The following Fedora 25 Security updates need testing: Age URL 231 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 130 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e python-XStatic-jquery-ui-1.12.0.1-4.fc25 69 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 34 https://bodhi.fedoraproject.org/updates/FEDORA-2017-33c8085c5d groovy18-1.8.9-28.fc25 29 https://bodhi.fedoraproject.org/updates/FEDORA-2017-86cfcbbae8 libstaroffice-0.0.4-1.fc25 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-82b5035f76 chicken-4.12.0-3.fc25 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c memcached-1.4.39-1.fc25 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fe04b06b64 python-tablib-0.11.5-1.fc25 19 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 19 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1fe6d2b86 nasm-2.13.01-3.fc25 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-be3df4fe14 java-1.8.0-openjdk-aarch32-1.8.0.141-1.170721.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a05e2b8545 cups-filters-1.10.0-4.fc25 qpdf-6.0.0-6.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-866fc566e0 torbrowser-launcher-0.2.8-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f318871e3b ruby-2.3.4-63.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f6e3215f2b mingw-openjpeg2-2.2.0-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c9d8011d69 mingw-libsoup-2.56.1-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9148fe36b9 postgresql-9.5.8-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1d1a38bdd1 subversion-1.9.7-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f98cef571d kernel-4.12.5-200.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e5ac0896e botan-1.10.16-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fa1d8ad61a mercurial-3.8.1-4.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-97eb475d93 cvs-1.11.23-41.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f50b903bb4 chromium-60.0.3112.90-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c27a947af1 nginx-1.12.1-1.fc25
The following Fedora 25 Critical Path updates have yet to be approved: Age URL 73 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 29 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2312ac9d9 pungi-4.1.17-1.fc25 26 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b67562744 ca-certificates-2017.2.16-1.0.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-226cbd995b libvirt-2.2.1-3.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bb07876a1c nspr-4.16.0-1.fc25 nss-3.32.0-1.0.fc25 nss-softokn-3.32.0-1.1.fc25 nss-util-3.32.0-1.0.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f98cef571d kernel-4.12.5-200.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba3e72c511 osinfo-db-20170813-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-67705933e3 glusterfs-3.10.5-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bd0324f3e9 p11-kit-0.23.8-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-36c2c88b14 vim-8.0.946-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d61e68bd21 file-5.29-8.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-837f04c39a selinux-policy-3.13.1-225.20.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1a0a83099 firefox-55.0.1-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-97eb475d93 cvs-1.11.23-41.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0c6291cd4b pango-1.40.9-1.fc25 The following builds have been pushed to Fedora 25 updates-testing 389-ds-base-1.3.5.19-1.fc25 alpine-2.21-3.fc25 chromium-60.0.3112.90-1.fc25 file-5.29-8.fc25 gnome-shell-extension-freon-27-1.fc25 guacamole-server-0.9.13-1.fc25 libfastjson-0.99.6-1.fc25 libmediainfo-0.7.98-1.fc25 libzen-0.4.36-1.fc25 mediaconch-17.07-1.fc25 mediainfo-0.7.98-1.fc25 mingw-gdk-pixbuf-2.36.8-1.fc25 nginx-1.12.1-1.fc25 p11-kit-0.23.8-1.fc25 php-pecl-timecop-1.2.8-1.fc25 syncthing-0.14.36-2.fc25 vim-8.0.946-1.fc25 Details about builds: ================================================================================ 389-ds-base-1.3.5.19-1.fc25 (FEDORA-2017-4333359de8) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: Bump verison to 1.3.5.19 -------------------------------------------------------------------------------- ================================================================================ alpine-2.21-3.fc25 (FEDORA-2017-09f9691ebe) powerful, easy to use console email client -------------------------------------------------------------------------------- Update Information: alpine 2.21, update URL, .spec cosmetics -------------------------------------------------------------------------------- ================================================================================ chromium-60.0.3112.90-1.fc25 (FEDORA-2017-f50b903bb4) A WebKit (Blink) powered web browser -------------------------------------------------------------------------------- Update Information: Chromium 60. Security fix for CVE-2017-5091, CVE-2017-5092, CVE-2017-5093, CVE-2017-5094, CVE-2017-5095, CVE-2017-5096, CVE-2017-5097, CVE-2017-5098, CVE-2017-5099, CVE-2017-5100, CVE-2017-5101, CVE-2017-5102, CVE-2017-5103, CVE-2017-5104, CVE-2017-7000, CVE-2017-5105, CVE-2017-5106, CVE-2017-5107, CVE-2017-5108, CVE-2017-5109, CVE-2017-5110. New