The following Fedora 25 Security updates need testing:
Age URL
141
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25
40
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e
python-XStatic-jquery-ui-1.12.0.1-4.fc25
20
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f85c37ae3d
squirrelmail-1.4.22-19.fc25
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d625a8d2b lynis-2.5.0-1.fc25
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-58170ecb09
jbig2dec-0.12-4.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9699cf7eac mupdf-1.10a-6.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2cc18e2b3b smb4k-1.2.2-3.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-cc606f1001
chicken-4.12.0-2.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7fc53a671f
deluge-1.3.15-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-410749716d
FlightGear-2016.3.1-4.fc25
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-40a6d19c7b
FlightCrew-0.9.1-7.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-466d902289
kernel-4.10.16-200.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0e08170fd3
libvncserver-0.9.11-2.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-dc7ce3b314
chromium-58.0.3029.110-2.fc25
chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d968f5a95f
wordpress-4.7.5-1.fc25
The following Fedora 25 Critical Path updates have yet to be approved:
Age URL
12
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9ecf41f097
python-productmd-1.7-1.fc25
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6d5aa85fd7
livecd-tools-24.4-1.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-41124b7b1d
qt5-qtbase-5.7.1-16.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e504c7cb8f
nss-3.30.2-1.1.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-116fdd792f
pungi-4.1.15-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6a5530c175
gtk3-3.22.15-1.fc25
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9a20533d62
selinux-policy-3.13.1-225.16.fc25
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-5a57c23040
glusterfs-3.10.2-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b8d8e95f8a
tigervnc-1.8.0-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4543a1b6b4
gssproxy-0.7.0-6.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b8e25a859 less-481-7.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f18713a47e
storaged-2.6.2-4.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-466d902289
kernel-4.10.16-200.fc25
The following builds have been pushed to Fedora 25 updates-testing
GeoIP-1.6.11-1.fc25
certbot-0.14.1-2.fc25
chromium-58.0.3029.110-2.fc25
chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc25
copr-dist-git-0.27-1.fc25
copr-frontend-1.109-1.fc25
engrampa-1.16.0-2.fc25
fedora-arm-installer-1.99.16-1.fc25
gimagereader-3.2.1-4.fc25
gnote-3.22.2-1.fc25
golang-github-cznic-internal-1.0.0-1.20170516.git6c349f9.fc25
gssproxy-0.7.0-6.fc25
kernel-4.10.16-200.fc25
kompose-0.6.0-0.1.fc25
layla-fonts-2.0-1.fc25
less-481-7.fc25
libcxx-3.9.1-1.fc25
libcxxabi-3.9.1-1.fc25
libreoffice-5.2.7.2-2.fc25
libvncserver-0.9.11-2.fc25
lightdm-autologin-greeter-1.0-1.fc25
lightdm-settings-1.0.7-1.fc25
mate-menu-17.10.1-1.fc25
mraa-1.7.0-1.fc25
petsc-3.7.6-3.fc25
php-justinrainbow-json-schema5-5.2.1-1.fc25
piglit-1.0.20170515-4.GITa969d23f.fc25
powerline-2.6-1.fc25
pyp2rpm-3.2.2-1.fc25
python-Bottleneck-1.2.1-1.fc25
python-acme-0.14.1-1.fc25
python-cassandra-driver-3.9.0-2.fc25
python-certbot-apache-0.14.1-1.fc25
python-x2go-0.5.0.5-1.fc25
qt5-qtwebengine-5.8.0-14.fc25
root-6.08.06-7.fc25
runc-1.0.0-6.git75f8da7.fc25.1
sedutil-1.12-3.fc25
storaged-2.6.2-4.fc25
tigervnc-1.8.0-1.fc25
vala-0.34.8-1.fc25
waf-1.9.11-1.fc25
wine-2.8-1.fc25
wordpress-4.7.5-1.fc25
Details about builds:
================================================================================
GeoIP-1.6.11-1.fc25 (FEDORA-2017-fc48aa2077)
Library for country/city/organization to IP address or hostname mapping
--------------------------------------------------------------------------------
Update Information:
This update fixes a crash that could happen when reading a corrupted database
file (
https://github.com/maxmind/geoip-api-c/issues/87).
