The following Fedora 25 Security updates need testing:
Age URL
282
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25
181
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e
python-XStatic-jquery-ui-1.12.0.1-4.fc25
120
https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f
nodejs-brace-expansion-1.1.7-1.fc25
74
https://bodhi.fedoraproject.org/updates/FEDORA-2017-99c0118c0c
memcached-1.4.39-1.fc25
71
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4
docker-distribution-2.6.2-1.git48294d9.fc25
21
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e66393536
libwpd-0.10.2-1.fc25
16
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b97f9d82dc
libmspack-0.6-0.1.alpha.fc25
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-581be259ef
samba-4.5.14-0.fc25
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e3bf383b11
gnome-shell-3.22.3-2.fc25
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-01ab87482e
httpd-2.4.27-4.fc25
8
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f0f24bb2a9
chromium-61.0.3163.100-1.fc25
8
https://bodhi.fedoraproject.org/updates/FEDORA-2017-fc4a6bd3e9
poppler-0.45.0-6.fc25
8
https://bodhi.fedoraproject.org/updates/FEDORA-2017-66aa5d1d33 git-2.9.5-2.fc25
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2008fdd7e2
perl-5.24.3-389.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-66d9113c7a
ImageMagick-6.9.9.15-1.fc25 rubygem-rmagick-2.16.0-7.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2aa4d11993
openvpn-2.4.4-1.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2c933656a2
firefox-56.0-2.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-238961d86d
tor-0.2.9.12-1.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-89efe409a2
weechat-1.9.1-1.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-26a53ccbdf
WebCalendar-1.2.9-1.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ccb10391ad
mingw-poppler-0.45.0-4.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e5ac0896e
botan-1.10.17-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-515264ae24
dnsmasq-2.76-4.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9d345f250a
nagios-4.3.4-3.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-99bcbc7bef xen-4.7.3-6.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4dfebebd39 recode-3.6-43.fc25
The following Fedora 25 Critical Path updates have yet to be approved:
Age URL
125
https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25
28
https://bodhi.fedoraproject.org/updates/FEDORA-2017-504aeb74ba
rpcbind-0.2.4-7.rc2.fc25
24
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a44008dd1d
python-pysocks-1.6.7-1.fc25
22
https://bodhi.fedoraproject.org/updates/FEDORA-2017-27ed767ca1
upower-0.99.6-1.fc25
21
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2802f82ef1
webkitgtk4-2.18.0-1.fc25
16
https://bodhi.fedoraproject.org/updates/FEDORA-2017-235298fa58
python-cryptography-2.0.2-2.fc25 python-cryptography-vectors-2.0.2-1.fc25
16
https://bodhi.fedoraproject.org/updates/FEDORA-2017-31d7cd5eab
pyOpenSSL-16.2.0-2.fc25
16
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c8a36f37e audit-2.7.8-1.fc25
15
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d2803ce4f5
linux-firmware-20170828-77.gitb78acc9.fc25
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-103ec7f899 cups-2.2.0-10.fc25
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e3bf383b11
gnome-shell-3.22.3-2.fc25
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-581be259ef
samba-4.5.14-0.fc25
8
https://bodhi.fedoraproject.org/updates/FEDORA-2017-66aa5d1d33 git-2.9.5-2.fc25
8
https://bodhi.fedoraproject.org/updates/FEDORA-2017-fc4a6bd3e9
poppler-0.45.0-6.fc25
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b78dd48284
dbus-1.11.18-1.fc25
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2008fdd7e2
perl-5.24.3-389.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3fc5429e7e
iproute-4.12.0-1.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2c933656a2
firefox-56.0-2.fc25
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-eb81135947
menu-cache-1.0.2-7.D20170914git8c8534159d.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-655278f79b nspr-4.17.0-1.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-64612f6c45
vim-8.0.1171-1.fc25
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a45ef4d535
hwdata-0.305-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1391851bdb
vte291-0.46.3-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8d6667b0ae
sudo-1.8.21p2-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f36afbbe07
p11-kit-0.23.9-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ad5b0243eb
libguestfs-1.36.7-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0803060361 nss-3.33.0-1.0.fc25
nss-softokn-3.33.0-1.0.fc25 nss-util-3.33.0-1.0.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-5324f52b3d koji-1.14.0-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-99bcbc7bef xen-4.7.3-6.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9262ad1681
glusterfs-3.10.6-1.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-515264ae24
dnsmasq-2.76-4.fc25
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-00cfac3370
pungi-4.1.19-1.fc25
The following builds have been pushed to Fedora 25 updates-testing
aajohan-comfortaa-fonts-3.001-1.fc25
ansible-lint-3.4.16-1.fc25
ansible-review-0.13.4-1.fc25
bitlbee-facebook-1.1.2-2.fc25
botan-1.10.17-1.fc25
cobbler-2.8.2-1.fc25
copy-jdk-configs-3.2-1.fc25
crawl-0.20.1-5.fc25
cutter-1.2.6-1.fc25
dnsmasq-2.76-4.fc25
elementary-icon-theme-4.3.0-1.fc25
fuse-encfs-1.9.2-4.fc25
glusterfs-3.10.6-1.fc25
golang-github-cznic-mathutil-0-0.4.git53c7078.fc25
golang-github-klauspost-reedsolomon-1.6-1.fc25
golang-github-xeipuuv-gojsonschema-0-0.5.20171003git6b67b3f.fc25
ibus-typing-booster-1.5.34-1.fc25
inxi-2.3.40-1.fc25
java-1.8.0-openjdk-1.8.0.144-7.b01.fc25
koji-1.14.0-1.fc25
libcbor-0.5.0-1.fc25
libguestfs-1.36.7-1.fc25
libnuml-1.1.1-3.fc25
module-build-service-1.3.31-1.fc25
mozilla-lightbeam-2.0.1-2.fc25
nagios-4.3.4-3.fc25
netpbm-10.80.00-1.fc25
nss-3.33.0-1.0.fc25
nss-softokn-3.33.0-1.0.fc25
nss-util-3.33.0-1.0.fc25
odcs-0.0.8-1.fc25
opensips-1.11.11-1.fc25
otter-browser-0.9.91-0.1.rc1git4fbf638.fc25
p11-kit-0.23.9-1.fc25
petsc-3.7.7-5.fc25
php-aws-sdk3-3.36.20-1.fc25
php-bartlett-php-compatinfo-db-1.24.0-1.fc25
php-justinrainbow-json-schema5-5.2.2-1.fc25
php-justinrainbow-json-schema5-5.2.4-1.fc25
prosody-0.10.0-1.fc25
pungi-4.1.19-1.fc25
python-btchip-0.1.21-2.fc25
python-datanommer-models-0.8.2-1.fc25
python-django-picklefield-1.0.0-1.fc25
python-htmlmin-0.1.11-1.gitab91ff0.fc25
python-ptrace-0.9.3-1.fc25
python-pylons-sphinx-themes-1.0.6-1.fc25
python-pymssql-2.1.3-2.fc25
python-sync2jira-1.5-1.fc25
python-tabulate-0.8.1-1.fc25
python2-lxc-0.1-1.fc25
python3-bsddb3-6.2.5-1.fc25
qcad-3.18.1.0-1.fc25
