The following Fedora 25 Security updates need testing:
Age URL
340
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25
178
https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f
nodejs-brace-expansion-1.1.7-1.fc25
128
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4
docker-distribution-2.6.2-1.git48294d9.fc25
43
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7089c6e789
suricata-3.2.4-1.fc25
35
https://bodhi.fedoraproject.org/updates/FEDORA-2017-51f49ebbce apr-1.6.3-1.fc25
35
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f563b201ba
apr-util-1.5.4-4.fc25
35
https://bodhi.fedoraproject.org/updates/FEDORA-2017-45ed341e61
httpd-2.4.29-1.fc25
20
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e67e4e45b
poppler-0.45.0-10.fc25
20
https://bodhi.fedoraproject.org/updates/FEDORA-2017-481e4f6f8c
ldns-1.6.17-22.fc25
20
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e5bbb657c5
chromium-62.0.3202.89-1.fc25
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-78f0991378
openssh-7.4p1-5.fc25
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2577f2108 xen-4.7.4-1.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e5afe777a
docker-1.12.6-8.gitbe5610c.fc25
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4994d364de
rb_libtorrent-1.1.5-1.fc25 qbittorrent-4.0.1-1.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c6722f0b3c
linux-firmware-20171126-80.git17e62881.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-832dbdac75
python-dulwich-0.18.6-1.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d7ab32cc23
collectd-5.8.0-2.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-62f44716bb
fedora-arm-installer-2.1-1.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7f8abb1866
ca-certificates-2017.2.20-1.0.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e584e3c8a3
thunderbird-52.5.0-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9015553e3d
qt5-qtwebengine-5.9.3-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9ae6e39bde mupdf-1.11-9.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-81fe39ad9f
pdns-recursor-4.0.7-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2c15e19fb5
firefox-57.0.1-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6be762ea64
python-2.7.13-3.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ca05b30e86
rubygem-yard-0.8.7.6-4.fc25
The following Fedora 25 Critical Path updates have yet to be approved:
Age URL
182
https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25
61
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3fc5429e7e
iproute-4.12.0-1.fc25
30
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b89e9f62d8
bind99-9.9.10-3.P3.fc25
28
https://bodhi.fedoraproject.org/updates/FEDORA-2017-dbf347055a
hwdata-0.306-1.fc25
20
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e67e4e45b
poppler-0.45.0-10.fc25
10
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4ac58bd7e5
groff-1.22.3-9.fc25
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-78f0991378
openssh-7.4p1-5.fc25
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-5c8aaa03b5
man-db-2.7.5-7.fc25
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ebe7851cb1
pungi-4.1.20-3.fc25
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1524498243 sssd-1.16.0-3.fc25
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2577f2108 xen-4.7.4-1.fc25
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf1dd0bb89
libtiff-4.0.9-1.fc25
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-779d5b7efb
pcre2-10.23-11.fc25
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c6722f0b3c
linux-firmware-20171126-80.git17e62881.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7f8abb1866
ca-certificates-2017.2.20-1.0.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6be762ea64
python-2.7.13-3.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2c15e19fb5
firefox-57.0.1-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-06c5efa39f
glusterfs-3.10.8-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c0f2ceb7bc
mariadb-10.1.29-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e0501e729c
appstream-data-25-23.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e584e3c8a3
thunderbird-52.5.0-1.fc25
The following builds have been pushed to Fedora 25 updates-testing
appstream-data-25-23.fc25
cinnamon-3.6.6-10.fc25
cool-retro-term-1.0.1-5.fc25
firefox-57.0.1-1.fc25
glusterfs-3.10.8-1.fc25
hedgewars-0.9.23-1.fc25
liblxi-1.7-1.fc25
lxi-tools-1.12-1.fc25
mame-0.192-1.fc25
mariadb-10.1.29-1.fc25
module-build-service-1.5.2-1.fc25