--------------------------------------------------------------------------------
================================================================================
certbot-0.14.1-2.fc25 (FEDORA-2017-f1071b956e)
A free, automated certificate authority client
--------------------------------------------------------------------------------
Update Information:
* Update to 0.14.1 * Tweaks to the renew timer (bz#1444814 bz#1441846)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1441846 - Improvements to timer randomization
https://bugzilla.redhat.com/show_bug.cgi?id=1441846
[ 2 ] Bug #1448423 - python-acme-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448423
[ 3 ] Bug #1448431 - python-certbot-apache-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448431
[ 4 ] Bug #1444814 - certbot: error: argument --pre-hook: expected one argument
https://bugzilla.redhat.com/show_bug.cgi?id=1444814
[ 5 ] Bug #1448430 - certbot-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448430
--------------------------------------------------------------------------------
================================================================================
chromium-58.0.3029.110-2.fc25 (FEDORA-2017-dc7ce3b314)
A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:
Update to chromium 58. Move chrome-remote-desktop to user systemd service.
Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,
CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,
CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443850
[ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443849
[ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in
networking
https://bugzilla.redhat.com/show_bug.cgi?id=1443848
[ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443847
[ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443845
[ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia
https://bugzilla.redhat.com/show_bug.cgi?id=1443841
[ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps
https://bugzilla.redhat.com/show_bug.cgi?id=1443840
[ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443839
[ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443838
[ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443837
[ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print
preview
https://bugzilla.redhat.com/show_bug.cgi?id=1443836
[ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1443835
[ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc
https://bugzilla.redhat.com/show_bug.cgi?id=1448031
--------------------------------------------------------------------------------
================================================================================
chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc25 (FEDORA-2017-dc7ce3b314)
Google Native Client Toolchain
--------------------------------------------------------------------------------
Update Information:
Update to chromium 58. Move chrome-remote-desktop to user systemd service.
Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,
CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,
CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443850
[ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443849
[ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in
networking
https://bugzilla.redhat.com/show_bug.cgi?id=1443848
[ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443847
[ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443845
[ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia
https://bugzilla.redhat.com/show_bug.cgi?id=1443841
[ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps
https://bugzilla.redhat.com/show_bug.cgi?id=1443840
[ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443839
[ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443838
[ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443837
[ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print
preview
https://bugzilla.redhat.com/show_bug.cgi?id=1443836
[ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1443835
[ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc
https://bugzilla.redhat.com/show_bug.cgi?id=1448031
--------------------------------------------------------------------------------
================================================================================
copr-dist-git-0.27-1.fc25 (FEDORA-2017-6139e0cfc4)
Copr services for Dist Git server
--------------------------------------------------------------------------------
Update Information:
Fixes problem with fedpkg builds, see
https://bugzilla.redhat.com/show_bug.cgi?id=1447102
--------------------------------------------------------------------------------
================================================================================
copr-frontend-1.109-1.fc25 (FEDORA-2017-fa79656130)
Frontend for Copr
--------------------------------------------------------------------------------
Update Information:
