The following Fedora 25 Security updates need testing:
Age URL
115
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170
chicken-4.11.0-3.fc25
66
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6dd3bc37c3
compat-guile18-1.8.8-14.fc25
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2d8fb6d7ad
ipsilon-2.0.2-2.fc25
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-daf90926d4
dovecot-2.2.27-1.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-04c687d2aa
mapserver-7.0.3-1.git0f9ece8.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b59109c48
botan-1.10.14-3.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1b868c23a9 xen-4.7.1-5.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-01eba63bcc
FlightGear-2016.3.1-3.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fbf9f8b204
game-music-emu-0.6.1-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dd895763ac
kernel-4.8.15-300.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fce8b939c9
python-wikitcms-2.1.10-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ca1d1e1dc1
freeipa-4.4.3-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f30fae0f67
nagios-plugins-2.1.4-2.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b83c6862d
community-mysql-5.7.17-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2d0c8ba781
tarantool-1.6.9.52-1.fc25 msgpuck-1.1.3-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c404a59411
openjpeg2-2.1.2-3.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-89ee54c661
mingw-openjpeg2-2.1.2-3.fc25
The following Fedora 25 Critical Path updates have yet to be approved:
Age URL
32
https://bodhi.fedoraproject.org/updates/FEDORA-2016-56cfdb6815
nss-3.27.0-1.3.fc25
22
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a1231ada78
python-productmd-1.3-1.fc25
22
https://bodhi.fedoraproject.org/updates/FEDORA-2016-940ecb5c59
wpa_supplicant-2.6-1.fc25
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1d195fd2ad
lxpanel-0.9.1-2.D20161125git138ff9b2.fc25
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-9c25320b71
pungi-4.1.11-3.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-66bc868b6e sssd-1.14.2-2.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-6942fe63ed audit-2.7-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fc019e782c
rpm-ostree-2016.13-1.fc25 ostree-2016.15-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-96670ae9a2 gvfs-1.30.3-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7a81d68310 lz4-1.7.4.2-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1038df7f22 pcre2-10.22-8.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-862fec4a9b meson-0.36.0-4.fc25
redhat-rpm-config-45-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab324eaf7a
libnl3-3.2.29-0.2.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4d46b8cf07
qt5-qtdeclarative-5.7.1-5.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-37c1b46c83
python-mako-1.0.6-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c404a59411
openjpeg2-2.1.2-3.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-28f95ccb2f
PackageKit-1.1.4-2.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-105067067a
tracker-1.10.3-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-338552085d
gnome-software-3.22.4-2.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c84dbd4b46
libbytesize-0.7-5.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-dd895763ac
kernel-4.8.15-300.fc25
The following builds have been pushed to Fedora 25 updates-testing
PackageKit-1.1.4-2.fc25
atlas-3.10.2-14.fc25
blender-2.78a-4.fc25
community-mysql-5.7.17-1.fc25
daala-0-3.20161216git28de40b.fc25
devscripts-2.16.13-1.fc25
fedfind-3.2.3-1.fc25
flannel-0.6.2-1.fc25
freeipa-4.4.3-1.fc25
gnome-software-3.22.4-2.fc25
golang-bitbucket-kardianos-osext-0-0.13.hg364fb577de68.fc25
golang-bitbucket-ww-goautoneg-0-0.10.git75cd24fc2f2c.fc25
golang-github-akrennmair-gopcap-0-0.3.git00e1103.fc25
golang-github-beorn7-perks-0-0.8.gitb965b61.fc25
golang-github-bgentry-speakeasy-0-0.7.git36e9cfd.fc25
golang-github-boltdb-bolt-1.3.0-0.2.git583e893.fc25
golang-github-bugsnag-bugsnag-go-1.0.4-5.fc25
golang-github-bugsnag-panicwrap-1.1.0-0.3.gitaceac81.fc25
golang-github-cheggaaa-pb-0-0.3.gitda1f27a.fc25
golang-github-cockroachdb-cmux-0-0.4.git112f050.fc25
golang-github-coreos-go-semver-0-0.10.git568e959.fc25
golang-github-coreos-go-systemd-10-2.fc25
golang-github-coreos-pkg-0-0.10.gitfa29b1d.fc25
golang-github-dustin-go-humanize-0-0.3.git8929fe9.fc25
golang-github-ghodss-yaml-0-0.12.git73d445a.fc25
golang-github-godbus-dbus-3-0.5.gitc7fdd8b.fc25
golang-github-golang-sys-0-0.8.git62bee03.fc25
golang-github-google-btree-0-0.7.git7d79101.fc25
golang-github-grpc-ecosystem-grpc-gateway-1.0.0-0.2.gitf52d055.fc25
golang-github-mattn-go-runewidth-0-0.3.gitd6bea18.fc25
golang-github-olekukonko-tablewriter-0-0.4.gitcca8bbc.fc25
golang-github-olekukonko-ts-0-0.3.gitecf753e.fc25
golang-googlecode-go-crypto-0-0.12.gitc10c31b.fc25
golang-googlecode-gogoprotobuf-0.2-0.4.gite18d7aa.fc25
golang-gopkg-yaml-1-15.fc25
hatari-2.0.0-2.fc25
kernel-4.8.15-300.fc25
latexila-3.22.1-1.fc25
libbytesize-0.7-5.fc25
libebur128-1.2.0-1.fc25
lxqt-wallet-3.0.0-2.fc25
mariadb-10.1.20-1.fc25
mingw-openjpeg2-2.1.2-3.fc25
msgpuck-1.1.3-1.fc25