rebase-helper-0.11.0-1.fc25
recode-3.6-43.fc25
rho-0.0.28-2.fc25
scidavis-1.21-6.fc25
sudo-1.8.21p2-1.fc25
switchboard-plug-notifications-0.1.3-1.fc25
thunderbird-enigmail-1.9.8.3-1.fc25
tracer-0.6.13.1-2.fc25
udiskie-1.7.1-1.fc25
unbound-1.6.6-2.fc25
vte291-0.46.3-1.fc25
wingpanel-indicator-notifications-2.0.3-1.fc25
xen-4.7.3-6.fc25
Details about builds:
================================================================================
aajohan-comfortaa-fonts-3.001-1.fc25 (FEDORA-2017-08d7a908ba)
Modern style true type font
--------------------------------------------------------------------------------
Update Information:
Update to 3.001
--------------------------------------------------------------------------------
================================================================================
ansible-lint-3.4.16-1.fc25 (FEDORA-2017-41bdbed484)
Best practices checker for Ansible
--------------------------------------------------------------------------------
Update Information:
Update to 3.4.16 version (#1497872)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1497872 - ansible-lint-3.4.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1497872
--------------------------------------------------------------------------------
================================================================================
ansible-review-0.13.4-1.fc25 (FEDORA-2017-2c74ce06ce)
Reviews Ansible playbooks, roles and inventory and suggests improvements
--------------------------------------------------------------------------------
Update Information:
Upstream bug fix release 0.13.4:
https://github.com/willthames/ansible-
review/blob/master/CHANGELOG.md#0134 Compatibility fix for Ansible 2.4.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1449205 - ansible-review-0.13.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1449205
--------------------------------------------------------------------------------
================================================================================
bitlbee-facebook-1.1.2-2.fc25 (FEDORA-2017-efd24a03d2)
Facebook protocol plugin for BitlBee
--------------------------------------------------------------------------------
Update Information:
The Facebook protocol plugin for BitlBee. This plugin uses the Facebook Mobile
API.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1290235 - Review Request: bitlbee-facebook - Facebook protocol plugin for
BitlBee
https://bugzilla.redhat.com/show_bug.cgi?id=1290235
--------------------------------------------------------------------------------
================================================================================
botan-1.10.17-1.fc25 (FEDORA-2017-7e5ac0896e)
Crypto library written in C++
--------------------------------------------------------------------------------
Update Information:
#### Version 1.10.17, 2017-10-02 #### * Address a side channel affecting
modular exponentiation. An attacker capable of a local or cross-VM cache
analysis attack may be able to recover bits of secret exponents as used in RSA,
DH, etc. (CVE-2017-14737) * Workaround a miscompilation bug in GCC 7 on x86-32
affecting GOST-34.11 hash function. [GH
#1192](https://github.com/randombit/botan/issues/1192) [GH
#1148](https://github.com/randombit/botan/issues/1148) [GH
#882](https://github.com/randombit/botan/issues/882) * Add SecureVector::data()
function which returns the start of the buffer. This makes it slightly simpler
to support both 1.10 and 2.x APIs in the same codebase. * When compiled by a
C++11 (or later) compiler, a template typedef of SecureVector, secure_vector, is
added. In 2.x this class is a std::vector with a custom allocator, so has a
somewhat different interface than SecureVector in 1.10. But this makes it
slightly simpler to support both 1.10 and 2.x APIs in the same codebase. * Fix a
bug that prevented `configure.py` from running under Python3 * Botan 1.10.x does
not support the OpenSSL 1.1 API. Now the build will #error if OpenSSL 1.1 is
detected. Avoid ���with-openssl if compiling against 1.1 or later. [GH
#753](https://github.com/randombit/botan/issues/753) * Import patches from
Debian adding basic support for building on aarch64, ppc64le, or1k, and mipsn32
platforms. #### Version 1.10.16, 2017-04-04 #### * Fix a bug in X509 DN string
comparisons that could result in out of bound reads. This could result in
information leakage, denial of service, or potentially incorrect certificate
validation results. (CVE-2017-2801) * Avoid throwing during a destructor since
this is undefined in C++11 and rarely a good idea. [GH
#930](https://github.com/randombit/botan/issues/930) #### Version 1.10.15,
2017-01-12 #### * Fix a bug causing modular exponentiations done modulo even
numbers to almost always be incorrect, unless the values were small. This bug is
not known to affect any cryptographic operation in Botan. [GH
#754](https://github.com/randombit/botan/issues/754) * Avoid use of C++11
std::to_string in some code added in 1.10.14 [GH
#747](https://github.com/randombit/botan/issues/747) [GH
#834](https://github.com/randombit/botan/issues/834)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1441126 - CVE-2017-2801 botan: Incorrect comparison in X.509 DN strings
https://bugzilla.redhat.com/show_bug.cgi?id=1441126
[ 2 ] Bug #1496368 - CVE-2017-14737 botan: cryptographic cache-based side channel in the
RSA implementation
https://bugzilla.redhat.com/show_bug.cgi?id=1496368
--------------------------------------------------------------------------------
================================================================================
cobbler-2.8.2-1.fc25 (FEDORA-2017-32c70d794d)
Boot server configurator
--------------------------------------------------------------------------------
Update Information:
Update to 2.8.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1492440 - cobbler-2.8.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1492440
--------------------------------------------------------------------------------
================================================================================
copy-jdk-configs-3.2-1.fc25 (FEDORA-2017-5deea075bf)
JDKs configuration files copier
--------------------------------------------------------------------------------
Update Information:
moved to newest release 3.1 whcih conf and lib/security as directories
--------------------------------------------------------------------------------
================================================================================
crawl-0.20.1-5.fc25 (FEDORA-2017-256e589853)
Roguelike dungeon exploration game
--------------------------------------------------------------------------------
Update Information:
- Move doc files into /usr/share/crawl/docs (bz#1498448) - Install manpage
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1498448 - Game cannot find the docs folder.