mupdf-1.11-9.fc25
nsd-4.1.18-1.fc25
pdns-recursor-4.0.7-1.fc25
perl-File-Fetch-0.56-1.fc25
perl-experimental-0.018-1.fc25
python-2.7.13-3.fc25
qt5-qtwebengine-5.9.3-1.fc25
redis-4.0.4-1.fc25
rubygem-yard-0.8.7.6-4.fc25
slick-greeter-1.1.3-1.fc25
spatialindex-1.8.5-8.fc25
thunderbird-52.5.0-1.fc25
tio-1.27-1.fc25
torrent-file-editor-0.3.8-1.fc25
unbound-1.6.7-1.fc25
Details about builds:
================================================================================
appstream-data-25-23.fc25 (FEDORA-2017-e0501e729c)
Fedora AppStream metadata
--------------------------------------------------------------------------------
Update Information:
New metadata version
--------------------------------------------------------------------------------
================================================================================
cinnamon-3.6.6-10.fc25 (FEDORA-2017-1f2967a418)
Window management and application launching for GNOME
--------------------------------------------------------------------------------
Update Information:
- Switch to libnm on all Fedora releases and EPEL7 - Fix a wifi connection issue
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1413610 - Don't use NetworkManager-glib
https://bugzilla.redhat.com/show_bug.cgi?id=1413610
--------------------------------------------------------------------------------
================================================================================
cool-retro-term-1.0.1-5.fc25 (FEDORA-2017-813b682539)
Terminal emulator mimicking a CRT display
--------------------------------------------------------------------------------
Update Information:
Add missing runtime dependencies ---- New package - initial build & update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1509590 - Review Request: cool-retro-term - Terminal emulator mimicking a CRT
display
https://bugzilla.redhat.com/show_bug.cgi?id=1509590
--------------------------------------------------------------------------------
================================================================================
firefox-57.0.1-1.fc25 (FEDORA-2017-2c15e19fb5)
Mozilla Firefox Web browser
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version.
--------------------------------------------------------------------------------
================================================================================
glusterfs-3.10.8-1.fc25 (FEDORA-2017-06c5efa39f)
Distributed File System
--------------------------------------------------------------------------------
Update Information:
3.10.8 GA
--------------------------------------------------------------------------------
================================================================================
hedgewars-0.9.23-1.fc25 (FEDORA-2017-ad24a89ef5)
Funny turn-based artillery game, featuring fighting Hedgehogs!
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release. For complete changelog see:
https://hg.hedgewars.org/hedgewars/raw-file/8610462e3d33/ChangeLog.txt
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1517404 - hedgewars 0.9.23 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1517404
--------------------------------------------------------------------------------
================================================================================
liblxi-1.7-1.fc25 (FEDORA-2017-b4c2ae341e)
Library with simple API for communication with LXI devices
--------------------------------------------------------------------------------
Update Information:
liblxi v1.7 =========== * Update to new URL * Update README * Update
AUTHORS * Use HTTPS in the configure script * Jakub Wilk: Fix typos liblxi
v1.6 =========== * Update README * Add authors section in README * Add
README.md to prettify GitHub page liblxi v1.5 =========== * Add support for
mDNS/DNS-SD discovery * Add parameter to lxi_discover() so it is possible to
select discovery using VXI-11 or mDNS/DNS-SD. * If detected available, Avahi
is used as the mDNS/DNS-SD backend implementation. * Print errors to stderr
* Update README liblxi v1.4 =========== * Fix discover output strings *
Discovery of multiple LXI instruments revealed a bug in the id string handling
which results in garbled output strings. Adding missing string termination fixes
this. * Add timeout handling for raw/TCP * Update examples * Cleanup *
Update README * Add support for configurable protocol backends * Reworked
the code to support configurable protocol backends. Currently supported
protocols include VXI11 and raw TCP. In the future support for HiSlip can be
added.