nagios-plugins-2.1.4-2.fc25
nordugrid-arc-5.2.1-1.fc25
nordugrid-arc-doc-2.0.12-1.fc25
ocp-0.1.22-0.10.git849cc42.fc25
openjpeg2-2.1.2-3.fc25
openqa-4.4-33.20161216git7addfed.fc25
os-autoinst-4.4-8.20161213git3050cfa.fc25
perl-File-KeePass-2.03-10.fc25
python-docopt-0.6.2-3.fc25
python-mako-1.0.6-1.fc25
python-wikitcms-2.1.10-1.fc25
qt5-qtdeclarative-5.7.1-5.fc25
qt5-qtserialbus-5.7.1-2.fc25
qt5-qtvirtualkeyboard-5.7.1-2.fc25
rubygem-font-awesome-rails-4.7.0.1-1.fc25
subdownloader-2.0.18-8.fc25
sway-0.11-0.rc3.fc25
tarantool-1.6.9.52-1.fc25
tracker-1.10.3-1.fc25
ufraw-0.22-4.fc25
uthash-2.0.1-1.fc25
znc-1.6.4-1.fc25
zulucrypt-5.0.2-2.fc25
Details about builds:
================================================================================
PackageKit-1.1.4-2.fc25 (FEDORA-2016-28f95ccb2f)
Package management service
--------------------------------------------------------------------------------
Update Information:
This update improves the handling of skip_if_unavailable=True repos.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1383819 - copr repo makes gnome-software/pkcon unable to find software
https://bugzilla.redhat.com/show_bug.cgi?id=1383819
--------------------------------------------------------------------------------
================================================================================
atlas-3.10.2-14.fc25 (FEDORA-2016-1d3b1fc610)
Automatically Tuned Linear Algebra Software
--------------------------------------------------------------------------------
Update Information:
Limit instruction set on x86_64
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1402627 - atlas-3.10.2-12.fc24 FTBFS
https://bugzilla.redhat.com/show_bug.cgi?id=1402627
[ 2 ] Bug #1405397 - Atlas 3.10.2-13.fc25 from updates-testing breaks Octave
https://bugzilla.redhat.com/show_bug.cgi?id=1405397
--------------------------------------------------------------------------------
================================================================================
blender-2.78a-4.fc25 (FEDORA-2016-901e3c82e9)
3D modeling, animation, rendering and post-production
--------------------------------------------------------------------------------
Update Information:
This update addresses issues related to minizip requirement.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1398451 - blender-2.78a-2.fc25.x86_64 requires minizip
https://bugzilla.redhat.com/show_bug.cgi?id=1398451
--------------------------------------------------------------------------------
================================================================================
community-mysql-5.7.17-1.fc25 (FEDORA-2016-9b83c6862d)
MySQL client programs and shared libraries
--------------------------------------------------------------------------------
Update Information:
* Mon Dec 12 2016 Norvald H. Ryeng <norvald.ryeng(a)oracle.com> - 5.7.17-1 -
Update to MySQL 5.7.17, for various fixes described at
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html - Add new
plugin: connnection_control.so - Add MySQL Group Replication:
group_replication.so - Add numactl-devel to buildreq and enable NUMA support (if
available) - Simplify boost path - Build compat-openssl10 in rawhide for now -
Reqs. in -devel packages was incomplete
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1386607 - CVE-2016-3492 CVE-2016-5507 CVE-2016-5609 CVE-2016-5612
CVE-2016-5616 CVE-2016-5617 CVE-2016-5626 CVE-2016-5627 CVE-2016-5629 CVE-2016-5630
CVE-2016-8283 CVE-2016-8284 CVE-2016-8288 community-mysql: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1386607
[ 2 ] Bug #1342308 - community-mysql-5.7.17 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1342308
--------------------------------------------------------------------------------
================================================================================
daala-0-3.20161216git28de40b.fc25 (FEDORA-2016-03784d8a6f)
Daala video compression
--------------------------------------------------------------------------------
Update Information:
New package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1396478 - Review Request: daala - Daala video compression
https://bugzilla.redhat.com/show_bug.cgi?id=1396478
--------------------------------------------------------------------------------
================================================================================
devscripts-2.16.13-1.fc25 (FEDORA-2016-b2dda7e177)
Scripts for Debian Package maintainers
--------------------------------------------------------------------------------
Update Information:
Update to version 2.16.13, see
http://metadata.ftp-
master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.13_changelog for
details. ---- Update to 2.16.12, see
http://metadata.ftp-
master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.12_changelog for
details. ---- Update to version 2.16.11, see
http://metadata.ftp-
master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.11_changelog for
details. ---- Update to version 2.16.10, see
http://metadata.ftp-
master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.10_changelog for
details. ---- Update to version 2.16.9, see
http://metadata.ftp-
master.debian.org/changelogs/main/d/devscripts/devscripts_2.16.9_changelog for
details.