subpackage -headless. ---- Update to 59.0.3071.115 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1475213 - CVE-2017-5110 chromium-browser: ui spoofing in payments dialog https://bugzilla.redhat.com/show_bug.cgi?id=1475213 [ 2 ] Bug #1475212 - CVE-2017-5109 chromium-browser: ui spoofing in browser https://bugzilla.redhat.com/show_bug.cgi?id=1475212 [ 3 ] Bug #1475211 - CVE-2017-5108 chromium-browser: type confusion in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1475211 [ 4 ] Bug #1475210 - CVE-2017-5107 chromium-browser: user information leak via svg https://bugzilla.redhat.com/show_bug.cgi?id=1475210 [ 5 ] Bug #1475209 - CVE-2017-5106 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1475209 [ 6 ] Bug #1475208 - CVE-2017-5105 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1475208 [ 7 ] Bug #1475207 - CVE-2017-7000 chromium-browser: pointer disclosure in sqlite https://bugzilla.redhat.com/show_bug.cgi?id=1475207 [ 8 ] Bug #1475206 - CVE-2017-5104 chromium-browser: ui spoofing in browser https://bugzilla.redhat.com/show_bug.cgi?id=1475206 [ 9 ] Bug #1475205 - CVE-2017-5103 chromium-browser: uninitialized use in skia https://bugzilla.redhat.com/show_bug.cgi?id=1475205 [ 10 ] Bug #1475204 - CVE-2017-5102 chromium-browser: uninitialized use in skia https://bugzilla.redhat.com/show_bug.cgi?id=1475204 [ 11 ] Bug #1475203 - CVE-2017-5101 chromium-browser: url spoofing in omnibox https://bugzilla.redhat.com/show_bug.cgi?id=1475203 [ 12 ] Bug #1475202 - CVE-2017-5100 chromium-browser: use after free in chrome apps https://bugzilla.redhat.com/show_bug.cgi?id=1475202 [ 13 ] Bug #1475201 - CVE-2017-5099 chromium-browser: out-of-bounds write in ppapi https://bugzilla.redhat.com/show_bug.cgi?id=1475201 [ 14 ] Bug #1475200 - CVE-2017-5098 chromium-browser: use after free in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1475200 [ 15 ] Bug #1475199 - CVE-2017-5097 chromium-browser: out-of-bounds read in skia https://bugzilla.redhat.com/show_bug.cgi?id=1475199 [ 16 ] Bug #1475198 - CVE-2017-5096 chromium-browser: user information leak via android intents https://bugzilla.redhat.com/show_bug.cgi?id=1475198 [ 17 ] Bug #1475197 - CVE-2017-5095 chromium-browser: out-of-bounds write in pdfium https://bugzilla.redhat.com/show_bug.cgi?id=1475197 [ 18 ] Bug #1475196 - CVE-2017-5094 chromium-browser: type confusion in extensions https://bugzilla.redhat.com/show_bug.cgi?id=1475196 [ 19 ] Bug #1475195 - CVE-2017-5093 chromium-browser: ui spoofing in blink https://bugzilla.redhat.com/show_bug.cgi?id=1475195 [ 20 ] Bug #1475194 - CVE-2017-5092 chromium-browser: use after free in ppapi https://bugzilla.redhat.com/show_bug.cgi?id=1475194 [ 21 ] Bug #1475193 - CVE-2017-5091 chromium-browser: use after free in indexeddb https://bugzilla.redhat.com/show_bug.cgi?id=1475193 -------------------------------------------------------------------------------- ================================================================================ file-5.29-8.fc25 (FEDORA-2017-d61e68bd21) A utility for determining file types -------------------------------------------------------------------------------- Update Information: - New magic file entry - gconv - Recognition of iconv/gconv module cache -------------------------------------------------------------------------------- References: [ 1 ] Bug #1342428 - file(1) does not recognize iconv/gconv modules cache https://bugzilla.redhat.com/show_bug.cgi?id=1342428 -------------------------------------------------------------------------------- ================================================================================ gnome-shell-extension-freon-27-1.fc25 (FEDORA-2017-16daff81d8) GNOME Shell extension to display system temperature, voltage, and fan speed -------------------------------------------------------------------------------- Update Information: Bump to upstream version 27, which fixes Nvidia GPU label detection. ---- Bump to upstream version 26, which adds support for multiple simultaneous graphics cards. ---- Bump to upstream version 25, which adds German localization. -------------------------------------------------------------------------------- ================================================================================ guacamole-server-0.9.13-1.fc25 (FEDORA-2017-4a35c133a5) Server-side native components that form the Guacamole proxy -------------------------------------------------------------------------------- Update Information: Update to official 0.9.13. -------------------------------------------------------------------------------- ================================================================================ libfastjson-0.99.6-1.fc25 (FEDORA-2017-4a5b1b3ed4) A JSON implementation in C -------------------------------------------------------------------------------- Update Information: rebase to v0.99.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1462723 - libfastjson-v0.99.