The following Fedora 25 Security updates need testing:
Age URL
132
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170
chicken-4.11.0-3.fc25
83
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6dd3bc37c3
compat-guile18-1.8.8-14.fc25
19
https://bodhi.fedoraproject.org/updates/FEDORA-2016-01eba63bcc
FlightGear-2016.3.1-3.fc25
15
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c614315d29
squid-4.0.17-1.fc25
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25
7
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8d8d7d6d47
tinymce-4.5.1-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6941d25875
php-PHPMailer-5.2.21-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2016-12c39f958b sway-0.11-4.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-87dc28b1a0
w3m-0.5.3-27.git20161120.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f7ef82c1b4
php-swiftmailer-5.4.5-1.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a4b06a036b
libpng10-1.0.67-1.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5c8dce58c9
mingw-libpng-1.6.27-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1a7b8c0730
pcsc-lite-1.8.20-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e7f9c23746 flac-1.3.2-1.fc25
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0d976df9e
mingw-flac-1.3.2-1.fc25
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c629f16f6c
subversion-1.9.5-1.fc25
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4767e2991d
openssh-7.4p1-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7b181f9c98
qpid-java-6.0.4-5.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-16a7aa8e4f
springframework-security-3.2.10-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c870ccc88
thunderbird-45.6.0-2.fc25
The following Fedora 25 Critical Path updates have yet to be approved:
Age URL
39
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a1231ada78
python-productmd-1.3-1.fc25
39
https://bodhi.fedoraproject.org/updates/FEDORA-2016-940ecb5c59
wpa_supplicant-2.6-1.fc25
25
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9c25320b71
pungi-4.1.11-3.fc25
15
https://bodhi.fedoraproject.org/updates/FEDORA-2016-469935a9d1
xorg-x11-server-1.19.0-3.fc25
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-184e121855
lxpanel-0.9.2-1.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-06be5d9fb4
breeze-icon-theme-5.29.0-1.fc25 extra-cmake-modules-5.29.0-1.fc25 kf5-5.29.0-1.fc25
kf5-attica-5.29.0-1.fc25 kf5-baloo-5.29.0-1.fc25 kf5-bluez-qt-5.29.0-1.fc25
kf5-frameworkintegration-5.29.0-1.fc25 kf5-kactivities-5.29.0-1.fc25
kf5-kactivities-stats-5.29.0-1.fc25 kf5-kapidox-5.29.0-1.fc25 kf5-karchive-5.29.0-1.fc25
kf5-kauth-5.29.0-1.fc25 kf5-kbookmarks-5.29.0-1.fc25 kf5-kcmutils-5.29.0-1.fc25
kf5-kcodecs-5.29.0-1.fc25 kf5-kcompletion-5.29.0-1.fc25 kf5-kconfig-5.29.0-1.fc25
kf5-kconfigwidgets-5.29.0-1.fc25 kf5-kcoreaddons-5.29.0-1.fc25 kf5-kcrash-5.29.0-1.fc25
kf5-kdbusaddons-5.29.0-1.fc25 kf5-kdeclarative-5.29.0-1.fc25 kf5-kded-5.29.0-1.fc25
kf5-kdelibs4support-5.29.0-1.fc25 kf5-kdesignerplugin-5.29.0-1.fc25
kf5-kdesu-5.29.0-1.fc25 kf5-kdewebkit-5.29.0-1.fc25 kf5-kdnssd-5.29.0-1.fc25
kf5-kdoctools-5.29.0-1.fc25 kf5-kemoticons-5.29.0-1.fc25 kf5-kfilemetadata-5.29.0-1.fc25
kf5-kglobalaccel-5.29.0-1.fc25 kf5-kguiad
dons-5.29.0-1.fc25 kf5-khtml-5.29.0-1.fc25 kf5-ki18n-5.29.0-1.fc25
kf5-kiconthemes-5.29.0-1.fc25 kf5-kidletime-5.29.0-1.fc25 kf5-kimageformats-5.29.0-1.fc25
kf5-kinit-5.29.0-1.fc25 kf5-kio-5.29.0-1.fc25 kf5-kitemmodels-5.29.0-1.fc25
kf5-kitemviews-5.29.0-1.fc25 kf5-kjobwidgets-5.29.0-1.fc25 kf5-kjs-5.29.0-1.fc25
kf5-kjsembed-5.29.0-1.fc25 kf5-kmediaplayer-5.29.0-1.fc25 kf5-knewstuff-5.29.0-1.fc25
kf5-knotifications-5.29.0-1.fc25 kf5-knotifyconfig-5.29.0-1.fc25