https://bugzilla.redhat.com/show_bug.cgi?id=1498448
--------------------------------------------------------------------------------
================================================================================
cutter-1.2.6-1.fc25 (FEDORA-2017-94afec60be)
Unit Testing Framework for C/C++
--------------------------------------------------------------------------------
Update Information:
See
http://cutter.sourceforge.net/reference/news.html#news.release-1-2-6
--------------------------------------------------------------------------------
================================================================================
dnsmasq-2.76-4.fc25 (FEDORA-2017-515264ae24)
A lightweight DHCP/caching DNS server
--------------------------------------------------------------------------------
Update Information:
CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495
CVE-2017-14496
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1495409 - CVE-2017-14491 dnsmasq: heap overflow in the code responsible for
building DNS replies
https://bugzilla.redhat.com/show_bug.cgi?id=1495409
[ 2 ] Bug #1495410 - CVE-2017-14492 dnsmasq: heap overflow in the IPv6 router
advertisement code
https://bugzilla.redhat.com/show_bug.cgi?id=1495410
[ 3 ] Bug #1495411 - CVE-2017-14493 dnsmasq: stack buffer overflow in the DHCPv6 code
https://bugzilla.redhat.com/show_bug.cgi?id=1495411
[ 4 ] Bug #1495412 - CVE-2017-14494 dnsmasq: information leak in the DHCPv6 relay code
https://bugzilla.redhat.com/show_bug.cgi?id=1495412
[ 5 ] Bug #1495415 - CVE-2017-14495 dnsmasq: memory exhaustion vulnerability in the
EDNS0 code
https://bugzilla.redhat.com/show_bug.cgi?id=1495415
[ 6 ] Bug #1495416 - CVE-2017-14496 dnsmasq: integer underflow leading to buffer
over-read in the EDNS0 code
https://bugzilla.redhat.com/show_bug.cgi?id=1495416
--------------------------------------------------------------------------------
================================================================================
elementary-icon-theme-4.3.0-1.fc25 (FEDORA-2017-dd0db0678d)
Icons from the Elementary Project
--------------------------------------------------------------------------------
Update Information:
Update to version 4.3.0. More information:
https://github.com/elementary/icons/issues?q=is%3Aclosed+milestone%3A4.3.0
--------------------------------------------------------------------------------
================================================================================
fuse-encfs-1.9.2-4.fc25 (FEDORA-2017-6867f16795)
Encrypted pass-thru filesystem in userspace
--------------------------------------------------------------------------------
Update Information:
Bugfix RHBZ #1487354.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1487354 - fuse-encfs-1.9.2-3.el7 causes trouble with dovecot: ... UNIX perms
appear ok (ACL/MAC wrong?))
https://bugzilla.redhat.com/show_bug.cgi?id=1487354
--------------------------------------------------------------------------------
================================================================================
glusterfs-3.10.6-1.fc25 (FEDORA-2017-9262ad1681)
Distributed File System
--------------------------------------------------------------------------------
Update Information:
3.10.6 GA
--------------------------------------------------------------------------------
================================================================================
golang-github-cznic-mathutil-0-0.4.git53c7078.fc25 (FEDORA-2017-984673f573)
Supplemental utilities for Go's rand and math packages
--------------------------------------------------------------------------------
Update Information:
Bump to commit 53c7078. This snapshot adds support for a "clamp" operation,
with no other changes.
--------------------------------------------------------------------------------
================================================================================
golang-github-klauspost-reedsolomon-1.6-1.fc25 (FEDORA-2017-6f95ca2e39)
Reed-Solomon Erasure Coding in Go
--------------------------------------------------------------------------------
Update Information:
Update to version 1.6. This release introduces experimental support for Cauchy-
type matrices, and subtly breaks API in two functions.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1497674 - golang-github-klauspost-reedsolomon-v1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1497674
--------------------------------------------------------------------------------
================================================================================
golang-github-xeipuuv-gojsonschema-0-0.5.20171003git6b67b3f.fc25
(FEDORA-2017-8c926b2a76)
An implementation of JSON Schema, draft v4
--------------------------------------------------------------------------------
Update Information:
Bump to upstream 6b67b3fab74d992bd07f72550006ab2c6907c416
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1493960 - Please update the package to a more recent version
https://bugzilla.redhat.com/show_bug.cgi?id=1493960
[ 2 ] Bug #1498057 - Tracker for golang-github-xeipuuv-gojsonschema
https://bugzilla.redhat.com/show_bug.cgi?id=1498057
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-1.5.34-1.fc25 (FEDORA-2017-e568186ff0)
A completion input method
--------------------------------------------------------------------------------
Update Information:
update to 1.5.34; Add an option whether to use pango font fallback to emoji-
picker
--------------------------------------------------------------------------------
================================================================================
inxi-2.3.40-1.fc25 (FEDORA-2017-be8354be3d)
A full featured system information script
--------------------------------------------------------------------------------
Update Information:
Update to 2.3.40.
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-1.8.0.144-7.b01.fc25 (FEDORA-2017-0f7a465b9a)
OpenJDK Runtime Environment
--------------------------------------------------------------------------------
Update Information:
updated to aarch64-shenandoah-jdk8u144-b02-shenandoah-merge-2017-10-02 (from
aarch64-port/jdk8u-shenandoah) of hotspot
--------------------------------------------------------------------------------
================================================================================
koji-1.14.0-1.fc25 (FEDORA-2017-5324f52b3d)
Build system tools
--------------------------------------------------------------------------------
Update Information:
update to upstream 1.14.0
--------------------------------------------------------------------------------
================================================================================
libcbor-0.5.0-1.fc25 (FEDORA-2017-dc391a2c53)
A CBOR parsing library
--------------------------------------------------------------------------------
Update Information:
Init package.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1474694 - Review Request: libcbor - C library for parsing and generating
CBOR
https://bugzilla.redhat.com/show_bug.cgi?id=1474694
--------------------------------------------------------------------------------
================================================================================
libguestfs-1.36.7-1.fc25 (FEDORA-2017-ad5b0243eb)
Access and modify virtual machine disk images
--------------------------------------------------------------------------------
Update Information:
New upstream version 1.36.7.