--------------------------------------------------------------------------------
================================================================================
lxi-tools-1.12-1.fc25 (FEDORA-2017-f745eb909c)
Tools collection to control LXI enabled instruments
--------------------------------------------------------------------------------
Update Information:
lxi-tools v1.12 =============== * Update to new URL * Add snap status *
Fix redirection of output to file * Update README * Cleanup configure.ac *
Jakub Wilk: Use HTTPS in the configure script lxi-tools v1.11 ===============
* Update README * Update man page * Update AUTHORS * Expand tested
instruments list * Rename screenshot plugin rigol-1000 -> rigol-1000z * Add
various Rigol screenshot plugins * Add the following Rigol screenshot plugins:
* rigol-dg4000 Rigol DG4000 series function generator * rigol-dm3000 Rigol
DM3000 series digital multimeter * rigol-dp800 Rigol DP800 series power
supply * rigol-dsa800 Rigol DSA800 series spectrum analyzer * rigol-
dsa700 Rigol DSA700 series spectrum analyzer The code is added on behalf of
PeDre from the EEVBlog forum. * Add authors section in README * Add
README.md to prettify GitHub page * The original README is still preserved
because it is more readable when not reading it via GitHub. * Jakub Wilk:
Strip trailing spaces * Fix typo * Fix grammar and typos lxi-tools v1.10
=============== * Add support for mDNS/DNS-SD discovery * Add "--mdns"
option which enables the discover command to search for LXI devices/services
using mDNS/DNS-SD. * Fix Siglent screenshot plugins * Write correct response
buffer to file. Improve .regex match expression. lxi-tools v1.9 ==============
* Update README * Fix newlines when redirecting to file or terminal * Rename
--dump-hex to --hex * Fix missing error message when no SCPI command defined
* Update man page * Remove --dump-file option * The correct way to dump
response to file is to use pipe output redirection. For example: * lxi scpi
--address 192.168.1.210 "*IDN?" > response.txt * This way it is possible
to
dump any binary reponse to file. * Fix missing error message when no IP
address defined * Print errors to stderr * Cleanup Siglent SDS1000 plugin
name * Add Siglent SSA 3000X screenshot plugin * Cleanup script examples *
Correct default SCPI raw/TCP port * By default use port 5025 as described
here:
http://www.lxistandard.org/About/LXI-Protocols.aspx * If a different
port is needed use the '--raw-port' option. * Apparently Rigol is not using
the recommended port for raw SCPI commands. * Update descriptions of the
plugin options lxi-tools v1.8 ============== * Update README * Add
Siglent SDS 1000 screenshot plugin lxi-tools v1.7 ============== * Update
README * Cleanup * Update .regex for Tektronix plugin * Update .regex for
R&S plugin * Update .regex for Keysight plugin * Update man page * Embed
instrument IP address in screenshot filename * This helps identify
screenshot files when capturing screenshots from multiple instruments. * It
also allows to simplify the APIs used by the screenshot plugins. * Change
option '--model' to '--plugin' * Lets remove any model vs. plugin
confusion
and only deal with plugin names. Each plugin includes support for one or more
instruments models as described in the plugin description. * Add automatic
loading of screenshot plugin feature * If no screenshot plugin is specified
the tool will automatically try to select the best plugin by matching the
instruments ID string against the regular expressions defined in each plugin.
* Each screenshot plugin defines a .regex string entry containing space
separated regular expressions. Each regular expression is matched against the
instrument ID string. The plugin with most matches is selected. * Note: This
mechanism is slightly slower than manually specifying which screenshot plugin
because it needs to retrieve the instruments ID string first. * Improve
description of Rigol plugins * Fix Rigol 2000 screenshot plugin * Remove
trailing newline in received image data. * Add screenshot plugin for Rigol
2000 series * Also, make existing Rigol plugin only apply for 1000z series.