--------------------------------------------------------------------------------
================================================================================
fedfind-3.2.3-1.fc25 (FEDORA-2016-dfa3ecd6e7)
Fedora Finder finds Fedora
--------------------------------------------------------------------------------
Update Information:
This update adds support for the [post-release live respin
composes](https://dl.fedoraproject.org/pub/alt/live-respins/) to fedfind. These
work a little differently to most other compose types: please see the
documentation for more information. This support is primarily intended to enable
testing of these composes in [openQA](https://openqa.fedoraproject.org).
--------------------------------------------------------------------------------
================================================================================
flannel-0.6.2-1.fc25 (FEDORA-2016-0b0a3acf2f)
Etcd address management agent for overlay networks
--------------------------------------------------------------------------------
Update Information:
Update to 0.6.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1396472 - Fedora - Missing flannel package for ppc64le architecture
https://bugzilla.redhat.com/show_bug.cgi?id=1396472
--------------------------------------------------------------------------------
================================================================================
freeipa-4.4.3-1.fc25 (FEDORA-2016-ca1d1e1dc1)
The Identity, Policy and Audit system
--------------------------------------------------------------------------------
Update Information:
Rebase to upstream 4.4.3:
http://www.freeipa.org/page/Releases/4.4.3 ---- -
Fixes 1395311 - CVE-2016-9575 ipa: Insufficient permission check in certprofile-
mod - Fixes 1370493 - CVE-2016-7030 ipa: DoS attack against kerberized services
by abusing password policy
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1395311 - CVE-2016-9575 ipa: Insufficient permission check in
certprofile-mod
https://bugzilla.redhat.com/show_bug.cgi?id=1395311
[ 2 ] Bug #1370493 - CVE-2016-7030 ipa: DoS attack against kerberized services by
abusing password policy
https://bugzilla.redhat.com/show_bug.cgi?id=1370493
--------------------------------------------------------------------------------
================================================================================
gnome-software-3.22.4-2.fc25 (FEDORA-2016-338552085d)
A software center for GNOME
--------------------------------------------------------------------------------
Update Information:
Fix update notes to show up on the updates page.
