The following Fedora 25 Security updates need testing: Age URL 328 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 166 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 116 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 31 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7089c6e789 suricata-3.2.4-1.fc25 24 https://bodhi.fedoraproject.org/updates/FEDORA-2017-51f49ebbce apr-1.6.3-1.fc25 24 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f563b201ba apr-util-1.5.4-4.fc25 24 https://bodhi.fedoraproject.org/updates/FEDORA-2017-45ed341e61 httpd-2.4.29-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f5ad4107cc fedpkg-1.30-4.fc25 rpkg-1.51-2.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e67e4e45b poppler-0.45.0-10.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0188f21212 postgresql-9.5.10-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-481e4f6f8c ldns-1.6.17-22.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e5bbb657c5 chromium-62.0.3202.89-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1a9068594d python-copr-1.84-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-55a3247cfd openssl-1.0.2m-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-077334783e webkitgtk4-2.18.3-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f58bbbbdb0 konversation-1.7.4-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8575fbfe90 varnish-5.0.0-5.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f1535b86fa lucene4-4.10.4-11.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cdfd888e2e git-2.9.5-3.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-580f91f6b0 qt5-qtwebengine-5.9.2-2.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b5bcfedf10 mrbs-1.7.0-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6d09353c38 xen-4.7.3-9.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d008ecf87a cacti-1.1.28-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ed565f9ed0 jbig2dec-0.14-1.fc25 The following Fedora 25 Critical Path updates have yet to be approved: Age URL 170 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 49 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3fc5429e7e iproute-4.12.0-1.fc25 19 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b89e9f62d8 bind99-9.9.10-3.P3.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dbf347055a hwdata-0.306-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-560cebc111 menu-cache-1.1.0-1.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a7f307017b python-lxml-4.1.1-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e82231f2c7 libglvnd-1.0.0-1.fc25 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e67e4e45b poppler-0.45.0-10.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-077334783e webkitgtk4-2.18.3-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-55a3247cfd openssl-1.0.2m-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-15b7f781f0 nss-3.34.0-1.0.fc25 nss-softokn-3.34.0-1.0.fc25 nss-util-3.34.0-1.0.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cdfd888e2e git-2.9.5-3.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dc8c38e976 man-db-2.7.5-6.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6d09353c38 xen-4.7.3-9.fc25 The following builds have been pushed to Fedora 25 updates-testing cacti-1.1.28-1.fc25 dcap-2.47.12-1.fc25 jbig2dec-0.14-1.fc25 libxc-3.0.1-1.fc25 otter-browser-0.9.92-0.2.rc2gita026c61.fc25 python-ofxparse-0.17-1.fc25 python-regex-2017.11.09-1.fc25 rpmdeplint-1.4-1.fc25 snapd-2.29.4-2.fc25 snapd-glib-1.29-1.fc25 xen-4.7.3-9.fc25 yad-0.40.0-2.fc25 Details about builds: ================================================================================ cacti-1.1.28-1.fc25 (FEDORA-2017-d008ecf87a) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information: - Update to 1.1.28 - CVE-2017-16641, CVE-2017-16660, CVE-2017-16661, CVE-2017-16785 Release notes: https://www.cacti.net/release_notes.php?version=1.1.28 -------------------------------------------------------------------------------- ================================================================================ dcap-2.47.12-1.fc25 (FEDORA-2017-494e6e0a7a) Client Tools for dCache -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- ================================================================================ jbig2dec-0.14-1.fc25 (FEDORA-2017-ed565f9ed0) A decoder implementation of the JBIG2 image compression format -------------------------------------------------------------------------------- Update Information: update to 0.14 (bugfix release CVE-2017-9216) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1456730 - CVE-2017-9216 jbig2dec: Null pointer dereference in jbig2_huffman_get() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1456730 -------------------------------------------------------------------------------- ================================================================================ libxc-3.0.1-1.fc25 (FEDORA-2017-311646e059) Library of exchange and correlation functionals to be used in DFT codes -------------------------------------------------------------------------------- Update Information: Changes in libxc 3.0.1 from 3.0.0: Fixed: * Added missing MGGA_C_SCAN implementation (fix crash in 3.0.0). * Uninitialized cam_omega, cam_alpha, and cam_beta parameters for LDA functionals. * Flags defined in the Fortran 90 interface. * Several references. * Bugs in MGGA_X_MK00 and GGA_X_B86_R. * Behavior for small tau in MGGA_XC_B97M_V