The following Fedora 25 Security updates need testing:
Age URL
285
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25
184
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e
python-XStatic-jquery-ui-1.12.0.1-4.fc25
123
https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f
nodejs-brace-expansion-1.1.7-1.fc25
77
https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c
memcached-1.4.39-1.fc25
73
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4
docker-distribution-2.6.2-1.git48294d9.fc25
24
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e66393536
libwpd-0.10.2-1.fc25
16
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e3bf383b11
gnome-shell-3.22.3-2.fc25
16
https://bodhi.fedoraproject.org/updates/FEDORA-2017-01ab87482e
httpd-2.4.27-4.fc25
11
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0f24bb2a9
chromium-61.0.3163.100-1.fc25
11
https://bodhi.fedoraproject.org/updates/FEDORA-2017-66aa5d1d33 git-2.9.5-2.fc25
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2008fdd7e2
perl-5.24.3-389.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-66d9113c7a
ImageMagick-6.9.9.15-1.fc25 rubygem-rmagick-2.16.0-7.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2aa4d11993
openvpn-2.4.4-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-238961d86d
tor-0.2.9.12-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-89efe409a2
weechat-1.9.1-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-26a53ccbdf
WebCalendar-1.2.9-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb10391ad
mingw-poppler-0.45.0-4.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e5ac0896e
botan-1.10.17-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-515264ae24
dnsmasq-2.76-4.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9d345f250a
nagios-4.3.4-3.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-99bcbc7bef xen-4.7.3-6.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4dfebebd39 recode-3.6-43.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6bbb922009
check-mk-1.2.8p26-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f495b9e71
poppler-0.45.0-7.fc25
The following Fedora 25 Critical Path updates have yet to be approved:
Age URL
127
https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25
30
https://bodhi.fedoraproject.org/updates/FEDORA-2017-504aeb74ba
rpcbind-0.2.4-7.rc2.fc25
26
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a44008dd1d
python-pysocks-1.6.7-1.fc25
25
https://bodhi.fedoraproject.org/updates/FEDORA-2017-27ed767ca1
upower-0.99.6-1.fc25
24
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2802f82ef1
webkitgtk4-2.18.0-1.fc25
18
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d2803ce4f5
linux-firmware-20170828-77.gitb78acc9.fc25
18
https://bodhi.fedoraproject.org/updates/FEDORA-2017-235298fa58
python-cryptography-2.0.2-2.fc25 python-cryptography-vectors-2.0.2-1.fc25
18
https://bodhi.fedoraproject.org/updates/FEDORA-2017-31d7cd5eab
pyOpenSSL-16.2.0-2.fc25
18
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c8a36f37e audit-2.7.8-1.fc25
16
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e3bf383b11
gnome-shell-3.22.3-2.fc25
15
https://bodhi.fedoraproject.org/updates/FEDORA-2017-103ec7f899 cups-2.2.0-10.fc25
11
https://bodhi.fedoraproject.org/updates/FEDORA-2017-66aa5d1d33 git-2.9.5-2.fc25
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b78dd48284
dbus-1.11.18-1.fc25
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2008fdd7e2
perl-5.24.3-389.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-655278f79b nspr-4.17.0-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-64612f6c45
vim-8.0.1171-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a45ef4d535
hwdata-0.305-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3fc5429e7e
iproute-4.12.0-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-eb81135947
menu-cache-1.0.2-7.D20170914git8c8534159d.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1391851bdb
vte291-0.46.3-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d6667b0ae
sudo-1.8.21p2-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f36afbbe07
p11-kit-0.23.9-2.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ad5b0243eb
libguestfs-1.36.7-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0803060361 nss-3.33.0-1.0.fc25
nss-softokn-3.33.0-1.0.fc25 nss-util-3.33.0-1.0.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-5324f52b3d koji-1.14.0-1.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-99bcbc7bef xen-4.7.3-6.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-515264ae24
dnsmasq-2.76-4.fc25
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-00cfac3370
pungi-4.1.19-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f495b9e71
poppler-0.45.0-7.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ae3e7ab916
