kf5-kjs-5.38.0-1.fc25 kf5-kjsembed-5.38.0-1.fc25 kf5-kmediaplayer-5.38.0-1.fc25 kf5-knewstuff-5.38.0-1.fc25 kf5-knotifications-5.38.0-1.fc25 kf5-knotifyconfig-5.38.0-1.fc25 kf5-kpackage-5.38.0-1.fc25 kf5-kparts-5.38.0-1.fc25 kf5-kpeople-5.38.0-1.fc25 kf5-kplotting-5.38.0-1.fc25 kf5-kpty-5.38.0-1.fc25 kf5-kross-5.38.0-1.fc25 kf5-krunner-5.38.0-1.fc25 kf5-kservice-5.38.0-1.fc25 kf5-ktexteditor-5.38.0-2.fc25 kf5-ktextwidgets-5.38.0-1.fc25 kf5-kunitconversion-5.38.0-1.fc25 kf5-kwallet-5.38.0-1.fc25 kf5-kwayland-5.38.0-1.fc25 kf5-kwidgetsaddons-5.38.0-1.fc25 kf5-kwindowsystem-5.38.0-1.fc25 kf5-kxmlgui-5.38.0-1.fc25 kf5-kxmlrpcclient-5.38.0-1.fc25 kf5-modemmanager-qt-5.38.0-1.fc25 kf5-networkmanager-qt -5.38.0-1.fc25 kf5-plasma-5.38.0-1.fc25 kf5-solid-5.38.0-1.fc25 kf5-sonnet-5.38.0-1.fc25 kf5-syntax-highlighting-5.38.0-1.fc25 kf5-threadweaver-5.38.0-1.fc25 oxygen-icon-theme-5.38.0-2.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4d00e4db6a selinux-policy-3.13.1-225.23.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4d9b3c4003 ding-libs-0.6.1-34.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-48f0da57ca python3-3.5.4-2.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-805d9423f8 poppler-0.45.0-9.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a2017ed263 python-productmd-1.8-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b763f774a4 spice-0.14.0-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-88a1f4854d sssd-1.15.3-5.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6967efb3f0 thunderbird-52.4.0-2.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d4709b0d8b xen-4.7.3-7.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fa32d9cd0c popt-1.16-12.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b005e95422 audit-2.8.1-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-038e288658 libguestfs-1.36.10-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5934ecf841 SDL2-2.0.5-8.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cafcdbdde5 kernel-4.13.8-100.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4dc8e5a70f kobo-0.7.0-3.fc25 The following builds have been pushed to Fedora 25 updates-testing SDL2-2.0.5-8.fc25 copr-backend-1.106-1.fc25 copr-cli-1.64-1.fc25 copr-frontend-1.123-1.fc25 copr-rpmbuild-0.11-1.fc25 copy-jdk-configs-3.3-1.fc25 kernel-4.13.8-100.fc25 kobo-0.7.0-3.fc25 libguestfs-1.36.10-1.fc25 php-bacon-qr-code-1.0.3-1.fc25 php-sabre-vobject4-4.1.3-1.fc25 python-copr-1.82-1.fc25 python-rhsm-1.20.2-1.fc25 rpkg-client-0.10-1.fc25 subscription-manager-1.20.2-1.fc25 suricata-3.2.4-1.fc25 Details about builds: ================================================================================ SDL2-2.0.5-8.fc25 (FEDORA-2017-5934ecf841) A cross-platform multimedia library -------------------------------------------------------------------------------- Update Information: Fix CVE-2017-2888 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1500734 - CVE-2017-2888 SDL2: SDL: Integer overflow while creating a new RGB surface [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1500734 -------------------------------------------------------------------------------- ================================================================================ copr-backend-1.106-1.fc25 (FEDORA-2017-fc31e1bf7a) Backend for Copr -------------------------------------------------------------------------------- Update Information: - invoke copr-rpmbuild with --verbose -------------------------------------------------------------------------------- ================================================================================ copr-cli-1.64-1.fc25 (FEDORA-2017-9fd09995ba) Command line interface for COPR -------------------------------------------------------------------------------- Update Information: - add SCM api - add deprecation warnings for tito and mockscm methods -------------------------------------------------------------------------------- ================================================================================ copr-frontend-1.123-1.fc25 (FEDORA-2017-0a66d4ad30) Frontend for Copr -------------------------------------------------------------------------------- Update Information: - also set srpm_url when --initial-pkgs is used when creating new project - for tag webhook events, rebuild the package on the specified tag - check for pagure hostname in pagure auto-rebuilding script - fix for fatal error when accessing old upload builds that do not contain 'url' key in source_json - unify SCM source types - deprecate tito and mock-scm methods - add index on package(webhook_rebuild, source_type) and copr(copr_webhook_secret) - update docs for requests/flask interaction ---- - Fix for internal server error when old srpm upload build is accessed. -------------------------------------------------------------------------------- ================================================================================ copr-rpmbuild-0.11-1.fc25 (FEDORA-2017-3f1a18e468) Run COPR build tasks -------------------------------------------------------------------------------- Update Information: - provide option to root spec file path in SCM with '/' - fix exception raising in scm provider - make command debug info nicer - print task structure in the beginning even without -v - add listdir after srpm production - some Git backends do not support --depth - remove unused run method - checkout master by default - with limited depth, we need to clone with --no-single-branch - remove original perl script and mock config for it - remove no longer needed options from rpkg.conf.j2 - SCM source types unification - apply continuing line filtering from f4561c149893 - increase clone depth to address pag#129 SCM source type error -------------------------------------------------------------------------------- ================================================================================ copy-jdk-configs-3.3-1.fc25 (FEDORA-2017-33359ec677) JDKs