The following Fedora 25 Security updates need testing: Age URL 321 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 220 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 159 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 113 https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c memcached-1.4.39-1.fc25 110 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 31 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6967efb3f0 thunderbird-52.4.0-2.fc25 25 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7089c6e789 suricata-3.2.4-1.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-51f49ebbce apr-1.6.3-1.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f563b201ba apr-util-1.5.4-4.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-45ed341e61 httpd-2.4.29-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab57a100f3 rpm-4.13.0.2-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cfb950d8f4 hostapd-2.6-6.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-803a99828d php-PHPMailer-5.2.26-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f5ad4107cc fedpkg-1.30-4.fc25 rpkg-1.51-2.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c7514691cb perl-Net-Ping-External-0.15-11.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e67e4e45b poppler-0.45.0-10.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0188f21212 postgresql-9.5.10-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-481e4f6f8c ldns-1.6.17-22.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e5bbb657c5 chromium-62.0.3202.89-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2391f0551d firefox-57.0-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1a9068594d python-copr-1.84-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8016cc0bd0 backintime-1.1.24-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f58bbbbdb0 konversation-1.7.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-55a3247cfd openssl-1.0.2m-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-077334783e webkitgtk4-2.18.3-1.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 164 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 43 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3fc5429e7e iproute-4.12.0-1.fc25 31 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6967efb3f0 thunderbird-52.4.0-2.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b89e9f62d8 bind99-9.9.10-3.P3.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b9a00d98e5 python-productmd-1.9-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dbf347055a hwdata-0.306-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab57a100f3 rpm-4.13.0.2-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e64b02d1b1 pcre2-10.23-10.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-65b10e63d5 pungi-4.1.20-1.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec5efbcfc6 pcre-8.41-3.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e91585cd60 ethtool-4.13-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-560cebc111 menu-cache-1.1.0-1.fc25 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a7f307017b python-lxml-4.1.1-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e82231f2c7 libglvnd-1.0.0-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2391f0551d firefox-57.0-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e67e4e45b poppler-0.45.0-10.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-077334783e webkitgtk4-2.18.3-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-55a3247cfd openssl-1.0.2m-1.fc25 The following builds have been pushed to Fedora 25 updates-testing bind-9.10.5-3.P3.fc25 caja-1.18.5-1.fc25 haxe-3.4.4-1.fc25 impallari-raleway-fonts-3.0-2.git20161116.6c67ab1.fc25 lighttpd-1.4.48-1.fc25 lis-2.0.3-2.fc25 mediawriter-4.1.1-1.fc25 openssl-1.0.2m-1.fc25 perl-Finance-Quote-1.47-1.fc25 perl-Net-CalDAVTalk-0.11-1.fc25 perl-Net-CardDAVTalk-0.07-1.fc25 perl-Shipwright-2.4.42-1.fc25 pluma-1.18.3-1.fc25 pysnmp-4.4.2-1.fc25 python-msrest-0.4.18-1.fc25 python-msrestazure-0.4.16-1.fc25 python-openidc-client-0.4.0-1.20171113git54dee6e.fc25 python-stem-1.6.0-1.fc25 sway-0.15.0-2.fc25 timeline-1.16.0-1.fc25 webkitgtk4-2.18.3-1.fc25 wlc-0.0.11-1.fc25 Details about builds: ================================================================================ bind-9.10.5-3.P3.fc25 (FEDORA-2017-b68d7f3b8b) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information: Include DNSKEY 20326 also in trusted-key.key (#1505476) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1505476 - bind-utils: trusted-key.key does not contain recent DNSSEC key https://bugzilla.redhat.com/show_bug.cgi?id=1505476 [ 2 ] Bug #1205168 - dhcp not working with ldap configuration https://bugzilla.redhat.com/show_bug.cgi?id=1205168 [ 3 ] Bug #1508003 - bind: default rndc key uses insecure hmac-md5 https://bugzilla.redhat.com/show_bug.cgi?id=1508003 -------------------------------------------------------------------------------- ================================================================================ caja-1.18.5-1.fc25 (FEDORA-2017-f56628d65d) File manager for MATE -------------------------------------------------------------------------------- Update Information: - update to 1.18.5 -------------------------------------------------------------------------------- ================================================================================ haxe-3.4.4-1.fc25 (FEDORA-2017-8751ae756a) Multi-target