--------------------------------------------------------------------------------
================================================================================
golang-bitbucket-kardianos-osext-0-0.13.hg364fb577de68.fc25 (FEDORA-2016-c4ee889d64)
Extensions to the standard Go OS package
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1254591 - Tracker for golang-bitbucket-kardianos-osext
https://bugzilla.redhat.com/show_bug.cgi?id=1254591
--------------------------------------------------------------------------------
================================================================================
golang-bitbucket-ww-goautoneg-0-0.10.git75cd24fc2f2c.fc25 (FEDORA-2016-27f8eeb2b1)
HTTP Content-Type Autonegotiation
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1247619 - Tracker for golang-bitbucket-ww-goautoneg
https://bugzilla.redhat.com/show_bug.cgi?id=1247619
--------------------------------------------------------------------------------
================================================================================
golang-github-akrennmair-gopcap-0-0.3.git00e1103.fc25 (FEDORA-2016-c4056cefe0)
A simple wrapper around libpcap for the Go programming language
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405532 - Tracker for golang-github-akrennmair-gopcap
https://bugzilla.redhat.com/show_bug.cgi?id=1405532
--------------------------------------------------------------------------------
================================================================================
golang-github-beorn7-perks-0-0.8.gitb965b61.fc25 (FEDORA-2016-70e8450134)
Effective Computation of Things
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1248633 - Tracker for golang-github-beorn7-perks
https://bugzilla.redhat.com/show_bug.cgi?id=1248633
--------------------------------------------------------------------------------
================================================================================
golang-github-bgentry-speakeasy-0-0.7.git36e9cfd.fc25 (FEDORA-2016-5e3d0664ca)
Golang helpers for reading password input without cgo
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250454 - Tracker for golang-github-bgentry-speakeasy
https://bugzilla.redhat.com/show_bug.cgi?id=1250454
--------------------------------------------------------------------------------
================================================================================
golang-github-boltdb-bolt-1.3.0-0.2.git583e893.fc25 (FEDORA-2016-748aa73ffe)
A low-level key/value database for Go
--------------------------------------------------------------------------------
Update Information:
Polish the spec file ---- Bump to upstream
583e8937c61f1af6513608ccc75c97b6abdf4ff9
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1246207 - Tracker for golang-github-boltdb-bolt
https://bugzilla.redhat.com/show_bug.cgi?id=1246207
--------------------------------------------------------------------------------
================================================================================
golang-github-bugsnag-bugsnag-go-1.0.4-5.fc25 (FEDORA-2016-77a329ef2a)
Automatic panic monitoring for golang, net/http and revel
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405699 - Tracker for golang-github-bugsnag-bugsnag-go
https://bugzilla.redhat.com/show_bug.cgi?id=1405699
--------------------------------------------------------------------------------
================================================================================
golang-github-bugsnag-panicwrap-1.1.0-0.3.gitaceac81.fc25 (FEDORA-2016-04eeaccdd3)
Go library for catching and handling panics in Go applications
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1313834 - Tracker for golang-github-bugsnag-panicwrap
https://bugzilla.redhat.com/show_bug.cgi?id=1313834
--------------------------------------------------------------------------------
================================================================================
golang-github-cheggaaa-pb-0-0.3.gitda1f27a.fc25 (FEDORA-2016-8a23f0cfa7)
Console progress bar for Golang
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405557 - Tracker for golang-github-cheggaaa-pb
https://bugzilla.redhat.com/show_bug.cgi?id=1405557
--------------------------------------------------------------------------------
================================================================================
golang-github-cockroachdb-cmux-0-0.4.git112f050.fc25 (FEDORA-2016-bd4724c661)
Connection mux for serving different services on the same port
--------------------------------------------------------------------------------
Update Information:
Polish the spec file ---- skip tests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1387177 - Tracker for golang-github-cockroachdb-cmux
https://bugzilla.redhat.com/show_bug.cgi?id=1387177
--------------------------------------------------------------------------------
================================================================================
golang-github-coreos-go-semver-0-0.10.git568e959.fc25 (FEDORA-2016-b34ffc2fc9)
Go semantic versioning library
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1248718 - Tracker for golang-github-coreos-go-semver
https://bugzilla.redhat.com/show_bug.cgi?id=1248718
--------------------------------------------------------------------------------
================================================================================
golang-github-coreos-go-systemd-10-2.fc25 (FEDORA-2016-a5f08ef99c)
Go bindings to systemd socket activation, journal and D-BUS APIs
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1248722 - Tracker for golang-github-coreos-go-systemd
https://bugzilla.redhat.com/show_bug.cgi?id=1248722
--------------------------------------------------------------------------------
================================================================================
golang-github-coreos-pkg-0-0.10.gitfa29b1d.fc25 (FEDORA-2016-b7e7a141b6)
A collection of go utility packages
--------------------------------------------------------------------------------
Update Information:
Disable checks due to cyclic deps
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1245958 - Review Request: golang-github-coreos-pkg - A collection of go
utility packages
https://bugzilla.redhat.com/show_bug.cgi?id=1245958
--------------------------------------------------------------------------------
================================================================================
golang-github-dustin-go-humanize-0-0.3.git8929fe9.fc25 (FEDORA-2016-3378438fa8)
Formatters for units to human friendly sizes
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405624 - Tracker for golang-github-dustin-go-humanize
https://bugzilla.redhat.com/show_bug.cgi?id=1405624
--------------------------------------------------------------------------------