- debugging infos in build_on_pagure_commit.py - error handling in
build_on_pagure_commit.py - Bug 1448333 - Unable to edit someone's else project
settings - do not require .git suffix in Git repo URL for webhook rebuilds of
Tito and MockSCM packages - use MBS for building modules via UI - add class for
communicating with MBS - add NSV property for modulemd generator - "#55 Builds
triggered by GitHub WebHook (tag event) do not enable Internet during build" -
use ModulemdGenerator for construnting the yaml file ---- - use custom chroot
for modules instead of F24 - send the original filename to MBS - get rid of
'unknown key username' warning - fix modularity unit test - validate uploaded
yaml file - dont print how to use a module when it is not succeeded - move
MBS_URL to config - allow to submit optional params to mbs - frontend act as a
gateway between user and mbs - allow to create module and it's action separately
- make new-lines work in <code> blocks - Bug 1442047 - Regenerate action is not
restricted to an owner of the project. - redirect output of update_indexes_quick
in cron into /dev/null - validate fork name characters (RhBug: 1435123) - Bug
1433508 - Half-cancelled builds are not deleted correctly. - Add extra step for
setting up GitHub Webhook - add "buildroot" repository into generated build-
config - python3 compatibility fixes in frontend core - correctly set repo and
ref to point to our dist-git - replace fedorahosted links - replace no-longer
working fedorahosted links with the pagure ones ---- Changes from the last
released version copr-frontend 1.104-1: - fix for python-flask-whooshee-0.4.1-2
- added alembic fedora revision to enable rawhide - rename add_debug_user
command to add_user - show info about auto-createrepo only when disabled - only
require python2-flask-whooshee on f25+, require python-flask- whooshee otherwise
- proxyuser feature (RhBug: 1381574) - allow setting proxy/no-proxy when
altering user - rewrite broken add_debug_user command - add boolean proxy column
to user table - care only about packages in filter - specify module components
buildorder - fill module rpm components - separate schema and data (fedora)
migrations - update option descriptions in project settings page - always show
"Regenerate" button for recreating backend repodata - ensure mock triplets are
unique - show a quick guide how to install 'dnf module' command - add info what
to do with modulemd - allow to have multiple info lines per form field - print
info when there are no packages in a module - suggest dnf to enable module -
make repo filter support group coprs for copr:// scheme - move creation of copr-
frontend-devel macro definition file from %%check to %%install - handle GitHub
tag event webhooks - change dependency from python-flask-whooshee to python2
-flask-whooshee - fix package icon for group projects (RhBug: 1403348) - return
proper error when module not found - hide FAS groups for non-FAS deployments -
provide functional API url to renew token - krb5 login - new replaceable
welcome.html template - make FAS opt-out - fix traceback when forking
--------------------------------------------------------------------------------
================================================================================
engrampa-1.16.0-2.fc25 (FEDORA-2017-112c5e9c28)
MATE Desktop file archiver
--------------------------------------------------------------------------------
Update Information:
- fix rhbz (#1422004)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1422004 - Wrong behavior of Skip button in Replace file dialog
https://bugzilla.redhat.com/show_bug.cgi?id=1422004
--------------------------------------------------------------------------------
================================================================================
fedora-arm-installer-1.99.16-1.fc25 (FEDORA-2017-56e540eab6)
Writes binary image files to any specified block device
--------------------------------------------------------------------------------
Update Information:
Update to 1.99.16 ---- Update to 1.99.15 ---- Add support for numerous new
devices, various bug fixes and improvements
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1447456 - fedora-arm-installer ask for sudo root password uselessly
https://bugzilla.redhat.com/show_bug.cgi?id=1447456
[ 2 ] Bug #1447457 - --supported-boards do not work
https://bugzilla.redhat.com/show_bug.cgi?id=1447457
--------------------------------------------------------------------------------
================================================================================
gimagereader-3.2.1-4.fc25 (FEDORA-2017-8e10c6504d)
A front-end to tesseract-ocr
--------------------------------------------------------------------------------
Update Information:
This update backports a patch to fix some missing icons in the Gtk interface.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1451357 - There seems to be some missing icons.