--------------------------------------------------------------------------------
================================================================================
libnuml-1.1.1-3.fc25 (FEDORA-2017-ed3377a3d0)
Numerical Markup Language
--------------------------------------------------------------------------------
Update Information:
- Created a static sub-package ---- - New package bz#1496885
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1496885 - Review Request: libnuml - Numerical Markup Language
https://bugzilla.redhat.com/show_bug.cgi?id=1496885
--------------------------------------------------------------------------------
================================================================================
module-build-service-1.3.31-1.fc25 (FEDORA-2017-693301db67)
The Module Build Service for Modularity
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.31 ---- Latest upstream. ---- Some fixes: -
https://pagure.io
/fm-orchestrator/pull-request/698 -
https://pagure.io/fm-orchestrator/pull-
request/697 -
https://pagure.io/fm-orchestrator/pull-request/693 -
https://pagure.io/fm-orchestrator/pull-request/692 -
https://pagure.io/fm-
orchestrator/pull-request/691 ---- Latest upstream. - Optional Kerberos +
LDAP Authentication for the server. - Correct "filtering" at build time:
conflict with packages filtered out from the build-requires to ensure they won't
appear in a buildroot. - Wait for components to be tagged also in final tag
before marking module as done. This should fix an issue for the F27 compose. -
Local mock builds no longer hardcode`x86_64` for architecture. ---- Latest
upstream. ---- Backport patches to fix skiptests behavior
--------------------------------------------------------------------------------
================================================================================
mozilla-lightbeam-2.0.1-2.fc25 (FEDORA-2017-f79fbafc97)
An add-on for visualizing HTTP requests between websites in real time
--------------------------------------------------------------------------------
Update Information:
Latest upstream release, rewritten as [
WebExtension](https://support.mozilla.org
/en-US/kb/firefox-add-technology-modernizing) to take advantage of the latest
Firefox shipped in all Fedora releases. Symlink for SeaMonkey is no longer
shipped as it doesn't support WebExtensions. However, Lightbeam never worked in
SeaMonkey, so there's no loss.
--------------------------------------------------------------------------------
================================================================================
nagios-4.3.4-3.fc25 (FEDORA-2017-9d345f250a)
Host/service/network monitoring program
--------------------------------------------------------------------------------
Update Information:
Try to fix error on update with systemctl
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1490859 - CVE-2017-14312 nagios: Incorrect file permissions leading to
possible privilege escalation [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1490859
--------------------------------------------------------------------------------
================================================================================
netpbm-10.80.00-1.fc25 (FEDORA-2017-b72f6be2bf)
A library for handling different graphics file formats
--------------------------------------------------------------------------------
Update Information:
New upstream release 10.80.00
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1496797 - netpbm-10.80.00 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1496797
--------------------------------------------------------------------------------
================================================================================
nss-3.33.0-1.0.fc25 (FEDORA-2017-0803060361)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Updates the nss family of packages to upstream NSS 3.33. For details about new
functionality and a list of bugs fixed in this release please see the upstream
release notes
https://developer.mozilla.org/en-
US/docs/Mozilla/Projects/NSS/NSS_3.33_release_notes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1493535 - nss-3.33 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1493535
--------------------------------------------------------------------------------
================================================================================
nss-softokn-3.33.0-1.0.fc25 (FEDORA-2017-0803060361)
Network Security Services Softoken Module
--------------------------------------------------------------------------------
Update Information:
Updates the nss family of packages to upstream NSS 3.33. For details about new
functionality and a list of bugs fixed in this release please see the upstream
release notes
https://developer.mozilla.org/en-
US/docs/Mozilla/Projects/NSS/NSS_3.33_release_notes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1493535 - nss-3.33 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1493535
--------------------------------------------------------------------------------
================================================================================
nss-util-3.33.0-1.0.fc25 (FEDORA-2017-0803060361)
Network Security Services Utilities Library
--------------------------------------------------------------------------------
Update Information:
Updates the nss family of packages to upstream NSS 3.33. For details about new
functionality and a list of bugs fixed in this release please see the upstream
release notes
https://developer.mozilla.org/en-
US/docs/Mozilla/Projects/NSS/NSS_3.33_release_notes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1493535 - nss-3.33 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1493535
--------------------------------------------------------------------------------
================================================================================
odcs-0.0.8-1.fc25 (FEDORA-2017-bf1e318cac)
The On Demand Compose Service
--------------------------------------------------------------------------------
Update Information:
Latest upstream. ---- Now with fedmsg support. ---- Latest upstream.
--------------------------------------------------------------------------------
================================================================================
opensips-1.11.11-1.fc25 (FEDORA-2017-9307d17aa4)
Open Source SIP Server
--------------------------------------------------------------------------------
Update Information:
* Ver. 1.11.11
--------------------------------------------------------------------------------
================================================================================
otter-browser-0.9.91-0.1.rc1git4fbf638.fc25 (FEDORA-2017-eca092fb80)
Web browser controlled by the user, not vice-versa
--------------------------------------------------------------------------------
Update Information:
Update to 0.9.91-0.1.rc1git4fbf638 ---- - Update to
0.9.12-0.6.beta12gitb195b9a - Add BR qt5-qtsvg-devel
--------------------------------------------------------------------------------
================================================================================
p11-kit-0.23.9-1.fc25 (FEDORA-2017-f36afbbe07)
Library for loading and sharing PKCS#11 modules
--------------------------------------------------------------------------------
Update Information:
- Update to upstream 0.23.9 release
--------------------------------------------------------------------------------
================================================================================
petsc-3.7.7-5.fc25 (FEDORA-2017-57bdf25209)
Portable Extensible Toolkit for Scientific Computation
--------------------------------------------------------------------------------
Update Information:
- Enable mpiuni-fortran-binding on MPI builds - Exclude MPI builds on s390x
(missing dependencies) - Unset default compiler flags when tests are built
---- - Update to 3.7.7 - Move petscvariables/petscrules under a private
directory of libdir
--------------------------------------------------------------------------------
================================================================================
php-aws-sdk3-3.36.20-1.fc25 (FEDORA-2017-267612560f)
Amazon Web Services framework for PHP
--------------------------------------------------------------------------------
Update Information:
## 3.36.20 - 2017-10-04 * `Aws\` - Optionally preserve CommandPool keys during
generation * `Aws\KinesisAnalytics` - Kinesis Analytics now supports schema
discovery on objects in S3. Additionally, Kinesis Analytics now supports input
data preprocessing through Lambda. * `Aws\Route53Domains` - Added a new API that
checks whether a domain name can be transferred to Amazon Route 53. ## 3.36.19
- 2017-10-03 * `Aws\EC2` - This release includes service updates to AWS VPN. *
`Aws\SSM` - EC2 Systems Manager support for tagging SSM Documents. Also support
for tag-based permissions to restrict access to SSM Documents based on these
tags. ## 3.36.18 - 2017-10-02 * `Aws\CloudHSM` - Documentation updates for
CloudHSM ## 3.36.17 - 2017-09-29 * `Aws\AppStream` - Includes APIs for
managing and accessing image builders, and deleting images. * `Aws\CodeBuild` -
Adding support for Building GitHub Pull Requests in AWS CodeBuild * `Aws\MTurk`
- Today, Amazon Mechanical Turk (MTurk) supports SQS Notifications being
delivered to Customers' SQS queues when different stages of the MTurk workflow
are complete. We are going to create new functionality so that Customers can
leverage SNS topics as a destination for notification messages when various
stages of the MTurk workflow are complete. * `Aws\Organizations` - This release
flags the HandshakeParty structure's Type and Id fields as 'required'. They
effectively were required in the past, as you received an error if you did not
include them. This is now reflected at the API definition level. *
`Aws\Route53` - This change allows customers to reset elements of health check.