================================================================================
golang-github-ghodss-yaml-0-0.12.git73d445a.fc25 (FEDORA-2016-b0cc5e4352)
A better way to marshal and unmarshal YAML in Golang
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1249030 - Tracker for golang-github-ghodss-yaml
https://bugzilla.redhat.com/show_bug.cgi?id=1249030
--------------------------------------------------------------------------------
================================================================================
golang-github-godbus-dbus-3-0.5.gitc7fdd8b.fc25 (FEDORA-2016-1c5aefb134)
Go client bindings for D-Bus
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1249043 - Tracker for golang-github-godbus-dbus
https://bugzilla.redhat.com/show_bug.cgi?id=1249043
--------------------------------------------------------------------------------
================================================================================
golang-github-golang-sys-0-0.8.git62bee03.fc25 (FEDORA-2016-c7e48bd201)
Go packages for low-level interaction with the operating system
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1360748 - update for s390x support
https://bugzilla.redhat.com/show_bug.cgi?id=1360748
--------------------------------------------------------------------------------
================================================================================
golang-github-google-btree-0-0.7.git7d79101.fc25 (FEDORA-2016-75c7799a43)
BTree implementation for Go
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250460 - Tracker for golang-github-google-btree
https://bugzilla.redhat.com/show_bug.cgi?id=1250460
--------------------------------------------------------------------------------
================================================================================
golang-github-grpc-ecosystem-grpc-gateway-1.0.0-0.2.gitf52d055.fc25
(FEDORA-2016-d3e011b5f1)
GRPC to JSON proxy generator
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405682 - Tracker for golang-github-grpc-ecosystem-grpc-gateway
https://bugzilla.redhat.com/show_bug.cgi?id=1405682
--------------------------------------------------------------------------------
================================================================================
golang-github-mattn-go-runewidth-0-0.3.gitd6bea18.fc25 (FEDORA-2016-b33216da14)
Functions for getting fixed width of the character or string
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405690 - Tracker for golang-github-mattn-go-runewidth
https://bugzilla.redhat.com/show_bug.cgi?id=1405690
--------------------------------------------------------------------------------
================================================================================
golang-github-olekukonko-tablewriter-0-0.4.gitcca8bbc.fc25 (FEDORA-2016-cc5e27e756)
ASCII table in golang
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1320304 - Tracker for golang-github-olekukonko-tablewriter
https://bugzilla.redhat.com/show_bug.cgi?id=1320304
--------------------------------------------------------------------------------
================================================================================
golang-github-olekukonko-ts-0-0.3.gitecf753e.fc25 (FEDORA-2016-d18469d752)
Simple go Application to get Terminal Size
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405558 - Tracker for golang-github-olekukonko-ts
https://bugzilla.redhat.com/show_bug.cgi?id=1405558
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-go-crypto-0-0.12.gitc10c31b.fc25 (FEDORA-2016-8457448660)
Supplementary Go cryptography libraries
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1231618 - Tracker for golang-googlecode-go-crypto
https://bugzilla.redhat.com/show_bug.cgi?id=1231618
--------------------------------------------------------------------------------
================================================================================
golang-googlecode-gogoprotobuf-0.2-0.4.gite18d7aa.fc25 (FEDORA-2016-dc4b8fe5fd)
A fork of goprotobuf with several extra features
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1246215 - Tracker for golang-googlecode-gogoprotobuf
https://bugzilla.redhat.com/show_bug.cgi?id=1246215
--------------------------------------------------------------------------------
================================================================================
golang-gopkg-yaml-1-15.fc25 (FEDORA-2016-8fe2c82506)
Enables Go programs to comfortably encode and decode YAML values
--------------------------------------------------------------------------------
Update Information:
Polish the spec file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1250524 - Tracker for golang-gopkg-yaml
https://bugzilla.redhat.com/show_bug.cgi?id=1250524
--------------------------------------------------------------------------------
================================================================================
hatari-2.0.0-2.fc25 (FEDORA-2016-6346ff56f6)
An Atari ST/STE/TT/Falcon emulator suitable for playing games
--------------------------------------------------------------------------------
Update Information:
* Hatari can use SDL2, this will take advantage of HW acceleration on the host
PC and greatly enhance perfomance on OSX for example * Hatari now uses one
single CPU core for all machines (ST, STE, TT, Falcon). No more need for 2
different binaries * Video emulation now supports the 4 STF wakeup states for
MMU/GLUE and a much more accurate state machine for border removal * CPU
emulation was improved a lot by using WinUAE's CPU and fixing some low level
behaviour : IACK sequence, exception/interrupt stacking, 2 cycle accesses, bus
accesses timing depending on memory region, instruction pairing, ... * Falcon
DMA sound was fixed * Support for MegaST and MegaSTE machine types *
Improvements to Gemdos HD emulation * SDL UI reworked with more options *
Resizable window when using SDL2 (using HW acceleration)
--------------------------------------------------------------------------------
================================================================================
kernel-4.8.15-300.fc25 (FEDORA-2016-dd895763ac)
The Linux kernel
--------------------------------------------------------------------------------
Update Information:
The 4.8.15 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1404924 - CVE-2016-9588 Kernel: kvm: nVMX: uncaught software exceptions in L1
guest leads to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1404924
--------------------------------------------------------------------------------
================================================================================
latexila-3.22.1-1.fc25 (FEDORA-2016-12de1d7dd9)
Integrated LaTeX Environment for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
Latexila 3.22.1 release with translation updates.