https://bugzilla.redhat.com/show_bug.cgi?id=1451357
--------------------------------------------------------------------------------
================================================================================
gnote-3.22.2-1.fc25 (FEDORA-2017-e19793f0d9)
Note-taking application
--------------------------------------------------------------------------------
Update Information:
gnote 3.22.2 release. For details, see
https://mail.gnome.org/archives/ftp-
release-list/2017-March/msg00129.html
--------------------------------------------------------------------------------
================================================================================
golang-github-cznic-internal-1.0.0-1.20170516.git6c349f9.fc25 (FEDORA-2017-4a99112bea)
Shared dependencies for other cznic Go libraries
--------------------------------------------------------------------------------
Update Information:
Initial package for fedora. This is one of the (indirect) dependencies of
syncthing.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1431740 - Review Request: golang-github-cznic-internal - Shared dependencies
for other cznic Go libraries
https://bugzilla.redhat.com/show_bug.cgi?id=1431740
--------------------------------------------------------------------------------
================================================================================
gssproxy-0.7.0-6.fc25 (FEDORA-2017-4543a1b6b4)
GSSAPI Proxy
--------------------------------------------------------------------------------
Update Information:
* Fix segfault when no gssproxy config files are present. * Ported to gcc7.
--------------------------------------------------------------------------------
================================================================================
kernel-4.10.16-200.fc25 (FEDORA-2017-466d902289)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.10.16 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1447734 - CVE-2017-7487 kernel: Reference counter leak in ipxitf_ioctl
resulting into use after free
https://bugzilla.redhat.com/show_bug.cgi?id=1447734
--------------------------------------------------------------------------------
================================================================================
kompose-0.6.0-0.1.fc25 (FEDORA-2017-d0a7380e7c)
Tool to move from 'docker-compose' to Kubernetes
--------------------------------------------------------------------------------
Update Information:
Updated to latest release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1446862 - kompose-v0.6.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1446862
--------------------------------------------------------------------------------
================================================================================
layla-fonts-2.0-1.fc25 (FEDORA-2017-713cbf35c3)
A collection of traditional Arabic fonts
--------------------------------------------------------------------------------
Update Information:
- Fixed fonts. They work on MacOS now - Changed Latin letters and numbers
--------------------------------------------------------------------------------
================================================================================
less-481-7.fc25 (FEDORA-2017-6b8e25a859)
A text file browser similar to more, but better
--------------------------------------------------------------------------------
Update Information:
read correctly text files named accidentally '*.rpm' (rhbz#1449790)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1449790 - README.rpm is bad name for readme file
https://bugzilla.redhat.com/show_bug.cgi?id=1449790
--------------------------------------------------------------------------------
================================================================================
libcxx-3.9.1-1.fc25 (FEDORA-2017-34f3186fc2)
C++ standard library targeting C++11
--------------------------------------------------------------------------------
Update Information:
Sync with the rest of the llvm/clang stack.
--------------------------------------------------------------------------------
================================================================================
libcxxabi-3.9.1-1.fc25 (FEDORA-2017-34f3186fc2)
Low level support for a standard C++ library
--------------------------------------------------------------------------------
Update Information:
Sync with the rest of the llvm/clang stack.