kf5-kpackage-5.29.1-3.fc25 kf5-kparts-5.29.0-1.fc25 kf5-kpeople-5.29.0-1.fc25
kf5-kplotting-5.29.0-1.fc25 kf5-kpty-5.29.0-1.fc25 kf5-kross-5.29.0-1.fc25
kf5-krunner-5.29.0-1.fc25 kf5-kservice-5.29.0-1.fc25 kf5-ktexteditor-5.29.0-1.fc25
kf5-ktextwidgets-5.29.0-1.fc25 kf5-kunitconversion-5.29.0-1.fc25 kf5-kwallet-5.29.0-1.fc25
kf5-kwayland-5.29.0-1.fc25 kf5-kwidgetsaddons-5.29.0-1.fc25
kf5-kwindowsystem-5.29.0-1.fc25 kf5-kxmlgui-5.29.0-1.fc25 kf5-kxmlrpcclient-5.29.0-1.fc25
kf5-modemmanager-qt-5.29.0-1.fc25 kf5-networkmanager-qt
-5.29.0-1.fc25 kf5-plasma-5.29.0-1.fc25 kf5-solid-5.29.0-1.fc25 kf5-sonnet-5.29.0-1.fc25
kf5-syntax-highlighting-5.29.0-1.fc25 kf5-threadweaver-5.29.0-1.fc25
oxygen-icon-theme-5.29.0-1.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f51425625
libgweather-3.20.4-1.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab324eaf7a
libnl3-3.2.29-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e7f9c23746 flac-1.3.2-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c9f60482a4
perl-threads-shared-1.54-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b6554ec1cc
libproxy-0.4.13-1.fc25
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4767e2991d
openssh-7.4p1-1.fc25
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d9f6519652
hwdata-0.296-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c870ccc88
thunderbird-45.6.0-2.fc25
The following builds have been pushed to Fedora 25 updates-testing
ebtree-6.0.8-4.fc25
gambas3-3.9.2-1.fc25
genius-1.0.22-2.fc25
getdp-2.11.0-1.fc25
lensfun-0.3.2-7.fc25
libsigrokdecode-0.4.1-1.fc25
lightdm-1.18.3-1.fc25
lilypond-2.19.54-1.fc25
lilypond-doc-2.19.54-1.fc25
lirc-0.9.4c-7.fc25
lmdb-0.9.19-1.fc25
mod_perl-2.0.10-2.fc25
nodejs-int64-buffer-0.1.9-1.fc25
noise-0.4.0.2-4.fc25
ocid-0-0.7.git2e6070f.fc25
petsc-3.7.5-1.fc25
prooftree-0.13-1.fc25
ptrash-1.1-1.fc25
python-cvss-1.6-2.fc25
python-fedmsg-atomic-composer-2016.3-1.fc25
python-futures-3.0.5-2.fc25
qpid-java-6.0.4-5.fc25
rpcbind-0.2.4-1.fc25
rpmgrill-0.29-1.fc25
scratch-text-editor-2.3-7.fc25
springframework-security-3.2.10-1.fc25
texlive-2016-30.20160520.fc25
thunderbird-45.6.0-2.fc25
vdr-epg-daemon-1.1.73-1.fc25
vnstat-1.16-1.fc25
Details about builds:
================================================================================
ebtree-6.0.8-4.fc25 (FEDORA-2017-e10fdab597)
Elastic binary tree library
--------------------------------------------------------------------------------
Update Information:
New package ebtree ebtree is a binary search tree specially optimized to very
frequently store, retrieve and delete discrete integer or binary data without
having to deal with memory allocation. ebtree is normally distributed as part of
another package, like haproxy. This package offers a shared library of ebtree
for common usage. Homepage:
http://1wt.eu/articles/ebtree/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1371158 - Review Request: ebtree - Elastic binary tree library
https://bugzilla.redhat.com/show_bug.cgi?id=1371158
--------------------------------------------------------------------------------
================================================================================
gambas3-3.9.2-1.fc25 (FEDORA-2017-a18a30b49a)
IDE based on a basic interpreter with object extensions
--------------------------------------------------------------------------------
Update Information:
Update to 3.9.2. Full changelog here:
http://gambaswiki.org/wiki/doc/release/3.9.2
--------------------------------------------------------------------------------
================================================================================
genius-1.0.22-2.fc25 (FEDORA-2017-2487092f96)