* `Aws\rds` - Introduce DBSnapshotAvailable and DBSnapshotDeleted waiters for
DBSnapshot ## 3.36.16 - 2017-09-27 * `Aws\Pinpoint` - Added two new push
notification channels: Amazon Device Messaging (ADM) and, for push notification
support in China, Baidu Cloud Push. Added support for APNs auth via .p8 key
file. Added operation for direct message deliveries to user IDs, enabling you to
message an individual user on multiple endpoints. ## 3.36.15 - 2017-09-26 *
`Aws\CloudFormation` - You can now prevent a stack from being accidentally
deleted by enabling termination protection on the stack. If you attempt to
delete a stack with termination protection enabled, the deletion fails and the
stack, including its status, remains unchanged. You can enable termination
protection on a stack when you create it. Termination protection on stacks is
disabled by default. After creation, you can set termination protection on a
stack whose status is CREATE_COMPLETE, UPDATE_COMPLETE, or
UPDATE_ROLLBACK_COMPLETE. ## 3.36.14 - 2017-09-22 * `Aws\ConfigService` - AWS
Config support for DynamoDB tables and Auto Scaling resource types * `Aws\ECS` -
Amazon ECS users can now add and drop Linux capabilities to their containers
through the use of docker's cap-add and cap-drop features. Customers can specify
the capabilities they wish to add or drop for each container in their task
definition. * `Aws\RDS` - Documentation updates for rds ## 3.36.13 -
2017-09-21 * `Aws\Budgets` - Including "DuplicateRecordException" in
UpdateNotification and UpdateSubscriber. * `Aws\CloudWatchLogs` - Adds support
for associating LogGroups with KMS Keys. * `Aws\EC2` - Add EC2 APIs to copy
Amazon FPGA Images (AFIs) within the same region and across multiple regions,
delete AFIs, and modify AFI attributes. AFI attributes include name, description
and granting/denying other AWS accounts to load the AFI. ## 3.36.12 -
2017-09-20 * `Aws\AppStream` - API updates for supporting On-Demand fleets. *
`Aws\CodePipeline` - This change includes a PipelineMetadata object that is part
of the output from the GetPipeline API that includes the Pipeline ARN, created,
and updated timestamp. * `Aws\Greengrass` - Reset Deployments feature allows you
to clean-up the cloud resource so you can delete the group. It also cleans up
the core so that it goes back to the pre-deployment state. * `Aws\Greengrass` -
AWS Greengrass is now available in the Asia Pacific (Tokyo) region, ap-
northeast-1. * `Aws\LexRuntimeService` - Request attributes can be used to pass
client specific information from the client to Amazon Lex as part of each
request. * `Aws\RDS` - Introduces the --option-group-name parameter to the
ModifyDBSnapshot CLI command. You can specify this parameter when you upgrade an
Oracle DB snapshot. The same option group considerations apply when upgrading a
DB snapshot as when upgrading a DB instance. For more information, see
http://do
cs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Oracl...
USER_UpgradeDBInstance.Oracle.OGPG.OG ## 3.36.11 - 2017-09-19 * `Aws\EC2` -
Fixed bug in EC2 clients preventing ElasticGpuSet from being set. ## 3.36.10 -
2017-09-18 * `Aws\EC2` - Amazon EC2 now lets you opt for Spot instances to be
stopped in the event of an interruption instead of being terminated. Your Spot
request can be fulfilled again by restarting instances from a previously stopped
state, subject to availability of capacity at or below your preferred price.
When you submit a persistent Spot request, you can choose from "terminate" or
"stop" as the instance interruption behavior. Choosing "stop" will
shutdown your
Spot instances so you can continue from this stopped state later on. This
feature is only available for instances with Amazon EBS volume as their root
device. * `Aws\IAM` - A new API, DeleteServiceLinkedRole, submits a service-
linked role deletion request and returns a DeletionTaskId, which you can use to
check the status of the deletion. * `Aws\SES` - Amazon Simple Email Service
(Amazon SES) now lets you customize the domains used for tracking open and click
events. Previously, open and click tracking links referred to destinations
hosted on domains operated by Amazon SES. With this feature, you can use your
own branded domains for capturing open and click events. ## 3.36.9 - 2017-09-15
* `Aws\APIGateway` - Add a new enum "REQUEST" to '--type <value>'
field in the
current create-authorizer API, and make "identitySource" optional. ## 3.36.8 -
2017-09-14 * `Aws\CodeBuild` - Supporting Parameter Store in environment
variables for AWS CodeBuild * `Aws\Organizations` - Documentation updates for
AWS Organizations * `Aws\ServiceCatalog` - This release of Service Catalog adds
API support to copy products. ## 3.36.7 - 2017-09-13 * `Aws\AutoScaling` -
Customers can create Life Cycle Hooks at the time of creating Auto Scaling
Groups through the CreateAutoScalingGroup API * `Aws\Batch` - Documentation
updates for batch * `Aws\CloudWatchEvents` - Exposes
ConcurrentModificationException as one of the valid exceptions for PutPermission
and RemovePermission operation. * `Aws\EC2` - You are now able to create and
launch EC2 x1e.32xlarge instance, a new EC2 instance in the X1 family, in us-
east-1, us-west-2, eu-west-1, and ap-northeast-1. x1e.32xlarge offers 128 vCPUs,
3,904 GiB of DDR4 instance memory, high memory bandwidth, large L3 caches, and
leading reliability capabilities to boost the performance and reliability of in-
memory applications. ## 3.36.6 - 2017-09-12 * `Aws\EC2` - Fixed bug in EC2
clients preventing HostOfferingSet from being set ## 3.36.5 - 2017-09-11 *
`Aws\DeviceFarm` - DeviceFarm has added support for two features -
RemoteDebugging and Customer Artifacts. Customers can now do remote Debugging on
their Private Devices and can now retrieve custom files generated by their tests
on the device and the device host (execution environment) on both public and
private devices. ## 3.36.4 - 2017-09-08 * `Aws\CloudWatchLogs` - Adds support
for the PutResourcePolicy, DescribeResourcePolicy and DeleteResourcePolicy APIs.