--------------------------------------------------------------------------------
================================================================================
libreoffice-5.2.7.2-2.fc25 (FEDORA-2017-edf2fc2b5d)
Free Software Productivity Suite
--------------------------------------------------------------------------------
Update Information:
* an improvement for trackpad smooth scrolling under gtk3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1367846 - Scrolling is way too fast in writer
https://bugzilla.redhat.com/show_bug.cgi?id=1367846
--------------------------------------------------------------------------------
================================================================================
libvncserver-0.9.11-2.fc25 (FEDORA-2017-0e08170fd3)
Library to make writing a VNC server easy
--------------------------------------------------------------------------------
Update Information:
Update to latest stable release, include fixes for gnutls and gtk-vnc
compatibility.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1410168 - CVE-2016-9942 libvncserver: Heap-based buffer overflow in ultra.c
https://bugzilla.redhat.com/show_bug.cgi?id=1410168
[ 2 ] Bug #1410166 - CVE-2016-9941 libvncserver: Heap-based buffer overflow in
rfbproto.c
https://bugzilla.redhat.com/show_bug.cgi?id=1410166
--------------------------------------------------------------------------------
================================================================================
lightdm-autologin-greeter-1.0-1.fc25 (FEDORA-2017-0d0ec741d4)
Autologin greeter using LightDM
--------------------------------------------------------------------------------
Update Information:
Initial import
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1451134 - Review Request: lightdm-autologin-greeter - Autologin greeter using
LightDM
https://bugzilla.redhat.com/show_bug.cgi?id=1451134
--------------------------------------------------------------------------------
================================================================================
lightdm-settings-1.0.7-1.fc25 (FEDORA-2017-61cc79a169)
Configuration tool for the LightDM display manager
--------------------------------------------------------------------------------
Update Information:
* New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1451532 - lightdm-settings-1.0.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1451532
--------------------------------------------------------------------------------
================================================================================
mate-menu-17.10.1-1.fc25 (FEDORA-2017-6e3bc7c148)
Advanced Menu for the MATE Desktop
--------------------------------------------------------------------------------
Update Information:
update to 17.10.1
--------------------------------------------------------------------------------
================================================================================
mraa-1.7.0-1.fc25 (FEDORA-2017-22f699421a)
A low level skeleton library for Industrial IO Communication
--------------------------------------------------------------------------------
Update Information:
Update to 1.7.0
--------------------------------------------------------------------------------
================================================================================
petsc-3.7.6-3.fc25 (FEDORA-2017-8431554810)
Portable Extensible Toolkit for Scientific Computation
--------------------------------------------------------------------------------
Update Information:
- Update to 3.7.6 - Install petscvariables/petscrules - Install pkgconfig files
--------------------------------------------------------------------------------
================================================================================
php-justinrainbow-json-schema5-5.2.1-1.fc25 (FEDORA-2017-95394f7bec)
A library to validate a json schema
--------------------------------------------------------------------------------
Update Information:
**Version 5.2.1** * fix #353 Validation of JSON-Schema * fix #405 fix bug when
applying defaults * fix #408 SchemaStorage::addSchema() should call
BaseConsstraint::arrayToObjectRecursive() on the provide schemas * fix #409
[BUGFIX] Cast empty schema arrays to object * fix #411 [BUGFIX] Split
$objectDefinition into $schema and $properties * fix #415 Issue-414: Allow The
Option of T or space for Date time. * fix #416 Testcase for minProperties with
properties defined + Fix Test * fix #419 [BUGFIX] Split "uri" format into
"uri"
& "uri-reference", fix meta-schema bug * fix #421 [BUGFIX] Tweak
phpdocumentor
dependency to avoid install conflicts
--------------------------------------------------------------------------------
================================================================================
piglit-1.0.20170515-4.GITa969d23f.fc25 (FEDORA-2017-45b0b1a4bc)
Collection of automated tests for OpenGL implementations
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream to test Vulcan cards ---- Update to a much more
recent copy of piglit
--------------------------------------------------------------------------------
================================================================================
powerline-2.6-1.fc25 (FEDORA-2017-3240187554)
The ultimate status-line/prompt utility
--------------------------------------------------------------------------------
Update Information:
Update to version 2.6
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1448979 - powerline-2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448979
--------------------------------------------------------------------------------
================================================================================
pyp2rpm-3.2.2-1.fc25 (FEDORA-2017-6fcb40031a)
Convert Python packages to RPM SPECFILES
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.2
--------------------------------------------------------------------------------
================================================================================
python-Bottleneck-1.2.1-1.fc25 (FEDORA-2017-98e6eb8c77)
Collection of fast NumPy array functions written in Cython
--------------------------------------------------------------------------------
Update Information:
* New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1451146 - python-Bottleneck-1.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1451146
--------------------------------------------------------------------------------
================================================================================
python-acme-0.14.1-1.fc25 (FEDORA-2017-f1071b956e)
Python library for the ACME protocol