An arbitrary precision integer and multiple precision floatingpoint calculator
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.22. Move gtksourceview files into gnome-genius subpackage.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401890 - packaging bug (genius package contains files that should be in
gnome-genius)
https://bugzilla.redhat.com/show_bug.cgi?id=1401890
[ 2 ] Bug #1314842 - update 1.0.21
https://bugzilla.redhat.com/show_bug.cgi?id=1314842
--------------------------------------------------------------------------------
================================================================================
getdp-2.11.0-1.fc25 (FEDORA-2017-2a3e3770c7)
General Environment for the Treatment of Discrete Problems
--------------------------------------------------------------------------------
Update Information:
Update to 2.11.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409937 - getdp-2.11.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1409937
--------------------------------------------------------------------------------
================================================================================
lensfun-0.3.2-7.fc25 (FEDORA-2017-a3018ee07a)
Library to rectify defects introduced by photographic lenses
--------------------------------------------------------------------------------
Update Information:
Adds python3-lensfun dependency to lensfun-tools.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409893 - lensfun-tools package should depend on python3-lensfun
https://bugzilla.redhat.com/show_bug.cgi?id=1409893
--------------------------------------------------------------------------------
================================================================================
libsigrokdecode-0.4.1-1.fc25 (FEDORA-2017-6191890c76)
Basic API for running protocol decoders
--------------------------------------------------------------------------------
Update Information:
- bug fix and enhancement release -
https://www.sigrok.org/blog/libsigrokdecode-041-released
--------------------------------------------------------------------------------
================================================================================
lightdm-1.18.3-1.fc25 (FEDORA-2017-3f93b51235)
A cross-desktop Display Manager
--------------------------------------------------------------------------------
Update Information:
Update to latest release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405080 - X resources not re-read after logout
https://bugzilla.redhat.com/show_bug.cgi?id=1405080
--------------------------------------------------------------------------------
================================================================================
lilypond-2.19.54-1.fc25 (FEDORA-2017-02f7723026)
A typesetting system for music notation
--------------------------------------------------------------------------------
Update Information:
2.19.54
--------------------------------------------------------------------------------
================================================================================
lilypond-doc-2.19.54-1.fc25 (FEDORA-2017-02f7723026)
HTML documentation for LilyPond
--------------------------------------------------------------------------------
Update Information:
2.19.54
--------------------------------------------------------------------------------
================================================================================
lirc-0.9.4c-7.fc25 (FEDORA-2017-81be1a986e)
The Linux Infrared Remote Control package
--------------------------------------------------------------------------------
Update Information:
Upstream fixes: - bad ircat --config handling, - lircd segfault on
SET_INPUTLOG package, - FTBS in client building against lirc (missing
config.h).