--------------------------------------------------------------------------------
================================================================================
libbytesize-0.7-5.fc25 (FEDORA-2016-c84dbd4b46)
A library for working with sizes in bytes
--------------------------------------------------------------------------------
Update Information:
Neutralize None as an operand for math operations (vpodzime)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1404361 - segfault in bs_size_add during F25 install
https://bugzilla.redhat.com/show_bug.cgi?id=1404361
--------------------------------------------------------------------------------
================================================================================
libebur128-1.2.0-1.fc25 (FEDORA-2016-cd3140798e)
A library that implements the EBU R 128 standard for loudness normalization
--------------------------------------------------------------------------------
Update Information:
Update to 1.2.0 after unretiring the package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1396406 - Review Request: libebur128 - A library that implements the EBU R
128 standard for loudness normalization
https://bugzilla.redhat.com/show_bug.cgi?id=1396406
[ 2 ] Bug #1260813 - libebur128-v1.1.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1260813
--------------------------------------------------------------------------------
================================================================================
lxqt-wallet-3.0.0-2.fc25 (FEDORA-2016-84d4186ab5)
Create a kwallet like functionality for LXQt
--------------------------------------------------------------------------------
Update Information:
lxqt_wallet 3.0.0-2 - - rebuilt for latest Qt5 zuluCrypt 5.0.2-2 - - rebuilt
for latest Qt5 - add support for unlocking ecryptfs volumes in zuluMount-gui
(ecryptfs-simple[1] tool must already be installed) [1]
https://github.com/mhogomchungu/ecryptfs-simple Review Request:
rhbz#1402590 - solved a problem that caused a hang when creating/unlocking
volumes some users were experiencing. - embedded support for PolicyKit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400754 - zulucrypt-5.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1400754
--------------------------------------------------------------------------------
================================================================================
mariadb-10.1.20-1.fc25 (FEDORA-2016-91a38ea10f)
A community developed branch of MySQL
--------------------------------------------------------------------------------
Update Information:
Rebase to version 10.1.20
https://mariadb.com/kb/en/mariadb/mariadb-10120
-release-notes/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405258 - mariadb-10.1.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1405258
--------------------------------------------------------------------------------
================================================================================
mingw-openjpeg2-2.1.2-3.fc25 (FEDORA-2016-89ee54c661)
MinGW Windows openjpeg2 library
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2016-9580 and CVE-2016-9581. ---- This update adds a
patch to fix CVE-2016-9573 and CVE-2016-9572.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405128 - CVE-2016-9580 openjpeg2: Integer overflow in tiftoimage causes heap
buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1405128
[ 2 ] Bug #1405135 - CVE-2016-9581 openjpeg2: Infinite loop in tiftoimage resulting into
heap buffer overflow in convert_32s_C1P1
https://bugzilla.redhat.com/show_bug.cgi?id=1405135
--------------------------------------------------------------------------------
================================================================================
msgpuck-1.1.3-1.fc25 (FEDORA-2016-2d0c8ba781)
MsgPack binary serialization library in a self-contained header
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2016-9036 and CVE-2016-9037. These vulnerabilities are embargoed, but
Mitre will publish them in the next couple days.