## 3.36.3 - 2017-09-07 * `Aws\ApplicationAutoScaling` - Documentation updates
for application-autoscaling * `Aws\EC2` - With Tagging support, you can add Key
and Value metadata to search, filter and organize your NAT Gateways according to
your organization's needs. * `Aws\ElasticLoadBalancingv2` - The feature enables
the new Network Load Balancer that is optimized to handle volatile traffic
patterns while using a single static IP address per Availability Zone. Network
Load Balancer operates at the connection level (Layer 4), routing connections to
Amazon EC2 instances and containers, within Amazon Virtual Private Cloud (Amazon
VPC) based on IP protocol data. * `Aws\LexModelBuildingService` - Amazon Lex
provides the ability to export your Amazon Lex chatbot definition as a JSON file
that can be added to the target platform. The JSON configuration file contains
the structure of your Amazon Lex chatbot, including the intent schema with
utterances, slots, prompts and slot-types. * `Aws\Route53` - You can configure
Amazon Route 53 to log information about the DNS queries that Amazon Route 53
receives for your domains and subdomains. When you configure query logging,
Amazon Route 53 starts to send logs to CloudWatch Logs. You can use various
tools, including the AWS console, to access the query logs. ## 3.36.2 -
2017-09-06 * `Aws\Budgets` - Add an optional "thresholdType" to notifications
to support percentage or absolute value thresholds. ## 3.36.1 - 2017-09-05 *
`Aws\CodeStar` - Added support to tag CodeStar projects. Tags can be used to
organize and find CodeStar projects on key-value pairs that you can choose. For
example, you could add a tag with a key of "Release" and a value of
"Beta" to
projects your organization is working on for an upcoming beta release. ##
3.36.0 - 2017-09-01 * `Aws\GameLift` - GameLift VPC resources can be peered
with any other AWS VPC. R4 memory-optimized instances now available to deploy. *
`Aws\Mobile` - AWS Mobile Hub is an integrated experience designed to help
developers build, test, configure and release cloud-based applications for
mobile devices using Amazon Web Services. AWS Mobile Hub provides a console and
API for developers, allowing them to quickly select desired features and
integrate them into mobile applications. Features include NoSQL Database, Cloud
Logic, Messaging and Analytics. With AWS Mobile Hub, you pay only for the
underlying services that Mobile Hub provisions based on the features you choose
in the Mobile Hub console. * `Aws\SSM` - Adding KMS encryption support to SSM
Inventory Resource Data Sync. Exposes the ClientToken parameter on SSM
StartAutomationExecution to provide idempotent execution requests. ## 3.35.3 -
2017-08-31 * `Aws\CodeBuild` - The AWS CodeBuild HTTP API now provides the
BatchDeleteBuilds operation, which enables you to delete existing builds. *
`Aws\EC2` - Descriptions for Security Group Rules enables customers to be able
to define a description for ingress and egress security group rules . The
Descriptions for Security Group Rules feature supports one description field per
Security Group rule for both ingress and egress rules . Descriptions for
Security Group Rules provides a simple way to describe the purpose or function
of a Security Group Rule allowing for easier customer identification of
configuration elements . Prior to the release of Descriptions for Security Group
Rules , customers had to maintain a separate system outside of AWS if they
wanted to track Security Group Rule mapping and their purpose for being
implemented. If a security group rule has already been created and you would
like to update or change your description for that security group rule you can
use the UpdateSecurityGroupRuleDescription API. * `Aws\ElasticLoadBalancingv2` -
This change now allows Application Load Balancers to distribute traffic to AWS
resources using their IP addresses as targets in addition to the instance IDs.
You can also load balance to resources outside the VPC hosting the load balancer
using their IP addresses as targets. This includes resources in peered VPCs,
EC2-Classic, and on-premises locations reachable over AWS Direct Connect or a
VPN connection. * `Aws\LexModelBuildingService` - Amazon Lex now supports
synonyms for slot type values. If the user inputs a synonym, it will be resolved
to the corresponding slot value. ## 3.35.2 - 2017-08-30 *
`Aws\ApplicationAutoScaling` - Application Auto Scaling now supports the
DisableScaleIn option for Target Tracking Scaling Policies. This allows
customers to create scaling policies that will only add capacity to the target.