configuration files copier -------------------------------------------------------------------------------- Update Information: handled new paths for policies files -------------------------------------------------------------------------------- ================================================================================ kernel-4.13.8-100.fc25 (FEDORA-2017-cafcdbdde5) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.13.8 update contains a number of important fixes across the tree. ---- The 4.13.6 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1495089 - CVE-2017-12190 kernel: memory leak when merging buffers in SCSI IO vectors https://bugzilla.redhat.com/show_bug.cgi?id=1495089 [ 2 ] Bug #1501878 - CVE-2017-15265 kernel: Use-after-free in snd_seq_ioctl_create_port() https://bugzilla.redhat.com/show_bug.cgi?id=1501878 [ 3 ] Bug #1498016 - CVE-2017-15299 kernel: Incorrect updates of uninstantiated keys crash the kernel https://bugzilla.redhat.com/show_bug.cgi?id=1498016 [ 4 ] Bug #1498067 - CVE-2017-1000255 kernel: Arbitrary stack overwrite causing oops via crafted signal frame https://bugzilla.redhat.com/show_bug.cgi?id=1498067 [ 5 ] Bug #1500094 - CVE-2017-5123 kernel: Missing access_ok() checks in waitid() https://bugzilla.redhat.com/show_bug.cgi?id=1500094 -------------------------------------------------------------------------------- ================================================================================ kobo-0.7.0-3.fc25 (FEDORA-2017-4dc8e5a70f) Python modules for tools development -------------------------------------------------------------------------------- Update Information: New upstream release 0.7.0; supports python 3 -------------------------------------------------------------------------------- ================================================================================ libguestfs-1.36.10-1.fc25 (FEDORA-2017-038e288658) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information: New upstream version 1.36.10. ---- New upstream version 1.36.7. -------------------------------------------------------------------------------- ================================================================================ php-bacon-qr-code-1.0.3-1.fc25 (FEDORA-2017-4b71d32279) QR code generator for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.0.3** As [upstream don't provide any changelog](https://github.com/Bacon/BaconQrCode/issues/35), see the [commit history](https://github.com/Bacon/BaconQrCode/commits/master). -------------------------------------------------------------------------------- ================================================================================ php-sabre-vobject4-4.1.3-1.fc25 (FEDORA-2017-489fa41600) Library to parse and manipulate iCalendar and vCard objects -------------------------------------------------------------------------------- Update Information: **Version 4.1.3** (2017-10-18) * 363: Repair script and de-duplicate properties that are only allowed once, but appear more than once. (@ddolcimascolo). * 377: Addes Pacific Time (US & Canada) as exchange timezone * 384: Added fallback for VCards without `FN` -------------------------------------------------------------------------------- ================================================================================ python-copr-1.82-1.fc25 (FEDORA-2017-9fd09995ba) Python interface for Copr -------------------------------------------------------------------------------- Update Information: - add SCM api - add deprecation warnings for tito and mockscm methods -------------------------------------------------------------------------------- ================================================================================ python-rhsm-1.20.2-1.fc25 (FEDORA-2017-46f85a11cf) A Python library to communicate with a Red Hat Unified Entitlement Platform -------------------------------------------------------------------------------- Update Information: * Numerous bug fixes * D-Bus service for unregistering * D-Bus service for listing installed products -------------------------------------------------------------------------------- ================================================================================ rpkg-client-0.10-1.fc25 (FEDORA-2017-378c4c0844) RPM packaging utitility -------------------------------------------------------------------------------- Update Information: - possibility to give directory to --spec - also take --spec in account for rpmdefines - update spec descriptions - added is-packed subcommand - try reading ~/.config/rpkg before /etc/rpkg - add unittests - for source downloading, try both url formats with/without hashtype - add make-source subcommand - patch srpm to generate Source0 if unpacked content - override load_ns_module_name to work with any length namespaces - added --spec for srpm, make-source, and copr-build - fixed tagging not to include host dist tag - docs update - make all config values optional -------------------------------------------------------------------------------- ================================================================================ subscription-manager-1.20.2-1.fc25 (FEDORA-2017-46f85a11cf) Tools and libraries for subscription and repository management -------------------------------------------------------------------------------- Update Information: * Numerous bug fixes * D-Bus service for unregistering * D-Bus service for listing installed products -------------------------------------------------------------------------------- ================================================================================ suricata-3.2.4-1.fc25 (FEDORA-2017-7089c6e789) Intrusion Detection System -------------------------------------------------------------------------------- Update Information: 3.2.4 is a security update. It fixes a crash in DCERPC traffic and a DoS where certain traffic could lead to extreme slow downs. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