--------------------------------------------------------------------------------
================================================================================
nagios-plugins-2.1.4-2.fc25 (FEDORA-2016-f30fae0f67)
Host/service/network monitoring program plugins for Nagios
--------------------------------------------------------------------------------
Update Information:
Updated to 2.1.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #752949 - ldap_bind: Can't contact LDAP server via SSL
https://bugzilla.redhat.com/show_bug.cgi?id=752949
[ 2 ] Bug #1368089 - check_file_age broken
https://bugzilla.redhat.com/show_bug.cgi?id=1368089
[ 3 ] Bug #1335245 - check_mailq fails with syntax error
https://bugzilla.redhat.com/show_bug.cgi?id=1335245
[ 4 ] Bug #1362322 - nagios-plugins-2.1.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1362322
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc-5.2.1-1.fc25 (FEDORA-2016-6c8c619311)
Advanced Resource Connector Grid Middleware
--------------------------------------------------------------------------------
Update Information:
ARC 5.2.1
--------------------------------------------------------------------------------
================================================================================
nordugrid-arc-doc-2.0.12-1.fc25 (FEDORA-2016-6c8c619311)
Advanced Resource Connector Documentation
--------------------------------------------------------------------------------
Update Information:
ARC 5.2.1
--------------------------------------------------------------------------------
================================================================================
ocp-0.1.22-0.10.git849cc42.fc25 (FEDORA-2016-7a4df46f96)
Open Cubic Player for MOD/S3M/XM/IT/MIDI music files
--------------------------------------------------------------------------------
Update Information:
Re-enable libmad for mp3 support
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400073 - ocp: re-enable Mp3 support
https://bugzilla.redhat.com/show_bug.cgi?id=1400073
--------------------------------------------------------------------------------
================================================================================
openjpeg2-2.1.2-3.fc25 (FEDORA-2016-c404a59411)
C-Library for JPEG 2000
--------------------------------------------------------------------------------
Update Information:
This update fixes CVE-2016-9580 and CVE-2016-9581.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405128 - CVE-2016-9580 openjpeg2: Integer overflow in tiftoimage causes heap
buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1405128
[ 2 ] Bug #1405135 - CVE-2016-9581 openjpeg2: Infinite loop in tiftoimage resulting into
heap buffer overflow in convert_32s_C1P1
https://bugzilla.redhat.com/show_bug.cgi?id=1405135
--------------------------------------------------------------------------------
================================================================================
openqa-4.4-33.20161216git7addfed.fc25 (FEDORA-2016-ad7b36a0d0)
OS-level automated testing framework
--------------------------------------------------------------------------------
Update Information:
This update provides recent git snapshots of both openQA and os-autoinst, with
various fixes and enhancements from upstream. For more details, see the upstream
changelogs.
--------------------------------------------------------------------------------
================================================================================
os-autoinst-4.4-8.20161213git3050cfa.fc25 (FEDORA-2016-ad7b36a0d0)
OS-level test automation
--------------------------------------------------------------------------------
Update Information:
This update provides recent git snapshots of both openQA and os-autoinst, with
various fixes and enhancements from upstream. For more details, see the upstream
changelogs.
--------------------------------------------------------------------------------
================================================================================
perl-File-KeePass-2.03-10.fc25 (FEDORA-2016-f3fd15a179)
Interface to KeePass V1 and V2 database files
--------------------------------------------------------------------------------
Update Information:
Add Requires so compression, MIME, and XML decoding work correctly
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328327 - Unable to open keepass 2 database
https://bugzilla.redhat.com/show_bug.cgi?id=1328327
--------------------------------------------------------------------------------
================================================================================
python-docopt-0.6.2-3.fc25 (FEDORA-2016-a6c9ed16df)
Pythonic argument parser, that will make you smile
--------------------------------------------------------------------------------
Update Information:
Packaging fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405639 - python-docopt requires devel/test libraries
https://bugzilla.redhat.com/show_bug.cgi?id=1405639
--------------------------------------------------------------------------------
================================================================================
python-mako-1.0.6-1.fc25 (FEDORA-2016-37c1b46c83)
Mako template library for Python
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.6 (#1257376).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1257376 - python-mako-1.0.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1257376
--------------------------------------------------------------------------------
================================================================================
python-wikitcms-2.1.10-1.fc25 (FEDORA-2016-fce8b939c9)
Fedora QA wiki test management Python library
--------------------------------------------------------------------------------
Update Information:
This update contains a **SECURITY** fix for an issue with potentially serious
consequences but very limited scope. If an administrator of a wiki you talked to
using python-wikitcms were malicious, they could cause arbitrary code execution
as the user running wikitcms. No-one besides a wiki administrator could do this,
as it requires crafting the wiki's response to an edit request to include a
malicious payload. It also drops some now useless or unneeded code (due to
changes in mediawiki and mwclient).
--------------------------------------------------------------------------------
================================================================================
qt5-qtdeclarative-5.7.1-5.fc25 (FEDORA-2016-4d46b8cf07)
Qt5 - QtDeclarative component
--------------------------------------------------------------------------------
Update Information:
Restore -doc package.
--------------------------------------------------------------------------------
================================================================================
qt5-qtserialbus-5.7.1-2.fc25 (FEDORA-2016-ebd5982688)
Qt5 - SerialPort component
--------------------------------------------------------------------------------
Update Information:
Qt 5.7.1 bugfix release.
--------------------------------------------------------------------------------
================================================================================
qt5-qtvirtualkeyboard-5.7.1-2.fc25 (FEDORA-2016-c3d37c0ec9)
Qt5 - VirtualKeyboard component
--------------------------------------------------------------------------------
Update Information:
Qt 5.7.1 bugfix release.