lxi-tools v1.6 ============== * Add date-time stamp to screenshot filename
* Improve command handling * In case of a misspelled command the tool would
misleadingly respond: "Error: No IP address specified" * With this fix, it
now responds: "Error: Unknown command" * Update README * Added screenshot
plugin for Tektronix 2000 series scopes * Improve scpi response output * Add
--raw and --raw-port options to scpi command * One can now use choose to use
raw/TCP instead of VXI11 when firing SCPI commands. Simply append the --raw
option like so: * lxi scpi --raw --address 192.168.0.42 "*IDN?" * By
default raw/TCP port 5555 is used but it can be changed using the --raw-port
option. * Warning: Using raw/TCP is faster than VXI11 but does not provide
any timeout/control mechanisms so if your command somehow stalls it will stall
forever. * Use new lxi_connect() function * Cleanup * Make screenshot
filename optional * In case no screenshot filename is provided the tool will
write the screenshot image to an automatically resolved and incremented filename
on the form screenshot-###.. For example, screenshot-000.png,
screenshot-001.png, etc.. * Improve screenshot model listing * Increase
default timeout for screenshot command * Transferring screenshot image data
takes time so lets increase the timeout so we do not easily interrupt a good but
slow transfer. * Collapse Rigol screenshot plugin * Support all Rigol
oscilloscope models via one model name. * Add screenshot support for Keysight
IV 2000 X * Cleanup plugins * Add screenshot support for R&S HMO1000 series
* Add screenshot support for Rigol 2000/4000 * Create directory for screenshot
plugins
--------------------------------------------------------------------------------
================================================================================
mame-0.192-1.fc25 (FEDORA-2017-57b8d3d3d8)
Multiple Arcade Machine Emulator
--------------------------------------------------------------------------------
Update Information:
An update to the latest mame release: *
http://mamedev.org/?p=450
--------------------------------------------------------------------------------
================================================================================
mariadb-10.1.29-1.fc25 (FEDORA-2017-c0f2ceb7bc)
A community developed branch of MySQL
--------------------------------------------------------------------------------
Update Information:
MariaDB 10.1.29
https://mariadb.com/kb/en/library/mariadb-10129-release-notes/
CVE's fixed: CVE-2017-10378, CVE-2017-10268
--------------------------------------------------------------------------------
================================================================================
module-build-service-1.5.2-1.fc25 (FEDORA-2017-7d43059e94)
The Module Build Service for Modularity
--------------------------------------------------------------------------------
Update Information:
Changes: * Schedule components based on the weight in Koji (takes into account
all arches) instead of build duration * Support git+https:// git URLs * Honor
custom RPM %_sourcedir (local builds) * Fix filtering component builds by state
name (component-builds API) * Fix "instant complete" builds * Allow filtering
on
all table columns * Return a friendly error when the 'id' is provided as a query
parameter * Print a deprecation error when a user tries to use mbs-build * Don't
try to untag stale module builds that don't have any completed components *
Copr: install modules into the buildroot
--------------------------------------------------------------------------------
================================================================================
mupdf-1.11-9.fc25 (FEDORA-2017-9ae6e39bde)
A lightweight PDF viewer and toolkit
--------------------------------------------------------------------------------
Update Information:
CVE-2017-15369 CVE-2017-15587 CVE-2017-9216 CVE-2017-14685 CVE-2017-14686
CVE-2017-14687
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1456731 - CVE-2017-9216 mupdf: jbig2dec: Null pointer dereference in
jbig2_huffman_get() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1456731
[ 2 ] Bug #1500016 - CVE-2017-14685 CVE-2017-14686 CVE-2017-14687 CVE-2017-15369
CVE-2017-15587 mupdf: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1500016
--------------------------------------------------------------------------------
================================================================================
nsd-4.1.18-1.fc25 (FEDORA-2017-7c17b02a53)
Fast and lean authoritative DNS Name Server
--------------------------------------------------------------------------------
Update Information:
Updated to 4.1.18
--------------------------------------------------------------------------------
================================================================================
pdns-recursor-4.0.7-1.fc25 (FEDORA-2017-81fe39ad9f)
Modern, advanced and high performance recursing/non authoritative name server
--------------------------------------------------------------------------------
Update Information:
Update to latest version. Contains security fixes for CVE-2017-15090,
CVE-2017-15092, CVE-2017-15093 and CVE-2017-15094
--------------------------------------------------------------------------------
================================================================================
perl-File-Fetch-0.56-1.fc25 (FEDORA-2017-5f1cc0ebc3)
Generic file fetching mechanism
--------------------------------------------------------------------------------
Update Information:
This blacklists lftp tool on HPUX. We deliver it only to provide an up-to-date
version string.
--------------------------------------------------------------------------------
================================================================================
perl-experimental-0.018-1.fc25 (FEDORA-2017-873701e2a9)
Experimental features made easy
--------------------------------------------------------------------------------
Update Information:
This release fixes execution when warnings are enabled.