--------------------------------------------------------------------------------
Update Information:
* Update to 0.14.1 * Tweaks to the renew timer (bz#1444814 bz#1441846)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1441846 - Improvements to timer randomization
https://bugzilla.redhat.com/show_bug.cgi?id=1441846
[ 2 ] Bug #1448423 - python-acme-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448423
[ 3 ] Bug #1448431 - python-certbot-apache-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448431
[ 4 ] Bug #1444814 - certbot: error: argument --pre-hook: expected one argument
https://bugzilla.redhat.com/show_bug.cgi?id=1444814
[ 5 ] Bug #1448430 - certbot-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448430
--------------------------------------------------------------------------------
================================================================================
python-cassandra-driver-3.9.0-2.fc25 (FEDORA-2017-e5bcc2a309)
Python driver for Apache Cassandra
--------------------------------------------------------------------------------
Update Information:
Fix and enable tests on more (big endian) platforms
--------------------------------------------------------------------------------
================================================================================
python-certbot-apache-0.14.1-1.fc25 (FEDORA-2017-f1071b956e)
The apache plugin for certbot
--------------------------------------------------------------------------------
Update Information:
* Update to 0.14.1 * Tweaks to the renew timer (bz#1444814 bz#1441846)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1441846 - Improvements to timer randomization
https://bugzilla.redhat.com/show_bug.cgi?id=1441846
[ 2 ] Bug #1448423 - python-acme-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448423
[ 3 ] Bug #1448431 - python-certbot-apache-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448431
[ 4 ] Bug #1444814 - certbot: error: argument --pre-hook: expected one argument
https://bugzilla.redhat.com/show_bug.cgi?id=1444814
[ 5 ] Bug #1448430 - certbot-0.14.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1448430
--------------------------------------------------------------------------------
================================================================================
python-x2go-0.5.0.5-1.fc25 (FEDORA-2017-9992b0846a)
Python module providing X2Go client API
--------------------------------------------------------------------------------
Update Information:
Update to 0.5.0.5 - support for newer gevent versions (1.1 and higher)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1451150 - python-x2go-0.5.0.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1451150
--------------------------------------------------------------------------------
================================================================================
qt5-qtwebengine-5.8.0-14.fc25 (FEDORA-2017-105fb6d50f)
Qt5 - QtWebEngine components
--------------------------------------------------------------------------------
Update Information:
Fix rpm macros provided by -devel pkg to not conflict/override those from
qtbase.
--------------------------------------------------------------------------------
================================================================================
root-6.08.06-7.fc25 (FEDORA-2017-c39ad1072b)
Numerical data analysis framework
--------------------------------------------------------------------------------
Update Information:
Backport python 3 compatibility fixes from upstream. Fix for macro scope issue.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1437135 - Upstream Bug in python3-jupyroot
https://bugzilla.redhat.com/show_bug.cgi?id=1437135
[ 2 ] Bug #1448289 - variables declared in gROOT->Macro lost from scope
https://bugzilla.redhat.com/show_bug.cgi?id=1448289
[ 3 ] Bug #1451362 - CMake config refers to the wrong libJupyROOT.so
https://bugzilla.redhat.com/show_bug.cgi?id=1451362
--------------------------------------------------------------------------------
================================================================================
runc-1.0.0-6.git75f8da7.fc25.1 (FEDORA-2017-f4ccc7cb91)
CLI for running Open Containers
--------------------------------------------------------------------------------
Update Information:
bump to v1.0.0-rc3
--------------------------------------------------------------------------------
================================================================================
sedutil-1.12-3.fc25 (FEDORA-2017-79d63f9b64)
Tools to manage the activation and use of self encrypting drives
--------------------------------------------------------------------------------
Update Information:
sedutil is the follow on developement to msed. The sedutil-cli command replaces
the msed command.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1447741 - Review Request: sedutil - Tools to manage the activation and use of
self encrypting drives
https://bugzilla.redhat.com/show_bug.cgi?id=1447741
[ 2 ] Bug #1352870 - update msed to sedutil v. 1.12
https://bugzilla.redhat.com/show_bug.cgi?id=1352870
--------------------------------------------------------------------------------
================================================================================
storaged-2.6.2-4.fc25 (FEDORA-2017-f18713a47e)
Disk Manager
--------------------------------------------------------------------------------
Update Information:
Blacklist some changes for the UDisks.Client change signal
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1438232 - gvfs-udisks2-volume-monitor excessive CPU usage during raid check
https://bugzilla.redhat.com/show_bug.cgi?id=1438232
--------------------------------------------------------------------------------
================================================================================
tigervnc-1.8.0-1.fc25 (FEDORA-2017-b8d8e95f8a)
A TigerVNC remote display system
--------------------------------------------------------------------------------
Update Information:
Tigervnc 1.8.0 release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1451535 - tigervnc-1.8.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1451535
--------------------------------------------------------------------------------
================================================================================
vala-0.34.8-1.fc25 (FEDORA-2017-8c6cab18b8)
A modern programming language for GNOME
--------------------------------------------------------------------------------
Update Information:
vala 0.34.8 release with bug fixes and binding updates.