--------------------------------------------------------------------------------
================================================================================
lmdb-0.9.19-1.fc25 (FEDORA-2017-4b16af21c9)
Memory-mapped key-value database
--------------------------------------------------------------------------------
Update Information:
Updated lmdb to the latest upstream version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409019 - lmdb-0.9.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1409019
--------------------------------------------------------------------------------
================================================================================
mod_perl-2.0.10-2.fc25 (FEDORA-2017-206cd7f7fb)
An embedded Perl interpreter for the Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:
This release corrects tests to pass wirh httpd 2.4.25.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409610 - mod_perl-2.0.10-1.fc26 FTBFS: t/apache/read.t test fails
https://bugzilla.redhat.com/show_bug.cgi?id=1409610
--------------------------------------------------------------------------------
================================================================================
nodejs-int64-buffer-0.1.9-1.fc25 (FEDORA-2017-8a3dfe5d3b)
64bit Long Integer on Buffer/Array/ArrayBuffer in Pure JavaScript
--------------------------------------------------------------------------------
Update Information:
64bit Long Integer on Buffer/Array/ArrayBuffer in Pure JavaScript
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397620 - Review Request: nodejs-int64-buffer - 64bit Long Integer on
Buffer/Array/ArrayBuffer in Pure JavaScript
https://bugzilla.redhat.com/show_bug.cgi?id=1397620
--------------------------------------------------------------------------------
================================================================================
noise-0.4.0.2-4.fc25 (FEDORA-2017-97f2dedf24)
The official elementary music player
--------------------------------------------------------------------------------
Update Information:
This is a new package for f25 proper. It was previously available via my
elementary-stable COPR repository.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409882 - Review Request: noise - The official elementary music player
https://bugzilla.redhat.com/show_bug.cgi?id=1409882
--------------------------------------------------------------------------------
================================================================================
ocid-0-0.7.git2e6070f.fc25 (FEDORA-2017-59e06d79d7)
OCI-based implementation of Kubernetes Container Runtime Interface
--------------------------------------------------------------------------------
Update Information:
Switch locate to /var/lib/containers for images ---- Resolves: #1392977 -
first upload to Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1392977 - Review Request: ocid - OCI-based implementation of Kubernetes
Container Runtime Interface
https://bugzilla.redhat.com/show_bug.cgi?id=1392977
--------------------------------------------------------------------------------
================================================================================
petsc-3.7.5-1.fc25 (FEDORA-2017-94b8a596bc)
Portable Extensible Toolkit for Scientific Computation
--------------------------------------------------------------------------------
Update Information:
- Update to 3.7.5
--------------------------------------------------------------------------------
================================================================================
prooftree-0.13-1.fc25 (FEDORA-2017-465814cf85)
Proof tree visualization for Proof General
--------------------------------------------------------------------------------
Update Information:
Changes in version 0.13: - fix title of orphaned node windows - don't update
content of sticky node windows - fix wrong existential info in external node
windows - add history list in external sequent windows - quit prooftree when
closing -config or -help-dialog windows - update help window text - update man
page - show selected menu entry - use stock items for most buttons - close old
PG log file, before changing it - catch input log file opening errors - display
a warning for config file version errors - let the cancel button reset the
configuration - update evar parsing for 8.5 - compile with -safe-string
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409794 - prooftree-0.13 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1409794
--------------------------------------------------------------------------------
================================================================================
ptrash-1.1-1.fc25 (FEDORA-2017-2d398e2fb8)
Move file(s) to $XDG_DATA_HOME/Trash directory
--------------------------------------------------------------------------------
Update Information:
- New release v1.1 - Support xdg base directory and Trash specification so that
ptrash(1) is compatible with the desktop Trash.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1154282 - [rfe] support xdg base dir
https://bugzilla.redhat.com/show_bug.cgi?id=1154282
[ 2 ] Bug #1397674 - update 1.0.1
https://bugzilla.redhat.com/show_bug.cgi?id=1397674
--------------------------------------------------------------------------------
================================================================================
python-cvss-1.6-2.fc25 (FEDORA-2017-ac2b456ad2)
CVSS2/3 library with interactive calculator
--------------------------------------------------------------------------------
Update Information:
- New release v1.6. - Fix to ensure cvss2 score is never negative.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1402174 - python-cvss-v1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1402174
--------------------------------------------------------------------------------
================================================================================