--------------------------------------------------------------------------------
================================================================================
python-2.7.13-3.fc25 (FEDORA-2017-6be762ea64)
An interpreted, interactive, object-oriented programming language
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2017-1000158
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1519595 - CVE-2017-1000158 python: Integer overflow in PyString_DecodeEscape
results in heap-base buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1519595
--------------------------------------------------------------------------------
================================================================================
qt5-qtwebengine-5.9.3-1.fc25 (FEDORA-2017-9015553e3d)
Qt5 - QtWebEngine components
--------------------------------------------------------------------------------
Update Information:
An update of QtWebEngine to the security and bugfix release 5.9.3, including: *
Security fixes from Chromium up to version 62.0.3202.89. Including:
CVE-2017-5124, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129,
CVE-2017-5132, CVE-2017-5133, CVE-2017-15386, CVE-2017-15387, CVE-2017-15388,
CVE-2017-15390, CVE-2017-15392, CVE-2017-15394, CVE-2017-15396, CVE-2017-15398.
* QtWebEngineCore: [QTBUG-64032] Fix crash after resizing view to be empty. *
QtWebEngine[QML]: Fix loading some favicons including qt.io's *
QtWebEngineWidgets: [QTBUG-62147] Fix crash on shutdown if a QWebEngineProfile
was child of QApplication.
--------------------------------------------------------------------------------
================================================================================
redis-4.0.4-1.fc25 (FEDORA-2017-9c179d4157)
A persistent key-value database
--------------------------------------------------------------------------------
Update Information:
Upstream 4.0.4 release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1513594 - man pages in unexpected package
https://bugzilla.redhat.com/show_bug.cgi?id=1513594
[ 2 ] Bug #1515417 - file /usr/share/doc/redis is not owned by any package
https://bugzilla.redhat.com/show_bug.cgi?id=1515417
--------------------------------------------------------------------------------
================================================================================
rubygem-yard-0.8.7.6-4.fc25 (FEDORA-2017-ca05b30e86)
Documentation tool for consistent and usable documentation in Ruby
--------------------------------------------------------------------------------
Update Information:
Fix to directory traversal attacks (CVE-2017-17042).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1519065 - CVE-2017-17042 rubygem-yard: (lib/yard/core_ext/file.rb) is
vulnerable to directory traversal attacks
https://bugzilla.redhat.com/show_bug.cgi?id=1519065
--------------------------------------------------------------------------------
================================================================================
slick-greeter-1.1.3-1.fc25 (FEDORA-2017-c63a3ac4cf)
A slick-looking LightDM greeter
--------------------------------------------------------------------------------
Update Information:
- New upstream release - Match initial background color with default plymouth
theme - General cleanup
--------------------------------------------------------------------------------
================================================================================
spatialindex-1.8.5-8.fc25 (FEDORA-2017-2a1f3330d6)
Spatial index library
--------------------------------------------------------------------------------
Update Information:
Fix array allocation in Index_GetLeaves
https://github.com/libspatialindex/libspatialindex/pull/108
--------------------------------------------------------------------------------
================================================================================
thunderbird-52.5.0-1.fc25 (FEDORA-2017-e584e3c8a3)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream stable version.
--------------------------------------------------------------------------------
================================================================================
tio-1.27-1.fc25 (FEDORA-2017-755feb55d1)
Simple TTY terminal I/O application
--------------------------------------------------------------------------------
Update Information:
tio v1.27 ========= * Update man page * Add support for setting non-
standard baudrates * Support for non-standard baudrate settings will be
automatically enabled if the termios2 interface is detected available. However,
to play it safe, the old and widely supported termios interface will still be
used when setting standard baudrates. * Cleanup * Update AUTHORS tio v1.26
========= * Reconfigure stdin * Make stdin behave more raw'ish. In
particular, don't translate CR -> NL on input. * Add special character map
feature * Add a --map option which allows to map special characters, in
particular CR and NL characters which are used in various combinations on varios
platforms. * Cleanup * Update AUTHORS * Update README * Mention website
* Update man page
--------------------------------------------------------------------------------
================================================================================
torrent-file-editor-0.3.8-1.fc25 (FEDORA-2017-bf3dfc623b)
Qt based GUI tool designed to create and edit .torrent files
--------------------------------------------------------------------------------
Update Information:
Bump to v0.3.8
--------------------------------------------------------------------------------
================================================================================
unbound-1.6.7-1.fc25 (FEDORA-2017-0695fc434e)
Validating, recursive, and caching DNS(SEC) resolver
--------------------------------------------------------------------------------
Update Information:
Updated to 1.6.7 (minor bugfixes)
--------------------------------------------------------------------------------