* `Aws\Organizations` - The exception ConstraintViolationException now contains
a new reason subcode MASTERACCOUNT_MISSING_CONTACT_INFO to make it easier to
understand why attempting to remove an account from an Organization can fail. We
also improved several other of the text descriptions and examples. ## 3.35.1 -
2017-08-29 * `Aws\ConfigService` - Increased the internal size limit of
resourceId * `Aws\EC2` - Provides capability to add secondary CIDR blocks to a
VPC. ## 3.35.0 - 2017-08-25 * `Aws\` - Update CloudHSM smoke tests to
CloudHSMV2 * `Aws\CloudFormation` - Rollback triggers enable you to have AWS
CloudFormation monitor the state of your application during stack creation and
updating, and to roll back that operation if the application breaches the
threshold of any of the alarms you've specified. * `Aws\GameLift` - Update
spelling of MatchmakingTicket status values for internal consistency. *
`Aws\RDS` - Option group options now contain additional properties that identify
requirements for certain options. Check these properties to determine if your DB
instance must be in a VPC or have auto minor upgrade turned on before you can
use an option. Check to see if you can downgrade the version of an option after
you have installed it. ## 3.34.2 - 2017-08-24 * `Aws\Rekognition` - Update the
enum value of LandmarkType and GenderType to be consistent with service response
## 3.34.1 - 2017-08-23 * `Aws\AppStream` - Documentation updates for appstream
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1484590 - php-aws-sdk3-3.36.20 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1484590
--------------------------------------------------------------------------------
================================================================================
php-bartlett-php-compatinfo-db-1.24.0-1.fc25 (FEDORA-2017-331e70c9f2)
Reference Database to be used with php-compatinfo library
--------------------------------------------------------------------------------
Update Information:
**Version 1.24.0** - 2017-10-02 - Support to PHP 7.1.10 - Support to PHP 7.0.24
- Xdebug reference updated to version 2.5.5 (stable)
--------------------------------------------------------------------------------
================================================================================
php-justinrainbow-json-schema5-5.2.2-1.fc25 (FEDORA-2017-aeff4883a4)
A library to validate a json schema
--------------------------------------------------------------------------------
Update Information:
**Version 5.2.2** * 431 Backports for 5.2.2 (Part 1) * 425 (bugfix for #424
- make uri splitting reversable) * 429 (adjust hhvm platform for Travis,
remove phpdocumentor dependency) * 432 Added property name in draft-3 required
error * 433 Backports for 5.2.2 (Part 2) * 432 (fix missing property in
boolean required error) * 450 Backports for 5.2.2 (Part 3) * 449 (Update
config for php-cs-fixer & travis) * 448 (add proper recursive handling for
$ref - fixes #447)
--------------------------------------------------------------------------------
================================================================================
php-justinrainbow-json-schema5-5.2.4-1.fc25 (FEDORA-2017-b9ff670d6f)
A library to validate a json schema
--------------------------------------------------------------------------------
Update Information:
**Version 5.2.4** * Fresh tag to rectify 5.2.3 mistag. ----- **Version
5.2.3** * 453 Backports for 5.2.3 * 452 (bugfix for id double-resolution
introduced in 5.2.2)
--------------------------------------------------------------------------------
================================================================================
prosody-0.10.0-1.fc25 (FEDORA-2017-67586e4471)
Flexible communications server for Jabber/XMPP
--------------------------------------------------------------------------------
Update Information:
Prosody 0.10.0 ============== See upstream's blog post at
https://blog.prosody.im/prosody-0-10-0-released/ for a full overview of the
release features. * Rewritten SQL storage module with archive support *
SCRAM-SHA-1-PLUS * prosodyctl check * Statistics * Improved TLS
configuration * Lua 5.2 support * mod_blocklist (XEP-0191) * mod_carbons
(XEP-0280) * Pluggable connection timeout handling * mod_websocket (RFC
7395) * mod_mam (XEP-0313) Please also read the upgrade notes at
https://prosody.im/doc/release/0.10.0#upgrade_notes for some specific corner
cases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1497877 - prosody-0.10.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1497877
--------------------------------------------------------------------------------
================================================================================
pungi-4.1.19-1.fc25 (FEDORA-2017-00cfac3370)
Distribution compose tool
--------------------------------------------------------------------------------
Update Information:
* Solving dependencies can now be profiled for better insight into which part
takes longest. * DNF backend for solving dependencies now correctly reports
unsatisfiable requirements. * Logs contain timezone information. * The
filter_packages option now no longer applies to lookaside repositories. * Delta
RPMs are no longer created for source and debuginfo repositories. It's also
possible to select only some variants or architectures that should get deltas. *
Ostree installer can now be created only in an empty variant, which avoid
overwriting files generated for netinst. * Multiple image builds in a single
variant now no longer overwrite the same configuration file. * When lorax fails
(but generates some files anyway), Pungi does not copy these files into the
compose anymore as they are likely broken.
--------------------------------------------------------------------------------
================================================================================
python-btchip-0.1.21-2.fc25 (FEDORA-2017-77036fea3b)
Python communication library for Ledger Hardware Wallet products
--------------------------------------------------------------------------------
Update Information:
Update to 0.1.21
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1492439 - python-btchip-0.1.21 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1492439
--------------------------------------------------------------------------------
================================================================================
python-datanommer-models-0.8.2-1.fc25 (FEDORA-2017-c23a8d3225)
SQLAlchemy models for datanommer
--------------------------------------------------------------------------------
Update Information:
One change: -
https://github.com/fedora-infra/datanommer/pull/96
--------------------------------------------------------------------------------
================================================================================
python-django-picklefield-1.0.0-1.fc25 (FEDORA-2017-827ef4a457)
A pickled object field for Django
--------------------------------------------------------------------------------
Update Information:
New package
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1370644 - Review Request: python-django-picklefield - A pickled object field
for Django
https://bugzilla.redhat.com/show_bug.cgi?id=1370644
--------------------------------------------------------------------------------
================================================================================
python-htmlmin-0.1.11-1.gitab91ff0.fc25 (FEDORA-2017-586ca2abfe)
HTML Minifier
--------------------------------------------------------------------------------
Update Information:
Update to 0.1.11
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1497488 - python-htmlmin-0.1.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1497488
--------------------------------------------------------------------------------
================================================================================
python-ptrace-0.9.3-1.fc25 (FEDORA-2017-5893bac0eb)
Debugger using ptrace written in Python
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release python-ptrace 0.9.3.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1493127 - python-ptrace-0.9.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1493127
--------------------------------------------------------------------------------
================================================================================
python-pylons-sphinx-themes-1.0.6-1.fc25 (FEDORA-2017-b21b700263)
Sphinx themes for projects under the Pylons Project
--------------------------------------------------------------------------------
Update Information:
Initial release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1497330 - Review Request: python-pylons-sphinx-themes - Sphinx themes for
projects under the Pylons Project
https://bugzilla.redhat.com/show_bug.cgi?id=1497330
--------------------------------------------------------------------------------
================================================================================
python-pymssql-2.1.3-2.fc25 (FEDORA-2017-270b908688)
DB-API interface to Microsoft SQL Server
--------------------------------------------------------------------------------
Update Information:
This package provides a simple database interface for Python that builds on top
of FreeTDS to provide a Python DB-API interface to Microsoft SQL Server.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1498472 - Review Request: python-pymssql - DB-API interface to Microsoft SQL
Server
https://bugzilla.redhat.com/show_bug.cgi?id=1498472
--------------------------------------------------------------------------------
================================================================================
python-sync2jira-1.5-1.fc25 (FEDORA-2017-e97e3b7eda)
Sync pagure and github issues to jira, via fedmsg
--------------------------------------------------------------------------------
Update Information:
Now with support for filtering by labels. ---- Now with support for spaces!