--------------------------------------------------------------------------------
================================================================================
waf-1.9.11-1.fc25 (FEDORA-2017-67d56a0422)
A Python-based build system
--------------------------------------------------------------------------------
Update Information:
#### NEW IN WAF 1.9.11 #### * Detect Visual Studio 2017 Build Tools using
vswhere.exe #1945 * Improve preprocessor performance on system paths in verbose
mode #1950 * Better installation defaults for windows import libraries #1860 *
cpplint enhancements: --cpplint-root #1953 #1956 * eclipse project generator
enhancements #1957 #1958
--------------------------------------------------------------------------------
================================================================================
wine-2.8-1.fc25 (FEDORA-2017-8f93effafc)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
- Direct3D command stream runs asynchronously. - Better serial and parallel
ports autodetection. - Still more fixes for high DPI settings. - System tray
notifications on macOS. - Various bug fixes. Wine-Staging - Improved fake
dll generation. - Implement updating shared data time fields. - Reset debug
registers on thread creation. - Added basic ACL viewer in file properties. -
Various smaller improvements and bug fixes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1450548 - wine-2.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1450548
--------------------------------------------------------------------------------
================================================================================
wordpress-4.7.5-1.fc25 (FEDORA-2017-d968f5a95f)
Blog tool and publishing platform
--------------------------------------------------------------------------------
Update Information:
**WordPress 4.7.5** is now available. This is a security release for all
previous versions and we strongly encourage you to update your sites
immediately. WordPress versions 4.7.4 and earlier are affected by six security
issues: * Insufficient redirect validation in the HTTP class. Reported by
Ronni Skansing. * Improper handling of post meta data values in the XML-RPC
API. Reported by Sam Thomas. * Lack of capability checks for post meta data
in the XML-RPC API. Reported by Ben Bidner of the WordPress Security Team. *
A Cross Site Request Forgery (CRSF) vulnerability was discovered in the
filesystem credentials dialog. Reported by Yorick Koster. * A cross-site
scripting (XSS) vulnerability was discovered when attempting to upload very
large files. Reported by Ronni Skansing. * A cross-site scripting (XSS)
vulnerability was discovered related to the Customizer. Reported by Weston Ruter
of the WordPress Security Team. Thank you to the reporters of these issues for
practicing responsible disclosure. In addition to the security issues above,
WordPress 4.7.5 contains 3 maintenance fixes to the 4.7 release series. For more
information, see the [release
notes](https://codex.wordpress.org/Version_4.7.5)
or consult the [list of
changes](https://core.trac.wordpress.org/query?status=cl
osed&milestone=4.7.5&group=component&col=id&col=summary&col=component&col=status
&col=owner&col=type&col=priority&col=keywords&order=priority).
--------------------------------------------------------------------------------