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1462723 -------------------------------------------------------------------------------- ================================================================================ libmediainfo-0.7.98-1.fc25 (FEDORA-2017-2b2288ad68) Library for supplies technical and tag information about a video or audio file -------------------------------------------------------------------------------- Update Information: Update mediainfo to 0.7.98. -------------------------------------------------------------------------------- ================================================================================ libzen-0.4.36-1.fc25 (FEDORA-2017-2b2288ad68) Shared library for libmediainfo and medianfo* -------------------------------------------------------------------------------- Update Information: Update mediainfo to 0.7.98. -------------------------------------------------------------------------------- ================================================================================ mediaconch-17.07-1.fc25 (FEDORA-2017-36514b6c23) Most relevant technical and tag data for video and audio files (CLI) -------------------------------------------------------------------------------- Update Information: Update to 17.07 -------------------------------------------------------------------------------- ================================================================================ mediainfo-0.7.98-1.fc25 (FEDORA-2017-2b2288ad68) Supplies technical and tag information about a video or audio file (CLI) -------------------------------------------------------------------------------- Update Information: Update mediainfo to 0.7.98. -------------------------------------------------------------------------------- ================================================================================ mingw-gdk-pixbuf-2.36.8-1.fc25 (FEDORA-2017-8e3983960b) MinGW Windows GDK Pixbuf library -------------------------------------------------------------------------------- Update Information: MinGW cross compiled gdk-pixbuf 2.36.8 release. -------------------------------------------------------------------------------- ================================================================================ nginx-1.12.1-1.fc25 (FEDORA-2017-c27a947af1) A high performance web server and reverse proxy server -------------------------------------------------------------------------------- Update Information: This update includes nginx 1.12.1, fixing CVE-2017-7529, and adds the http_auth_request module. See http://mailman.nginx.org/pipermail/nginx- announce/2017/000200.html for more information on CVE-2017-7529. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1471106 - [patch] enable nginx http_auth_request_module https://bugzilla.redhat.com/show_bug.cgi?id=1471106 [ 2 ] Bug #1469924 - CVE-2017-7529 nginx: Integer overflow in nginx range filter module leading to memory disclosure [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1469924 -------------------------------------------------------------------------------- ================================================================================ p11-kit-0.23.8-1.fc25 (FEDORA-2017-bd0324f3e9) Library for loading and sharing PKCS#11 modules -------------------------------------------------------------------------------- Update Information: This updates p11-kit to the latest upstream release: https://github.com/p11-glue/p11-kit/releases/tag/0.23.8 The previous package was based on 0.23.2, and so this update includes a fix for rhbz#1477676. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1477676 - trust anchor complains about invalid attribute and fails when a new certificate tries to store into trust place https://bugzilla.redhat.com/show_bug.cgi?id=1477676 -------------------------------------------------------------------------------- ================================================================================ php-pecl-timecop-1.2.8-1.fc25 (FEDORA-2017-cc6482c5c9) Time travel and freezing extension -------------------------------------------------------------------------------- Update Information: A PHP extension providing "time travel" and "time freezing" capabilities, inspired by ruby timecop gem. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1468454 - Review Request: php-pecl-timecop - Time travel and freezing extension https://bugzilla.redhat.com/show_bug.cgi?id=1468454 -------------------------------------------------------------------------------- ================================================================================ syncthing-0.14.36-2.fc25 (FEDORA-2017-407a2d92db) Continuous File Synchronization -------------------------------------------------------------------------------- Update Information: Initial package for fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1427634 - Review Request: syncthing - Continuous File Synchronization https://bugzilla.redhat.com/show_bug.cgi?id=1427634 -------------------------------------------------------------------------------- ================================================================================ vim-8.0.946-1.fc25 (FEDORA-2017-36c2c88b14) The VIM editor -------------------------------------------------------------------------------- Update Information: The newest upstream commit. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@lists.fedoraproject.org To unsubscribe send an email to test-le...@lists.fedoraproject.org