python-fedmsg-atomic-composer-2016.3-1.fc25 (FEDORA-2016-bf2a514f37)
Composes atomic trees when Fedora repositories are updated
--------------------------------------------------------------------------------
Update Information:
Update to 2016.3
https://github.com/fedora-infra/fedmsg-atomic-
composer/releases/tag/2016.3
--------------------------------------------------------------------------------
================================================================================
python-futures-3.0.5-2.fc25 (FEDORA-2017-7dc2fc7752)
Backport of the concurrent.futures package from Python 3.2
--------------------------------------------------------------------------------
Update Information:
Obsolete/provide python-futures
--------------------------------------------------------------------------------
================================================================================
qpid-java-6.0.4-5.fc25 (FEDORA-2017-7b181f9c98)
Apache Qpid Java Components
--------------------------------------------------------------------------------
Update Information:
fix CVE-2016-8741 (rhbz#1409836,1409835)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409835 - CVE-2016-8741 qpid-java: Information leakage via specific
AuthenticationProviders
https://bugzilla.redhat.com/show_bug.cgi?id=1409835
--------------------------------------------------------------------------------
================================================================================
rpcbind-0.2.4-1.fc25 (FEDORA-2017-26a132511e)
Universal Addresses to RPC Program Number Mapper
--------------------------------------------------------------------------------
Update Information:
commit ee569be4d6189a68b38d2af162af00ff475b48e2 Fix boot dependency in
systemd service file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401561 - rpcbind-0.2.3-12.rc2.fc24 fails to start at boot
https://bugzilla.redhat.com/show_bug.cgi?id=1401561
--------------------------------------------------------------------------------
================================================================================
rpmgrill-0.29-1.fc25 (FEDORA-2017-908e8c0e6f)
A utility for catching problems in koji builds
--------------------------------------------------------------------------------
Update Information:
bz1199960: fixes missing entries for armv7hl
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199960 - Arch 'armv7hl' not in my Is_64
https://bugzilla.redhat.com/show_bug.cgi?id=1199960
[ 2 ] Bug #1202633 - [RFE] Allow to specify which (sub-) tests to run in rpmgrill
https://bugzilla.redhat.com/show_bug.cgi?id=1202633
--------------------------------------------------------------------------------
================================================================================
scratch-text-editor-2.3-7.fc25 (FEDORA-2017-bde72325e6)
The text editor that works
--------------------------------------------------------------------------------
Update Information:
This is a new package for f25 proper. It was previously available via my
elementary-stable COPR repository.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409926 - Review Request: scratch-text-editor - The text editor that works
https://bugzilla.redhat.com/show_bug.cgi?id=1409926
--------------------------------------------------------------------------------
================================================================================
springframework-security-3.2.10-1.fc25 (FEDORA-2017-16a7aa8e4f)
Modular Java/J2EE application security framework
--------------------------------------------------------------------------------
Update Information:
update to 3.2.10.RELEASE, fix CVE-2016-9879
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409838 - CVE-2016-9879 Spring Security: Improper handling of path parameters
allows bypassing the security constraint
https://bugzilla.redhat.com/show_bug.cgi?id=1409838
--------------------------------------------------------------------------------
================================================================================
texlive-2016-30.20160520.fc25 (FEDORA-2017-e0a46b0125)
TeX formatting system
--------------------------------------------------------------------------------
Update Information:
Fix Provides/Obsoletes/Requires logic around uptex/uplatex that was causing
upgrade issues from F24 to F25.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397766 - texlive in Fedora 25 is older than texlive in Fedora 24
https://bugzilla.redhat.com/show_bug.cgi?id=1397766
--------------------------------------------------------------------------------
================================================================================
thunderbird-45.6.0-2.fc25 (FEDORA-2017-7c870ccc88)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
For changes see:
https://www.mozilla.org/en-US/thunderbird/45.6.0/releasenotes/
--------------------------------------------------------------------------------
================================================================================
vdr-epg-daemon-1.1.73-1.fc25 (FEDORA-2017-b9a1a43b60)
A daemon to download EPG data from internet and manage it in a mysql database
--------------------------------------------------------------------------------
Update Information:
Update to 1.1.73 ---- Update to 1.1.72
--------------------------------------------------------------------------------
================================================================================
vnstat-1.16-1.fc25 (FEDORA-2017-2c2b56fa3a)
Console-based network traffic monitor
--------------------------------------------------------------------------------
Update Information:
Upgrade to 1.16 (#1408565)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1408565 - vnstat-v1.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1408565
--------------------------------------------------------------------------------