--------------------------------------------------------------------------------
================================================================================
rubygem-font-awesome-rails-4.7.0.1-1.fc25 (FEDORA-2016-1abf1c8884)
An asset gemification of the font-awesome icon font library
--------------------------------------------------------------------------------
Update Information:
Update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1404490 - rubygem-font-awesome-rails-4.7.0.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1404490
--------------------------------------------------------------------------------
================================================================================
subdownloader-2.0.18-8.fc25 (FEDORA-2016-4e4986afc1)
Program for download/upload subtitles for video files and DVDs
--------------------------------------------------------------------------------
Update Information:
Copy some scripts from opensuse rpm [1], use gui/images/subdownloader.png
instead
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1282270 - package has subdownloader dir in /
https://bugzilla.redhat.com/show_bug.cgi?id=1282270
[ 2 ] Bug #1299172 - Download of subtitle failed
https://bugzilla.redhat.com/show_bug.cgi?id=1299172
--------------------------------------------------------------------------------
================================================================================
sway-0.11-0.rc3.fc25 (FEDORA-2016-50f12ff581)
i3-compatible window manager for Wayland
--------------------------------------------------------------------------------
Update Information:
Update ---- Update. **WARNING:** if you are using your own config file, add
``` include /etc/sway/config.d/* ``` At the end of it, otherwise nothing will
work on Wayland
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401349 - sway-0.11-rc1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1401349
--------------------------------------------------------------------------------
================================================================================
tarantool-1.6.9.52-1.fc25 (FEDORA-2016-2d0c8ba781)
In-memory database and Lua application server
--------------------------------------------------------------------------------
Update Information:
Fix CVE-2016-9036 and CVE-2016-9037. These vulnerabilities are embargoed, but
Mitre will publish them in the next couple days.
--------------------------------------------------------------------------------
================================================================================
tracker-1.10.3-1.fc25 (FEDORA-2016-105067067a)
Desktop-neutral search tool and indexer
--------------------------------------------------------------------------------
Update Information:
This update makes tracker work again on i686 after recently added sandboxing
code regressed it.
--------------------------------------------------------------------------------
================================================================================
ufraw-0.22-4.fc25 (FEDORA-2016-b2ef7d32a8)
Raw image data retrieval tool for digital cameras
--------------------------------------------------------------------------------
Update Information:
Fix crash on destroy of lensfun object with PEF images (#1350210) ---- Add 2
patches from upsteam and re-enable lensfun, rhbz#1350210
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1350210 - [abrt] ufraw: lfModifier::~lfModifier(): ufraw killed by SIGSEGV
https://bugzilla.redhat.com/show_bug.cgi?id=1350210
--------------------------------------------------------------------------------
================================================================================
uthash-2.0.1-1.fc25 (FEDORA-2016-0f9f515bb7)
A hash table for C structures
--------------------------------------------------------------------------------
Update Information:
### Update to v2.0.1 * Introduce libut / libvector * Add BR: perl
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401591 - uthash-1.9.9-10.fc24 FTBFS
https://bugzilla.redhat.com/show_bug.cgi?id=1401591
--------------------------------------------------------------------------------
================================================================================
znc-1.6.4-1.fc25 (FEDORA-2016-cd42eb69d8)
An advanced IRC bouncer
--------------------------------------------------------------------------------
Update Information:
Update to 1.6.4
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1402101 - znc-1.6.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1402101
[ 2 ] Bug #1391300 - Nothing owns %_libdir/znc
https://bugzilla.redhat.com/show_bug.cgi?id=1391300
[ 3 ] Bug #1383989 - znc-1.6.3-5.fc26 FTBFS against OpenSSL 1.1.0
https://bugzilla.redhat.com/show_bug.cgi?id=1383989
--------------------------------------------------------------------------------
================================================================================
zulucrypt-5.0.2-2.fc25 (FEDORA-2016-84d4186ab5)
Qt GUI front end to cryptsetup
--------------------------------------------------------------------------------
Update Information:
lxqt_wallet 3.0.0-2 - - rebuilt for latest Qt5 zuluCrypt 5.0.2-2 - - rebuilt
for latest Qt5 - add support for unlocking ecryptfs volumes in zuluMount-gui
(ecryptfs-simple[1] tool must already be installed) [1]
https://github.com/mhogomchungu/ecryptfs-simple Review Request:
rhbz#1402590 - solved a problem that caused a hang when creating/unlocking
volumes some users were experiencing. - embedded support for PolicyKit
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400754 - zulucrypt-5.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1400754
--------------------------------------------------------------------------------