glusterfs-3.10.6-3.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f7fefa567
firefox-56.0-5.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-52e83125f5
kernel-4.13.5-100.fc25
The following builds have been pushed to Fedora 25 updates-testing
libnitrokey-3.0-0.2.20171007git.fa871ec.fc25
poppler-0.45.0-7.fc25
purple-libsteam-1.6.1-17.20170929gitab6d446.fc25
qtractor-0.8.4-1.fc25
snapd-2.28.1-1.fc25
snapd-glib-1.23-1.fc25
vid.stab-1.1-3.20170830gitafc8ea9.fc25
Details about builds:
================================================================================
libnitrokey-3.0-0.2.20171007git.fa871ec.fc25 (FEDORA-2017-95b9d1e49f)
Communicate with Nitrokey stick devices in a clean and easy manner
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1499408 - Review Request: libnitrokey - Communicate with Nitrokey stick
devices in a clean and easy manner
https://bugzilla.redhat.com/show_bug.cgi?id=1499408
--------------------------------------------------------------------------------
================================================================================
poppler-0.45.0-7.fc25 (FEDORA-2017-8f495b9e71)
PDF rendering library
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2017-14517, CVE-2017-14518, CVE-2017-14519 and
CVE-2017-14929. ---- - CVE-2017-14520 Floating point exception in
Splash::scaleImageYuXd
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1499162 - CVE-2017-14517 poppler: NULL pointer dereference in the
XRef::parseEntry() function
https://bugzilla.redhat.com/show_bug.cgi?id=1499162
[ 2 ] Bug #1499163 - CVE-2017-14518 poppler: Floating point exception in the
isImageInterpolationRequired() function
https://bugzilla.redhat.com/show_bug.cgi?id=1499163
[ 3 ] Bug #1499165 - CVE-2017-14519 poppler: Memory corruption via Gfx.cc infinite loop
https://bugzilla.redhat.com/show_bug.cgi?id=1499165
[ 4 ] Bug #1499167 - CVE-2017-14929 poppler: Memory corruption via Gfx.cc infinite loop
https://bugzilla.redhat.com/show_bug.cgi?id=1499167
--------------------------------------------------------------------------------
================================================================================
purple-libsteam-1.6.1-17.20170929gitab6d446.fc25 (FEDORA-2017-57f7e5b93e)
Steam plugin for Pidgin/Adium/libpurple
--------------------------------------------------------------------------------
Update Information:
Upstream changelog: * Added option to redeem Steam game keys to the accounts
menu.
--------------------------------------------------------------------------------
================================================================================
qtractor-0.8.4-1.fc25 (FEDORA-2017-37e196fce9)
Audio/MIDI multi-track sequencer
--------------------------------------------------------------------------------
Update Information:
Update to 0.8.4. Details:
https://qtractor.sourceforge.io/qtractor-
downloads.html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1492852 - New release (0.8.4) available
https://bugzilla.redhat.com/show_bug.cgi?id=1492852
--------------------------------------------------------------------------------
================================================================================
snapd-2.28.1-1.fc25 (FEDORA-2017-49756ddcb4)
A transactional software package manager
--------------------------------------------------------------------------------
Update Information:
Release 2.28.1 to Fedora (RH#1495852)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1495852 - snapd-2.28.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1495852
[ 2 ] Bug #1492087 - snapd-glib-1.23 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1492087
--------------------------------------------------------------------------------
================================================================================
snapd-glib-1.23-1.fc25 (FEDORA-2017-49756ddcb4)
Library providing a GLib interface to snapd
--------------------------------------------------------------------------------
Update Information:
Release 2.28.1 to Fedora (RH#1495852)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1495852 - snapd-2.28.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1495852
[ 2 ] Bug #1492087 - snapd-glib-1.23 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1492087
--------------------------------------------------------------------------------
================================================================================
vid.stab-1.1-3.20170830gitafc8ea9.fc25 (FEDORA-2017-d30904399b)
Video stabilize library for fmpeg, mlt or transcode
--------------------------------------------------------------------------------
Update Information:
- change license tag to GPLv2 - fix warning _FORTIFY_SOURCE requires compiling
with optimization (-O)
--------------------------------------------------------------------------------