and HYB_MGGA_XC_wB97M_V. * Incorrect exchange mixing for HYB_GGA_X_CAP0. * Description of several functionals. Added: * Missing C to Fortran interface for xc_f90_nlc_coef. * Missing interfaces for the set_params functions in the Fortran 90 interface. -------------------------------------------------------------------------------- ================================================================================ otter-browser-0.9.92-0.2.rc2gita026c61.fc25 (FEDORA-2017-62540a9355) Web browser controlled by the user, not vice-versa -------------------------------------------------------------------------------- Update Information: Update to 0.9.92-0.2.rc2gita026c61 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1514778 - [abrt] otter-browser: QWebFrame::url(): otter-browser killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1514778 -------------------------------------------------------------------------------- ================================================================================ python-ofxparse-0.17-1.fc25 (FEDORA-2017-21ad4d3011) Python library for working with the OFX (Open Financial Exchange) file format -------------------------------------------------------------------------------- Update Information: Bug fix release 0.17 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1513450 - python-ofxparse-0.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1513450 -------------------------------------------------------------------------------- ================================================================================ python-regex-2017.11.09-1.fc25 (FEDORA-2017-ad121d9899) Alternative regular expression module, to replace re -------------------------------------------------------------------------------- Update Information: Update to the latest released version. Support Python3 on EPEL7. -------------------------------------------------------------------------------- ================================================================================ rpmdeplint-1.4-1.fc25 (FEDORA-2017-6039108152) Tool to find errors in RPM packages in the context of their dependency graph -------------------------------------------------------------------------------- Update Information: Upstream bug fix release 1.4: https://docs.pagure.org/rpmdeplint/CHANGES.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1423678 - [abrt] [faf] rpmdeplint: perform(): /usr/lib64/python3.5/site-packages/librepo/__init__.py killed by librepo.LibrepoException https://bugzilla.redhat.com/show_bug.cgi?id=1423678 -------------------------------------------------------------------------------- ================================================================================ snapd-2.29.4-2.fc25 (FEDORA-2017-dcf3aa002c) A transactional software package manager -------------------------------------------------------------------------------- Update Information: New releases of snapd (2.29.4) and snapd-glib (1.29). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508434 - snapd-glib-1.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508434 [ 2 ] Bug #1508433 - snapd-2.29.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508433 -------------------------------------------------------------------------------- ================================================================================ snapd-glib-1.29-1.fc25 (FEDORA-2017-dcf3aa002c) Library providing a GLib interface to snapd -------------------------------------------------------------------------------- Update Information: New releases of snapd (2.29.4) and snapd-glib (1.29). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1508434 - snapd-glib-1.29 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508434 [ 2 ] Bug #1508433 - snapd-2.29.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1508433 -------------------------------------------------------------------------------- ================================================================================ xen-4.7.3-9.fc25 (FEDORA-2017-6d09353c38) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: fix an issue in patch for [XSA-240, CVE-2017-15595] that might be a security issue fix for [XSA-243, CVE-2017-15592] could cause hypervisor crash (DOS) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1499823 - CVE-2017-15592 xsa243 xen: x86: Incorrect handling of self-linear shadow mappings with translated guests (XSA-243) https://bugzilla.redhat.com/show_bug.cgi?id=1499823 [ 2 ] Bug #1499820 - CVE-2017-15595 xsa240 xen: Unlimited recursion in linear pagetable de-typing (XSA-240) https://bugzilla.redhat.com/show_bug.cgi?id=1499820 -------------------------------------------------------------------------------- ================================================================================ yad-0.40.0-2.fc25 (FEDORA-2017-c00b24feef) Display graphical dialogs from shell scripts or command line -------------------------------------------------------------------------------- Update Information: Update to YAD 0.40.0-2 to add BuildRequires: webkitgtk3-devel for Fedora <=26 and EPEL ( webkitgtk3-devel is obsolete in Fedora >= 27 ) ---- Update to YAD 0.40.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1514776 - yad-0.40.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1514776 [ 2 ] Bug #1455282 - yad compiled with --enable-html but without webkitgtk3-devel https://bugzilla.redhat.com/show_bug.cgi?id=1455282 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
