The Fedora Project is pleased to announce the immediate availability of the
Fedora 25 Alpha, an important milestone on the road to our Fedora 25 release
Download the prerelease from our Get Fedora site:
Or, check out one of our popular variants:
== Alternative Architectures ==
We are also simultaneously releasing the F25 Alpha for Power64 and 64-bit ARM
(AArch64). These are available from:
== What is the Alpha release? ==
The Alpha release contains all the features of Fedora 25's editions in a form
that anyone can help test. This testing, guided by the Fedora QA team, helps
us target and identify bugs. When these bugs are fixed, we make a Beta release
available. A Beta release is code-complete and bears a very strong resemblance
to the third and final release. The final release of Fedora 25 is expected in
November. If you take the time to download and try out the Alpha, you can
check and make sure the things that are important to YOU are working. Every
bug you find and report doesn't just help you, it improves the experience of
millions of Fedora users worldwide! Together, we can make Fedora rock-solid.
We have a culture of coordinating new features and pushing fixes upstream as
much as we can, and your feedback improves not only Fedora, but Linux and Free
software as a whole.
== Issues and Details ==
Since this is an alpha release, we expect that you may encounter bugs or
missing features. To report issues encountered during testing, contact the
Fedora QA team via the mailing list or in #fedora-qa on Freenode. As testing
progresses, common issues are tracked on the Common F25 Bugs page.
For tips on reporting a bug effectively, read "how to file a bug report".
== Release Schedule ==
The full release schedule is available on the Fedora wiki:
The current schedule calls for a beta release towards the middle of October,
and the final release in November. Be aware that these dates are development
targets. Some projects release on a set date regardless of feature
completeness or bugs; others wait until certain thresholds for functionality
or testing are met. Fedora uses a hybrid model, with milestones subject to
adjustment. This allows us to make releases with new features and newly-
integrated and updated upstream software while also retaining high quality.
Fedora Release Engineering
(Dennis, Peter, Kevin, Mohan, Adam, Randy)
Planned Outage: copr backend filesystem check - 2016-08-22 21:00 UTC
There will be an outage starting at 2016-08-22 21:00 UTC, which will
last approximately 4 hours.
To convert UTC to your local time, take a look at
date -d '2016-08-22 21:00 UTC'
Reason for outage:
We have noticed some errors on the copr backend storage volume, so we
are going to unmount it and run a filesystem check on it to make sure
everything is functioning normally. During the outage window, copr
repos will not be available and new builds will queue up until the
outage is over.
Services not listed are not affected by this outage.
Ticket Link: https://fedorahosted.org/fedora-infrastructure/ticket/5440
Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.
-----BEGIN PGP SIGNED MESSAGE-----
SUMMARY: Vulnerability identified and fixed in FAS. No effect on
package content, the Fedora OS, or general users.
The Fedora Infrastructure team identified a serious vulnerability in
the Fedora Account System (FAS) web application. This flaw would allow
a specifically formatted HTTP request to be authenticated as any
requested user. The flaw was caused by a logic problem wherein the FAS
web application would accept client certificates that were not
intended to be supported. If the authenticated user had appropriate
privileges, the attacker would then be able to add, edit, or remove
user or group information.
The flaw has been patched and verified fixed in the production
FAS. Other users of FAS have been notified. The Infrastructure team is
still investigating FAS logs for user and group changes, and other
historical records that would be affected by exploiting this
issue. However, at the time of this writing, the team has no reason to
believe the flaw has been exploited.
Specifically, the team is confident package content in the Fedora
product is not affected by this flaw. For example, activities related
to package content in dist-git generate notices to maintainers, and
the discovered flaw would not allow an attacker to circumvent these or
other safeguards. Also, this flaw is irrelevant to users of the Fedora
operating system who do not use FAS.
At this time, we are not requiring any remedial action from FAS
account holders. If our investigation reveals any additional relevant
information, we’ll provide an update to the community.
This issue has been assigned as CVE-2016-1000038.
Paul W. Frields
Fedora Engineering Manager
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----