universal programming language -------------------------------------------------------------------------------- Update Information: Haxe 3.4.4 is mainly a bugfix release over 3.4.2, notably a number of php target fixes. The complete changelog can be found at https://github.com/HaxeFoundation/haxe/blob/3.4.4/extra/CHANGES.txt. -------------------------------------------------------------------------------- ================================================================================ impallari-raleway-fonts-3.0-2.git20161116.6c67ab1.fc25 (FEDORA-2017-1cafd4df16) Elegant sans-serif typeface family -------------------------------------------------------------------------------- Update Information: Fix SemiBold font installation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1505179 - impallari-raleway-fonts: SemiBold are not installed https://bugzilla.redhat.com/show_bug.cgi?id=1505179 -------------------------------------------------------------------------------- ================================================================================ lighttpd-1.4.48-1.fc25 (FEDORA-2017-30ab9877ed) Lightning fast webserver with light system requirements -------------------------------------------------------------------------------- Update Information: https://www.lighttpd.net/2017/11/11/1.4.48/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1512281 - lighttpd-1.4.48 is available https://bugzilla.redhat.com/show_bug.cgi?id=1512281 -------------------------------------------------------------------------------- ================================================================================ lis-2.0.3-2.fc25 (FEDORA-2017-a0ecae395a) A library for solving linear equations and eigenvalue problems -------------------------------------------------------------------------------- Update Information: Include new binaries ---- Update to 1.7.30 ---- Add new gcc-gfortran to BR -------------------------------------------------------------------------------- ================================================================================ mediawriter-4.1.1-1.fc25 (FEDORA-2017-f12bc1a2b6) Fedora Media Writer -------------------------------------------------------------------------------- Update Information: Update to 4.1.1 -------------------------------------------------------------------------------- ================================================================================ openssl-1.0.2m-1.fc25 (FEDORA-2017-55a3247cfd) Utilities from the general purpose cryptography library with TLS implementation -------------------------------------------------------------------------------- Update Information: Minor security update 1.0.2m. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1486146 - CVE-2017-3735 CVE-2017-3736 openssl: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1486146 -------------------------------------------------------------------------------- ================================================================================ perl-Finance-Quote-1.47-1.fc25 (FEDORA-2017-ca4e0dd503) A Perl module that retrieves stock and mutual fund quotes -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. Various sources fixed, new source AlphaVantage added. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1509722 - perl-Finance-Quote-1.40 is available https://bugzilla.redhat.com/show_bug.cgi?id=1509722 [ 2 ] Bug #1510220 - perl-Finance-Quote-1.42 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510220 [ 3 ] Bug #1510678 - perl-Finance-Quote-1.44 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510678 [ 4 ] Bug #1511240 - perl-Finance-Quote-1.45 is available https://bugzilla.redhat.com/show_bug.cgi?id=1511240 [ 5 ] Bug #1512341 - perl-Finance-Quote-1.47 is available https://bugzilla.redhat.com/show_bug.cgi?id=1512341 -------------------------------------------------------------------------------- ================================================================================ perl-Net-CalDAVTalk-0.11-1.fc25 (FEDORA-2017-843c237f39) CalDAV client with JSON data interface -------------------------------------------------------------------------------- Update Information: This release adds support for GetEventLinks, GetEventsMulti, and SyncEventLinks. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1512523 - perl-Net-CalDAVTalk-0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1512523 -------------------------------------------------------------------------------- ================================================================================ perl-Net-CardDAVTalk-0.07-1.fc25 (FEDORA-2017-b58512a2fa) CardDAV client -------------------------------------------------------------------------------- Update Information: This release brings support for GetContactsMulti, SyncContactLinks, and GetContactLinks. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1512284 - perl-Net-CardDAVTalk-0.07 is available https://bugzilla.redhat.com/show_bug.cgi?id=1512284 -------------------------------------------------------------------------------- ================================================================================ perl-Shipwright-2.4.42-1.fc25 (FEDORA-2017-ee1dd188f6) Build and Manage Self-contained Software Bundle -------------------------------------------------------------------------------- Update Information: This release adds support for https schema. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1512192 - perl-Shipwright-2.4.42 is available https://bugzilla.redhat.com/show_bug.cgi?id=1512192 -------------------------------------------------------------------------------- ================================================================================ pluma-1.18.3-1.fc25 (FEDORA-2017-07eb57d36c) Text editor for the MATE desktop -------------------------------------------------------------------------------- Update Information: - update to 1.18.3 -------------------------------------------------------------------------------- ================================================================================ pysnmp-4.4.2-1.fc25 (FEDORA-2017-bef56f5d70) An SNMP engine written in Python -------------------------------------------------------------------------------- Update Information: Updated to new upstream version 4.4.2 -------------------------------------------------------------------------------- ================================================================================ python-msrest-0.4.18-1.fc25 (FEDORA-2017-708a96e55e) AutoRest swagger generator Python client runtime -------------------------------------------------------------------------------- Update Information: #python-msrest 0.4.18 ##Features * Add ApiKeyCredentials class. This can be used to support OpenAPI ApiKey feature. * Add CognitiveServicesAuthentication class. Pre-declared ApiKeyCredentials class for Cognitive Services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508202 - python-msrest-v0.4.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508202 -------------------------------------------------------------------------------- ================================================================================ python-msrestazure-0.4.16-1.fc25 (FEDORA-2017-6c98c61682) AutoRest swagger generator Python client runtime (Azure-specific module) -------------------------------------------------------------------------------- Update Information: # python-msrestazure 0.4.16 ##Bugfixes * Fix AttributeError if input JSON is not a dict ([#54](https://github.com/Azure/msrestazure-for-python/issues/54)) -------------------------------------------------------------------------------- ================================================================================ python-openidc-client-0.4.0-1.20171113git54dee6e.fc25 (FEDORA-2017-7f9347a2ae) Python OpenID Connect client with token caching and management -------------------------------------------------------------------------------- Update Information: python-openidc-client-v0.4.0 is available Add Requests AuthBase wrapper Allow specifying to not get new tokens in auther -------------------------------------------------------------------------------- References: [ 1 ] Bug #1455728 - python-openidc-client-v0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1455728 -------------------------------------------------------------------------------- ================================================================================ python-stem-1.6.0-1.fc25 (FEDORA-2017-e31cb207ff) Python controller library for Tor -------------------------------------------------------------------------------- Update Information: Version 1.6.0 -------------------------------------------------------------------------------- ================================================================================ sway-0.15.0-2.fc25 (FEDORA-2017-beca7ca08a) i3-compatible window manager for Wayland -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1510233 - wlc-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510233 [ 2 ] Bug #1510446 - sway-0.15.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510446 -------------------------------------------------------------------------------- ================================================================================ timeline-1.16.0-1.fc25 (FEDORA-2017-bf085cf409) Displays and navigates events on a timeline -------------------------------------------------------------------------------- Update Information: 1.16.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1512524 - timeline-1.16.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1512524 -------------------------------------------------------------------------------- ================================================================================ webkitgtk4-2.18.3-1.fc25 (FEDORA-2017-077334783e) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information: This update addresses the following vulnerabilities: * [CVE-2017-13798](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13798), [CVE-2017-13788](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13788), [CVE-2017-13803](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13803) Additional fixes: * Improve calculation of font metrics to prevent scrollbars from being shown unnecessarily in some cases. * Fix handling of null capabilities in WebDriver implementation. -------------------------------------------------------------------------------- ================================================================================ wlc-0.0.11-1.fc25 (FEDORA-2017-beca7ca08a) Wayland compositor library -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1510233 - wlc-0.0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510233 [ 2 ] Bug #1510446 - sway-0.15.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510446 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