--------------------------------------------------------------------------------
================================================================================
python-tabulate-0.8.1-1.fc25 (FEDORA-2017-ffeddd54e2)
Pretty-print tabular data in Python, a library and a command-line utility
--------------------------------------------------------------------------------
Update Information:
* Multiline cells * `latex_raw` format * Column-specific floating point
formatting
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1497530 - python-tabulate-0.8.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1497530
[ 2 ] Bug #1497879 - python-tabulate-0.8.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1497879
--------------------------------------------------------------------------------
================================================================================
python2-lxc-0.1-1.fc25 (FEDORA-2017-3ef3e05119)
Python2 bindings for LXC
--------------------------------------------------------------------------------
Update Information:
This package provides Python 2.7 binding for liblxc (similar to the official
python3)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1498775 - Review Request: python2-lxc - Python2 bindings for LXC
https://bugzilla.redhat.com/show_bug.cgi?id=1498775
--------------------------------------------------------------------------------
================================================================================
python3-bsddb3-6.2.5-1.fc25 (FEDORA-2017-f30da9c64f)
Python 3 bindings for BerkleyDB
--------------------------------------------------------------------------------
Update Information:
Update to the latest upstream version.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1489988 - python3-bsddb3-6.2.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1489988
--------------------------------------------------------------------------------
================================================================================
qcad-3.18.1.0-1.fc25 (FEDORA-2017-9a0b1da1a5)
Powerful 2D CAD system
--------------------------------------------------------------------------------
Update Information:
- Update to 3.18.1.0
--------------------------------------------------------------------------------
================================================================================
rebase-helper-0.11.0-1.fc25 (FEDORA-2017-364f058df8)
The tool that helps you to rebase your package to the latest version
--------------------------------------------------------------------------------
Update Information:
News in **rebase-helper 0.11.0**: - Added `rpm-py-installer` to install `rpm-
python` from pip - Implemented detection of package category (*python*, *perl*,
*ruby*, *nodejs*, *php*) - Added **RubyGems** versioneer - Added **RubyHelper**
SPEC hook for getting additional sources based on instructions in SPEC file
comments - Value of *Version* and *Release* tags is now preserved if there are
any macros that can be modified instead - Versioneers and SPEC hooks are now run
only for matching package categories - Bash completion is now generated from
source code, so it is always up-to-date - Prevented unwanted modifications of
*%prep* section - Fixed unexpected removal of rpms and build logs after last
build retry - Added files are no longer listed as removed in **rpmdiff** report
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1498782 - rebase-helper-0.11.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1498782
--------------------------------------------------------------------------------
================================================================================
recode-3.6-43.fc25 (FEDORA-2017-4dfebebd39)
Conversion between character sets and surfaces
--------------------------------------------------------------------------------
Update Information:
Security fix for buffer overflow due to long input filenames [see Bug 1422550
and 1422545]
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1422550 - recode: Buffer overflow due to long input filenames [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1422550
--------------------------------------------------------------------------------
================================================================================
rho-0.0.28-2.fc25 (FEDORA-2017-a89e183dd1)
An SSH system profiler
--------------------------------------------------------------------------------
Update Information:
# Testing Rho To set up Rho, you create profiles that control how to run each
scan. - Authentication profiles contain user credentials for a user with
sufficient authority to complete the scan (for example, a root user or one with
root-level access obtained through -sudo privilege escalation). - Network
profiles contain network identifiers (for example, a hostname, IP address, or
range of IP addresses) and the authentication profiles to be used for a scan.
Complete the following steps, repeating them as necessary to access all parts of
your environment that you want to scan: 1. Create at least one authentication
profile with root-level access to Rho: ``` rho auth add --name auth_name
--username root_name(--sshkeyfile key_file | --password) ``` a. At the Rho
vault password prompt, create a new Rho vault password. This password is
required to access the encrypted Rho data, such as authentication and network
profiles, scan data, and other information. b. If you did not use the
sshkeyfile option to provide an SSH key for the username value, enter the
password of the user with root-level access at the connection password prompt.
For example, for an authentication profile where the authentication profile name
is roothost1, the user with root-level access is root, and the SSH key for the
user is in the path ~/.ssh/id_rsa, you would enter the following command: ```
rho auth add --name roothost1 --username root --sshkeyfile ~/.ssh/id_rsa ``` You
can also use the sudo-password option to create an authentication profile for a
user with root-level access who requires a password to obtain this privilege.
You can use the sudo-password option with either the sshkeyfile or the password
option. For example, for an authentication profile where the authentication
profile name is sudouser1, the user with root-level access is sysadmin, and the
access is obtained through the password option, you would enter the following
command: ``` rho auth add --name sudouser1 --username sysadmin --password
--sudo-password ``` After you enter this command, you are prompted to enter two
passwords. First, you would enter the connection password for the username user,
and then you would enter the password for the sudo command. 2. Create at least
one network profile that specifies one or more network identifiers, such as a
host name, an IP address, a list of IP addresses, or an IP range, and one or
more authentication profiles to be used for the scan: ``` rho profile add --name
profile_name --hosts host_name_or_file --auth auth_name ``` For example, for a
network profile where the name of the network profile is mynetwork, the network
to be scanned is the 192.0.2.0/24 subnet, and the authentication profiles that
are used to run the scan are roothost1 and roothost2, you would enter the
following command: ``` rho profile add --name mynetwork --hosts 192.0.2.[1:254]
--auth roothost1 roothost2 ``` You can also use a file to pass in the network
identifiers. If you use a file to enter multiple network identifiers, such as
multiple individual IP addresses, enter each on a single line. For example, for
a network profile where the path to this file is /home/user1/hosts_file, you
would enter the following command: ``` rho profile add --name mynetwork --hosts
/home/user1/hosts_file --auth roothost1 roothost2 ``` # Running a scan Run the
scan by using the scan command, specifying a network profile for the profile
option and a location to store the output as a file in the comma-separated
variables (CSV) format for the reportfile option: ``` rho scan --profile
profile_name --reportfile filename.csv ``` For example, if you want to use the
network profile mynetwork and save the report as mynetwork_scan1.csv, you would
enter the following command: ``` rho scan --profile mynetwork --reportfile
mynetwork_scan1.csv ``` ---- # Testing Rho To set up Rho, you create
profiles that control how to run each scan. - Authentication profiles contain
user credentials for a user with sufficient authority to complete the scan (for
example, a root user or one with root-level access obtained through -sudo
privilege escalation). - Network profiles contain network identifiers (for
example, a hostname, IP address, or range of IP addresses) and the
authentication profiles to be used for a scan. Complete the following steps,
repeating them as necessary to access all parts of your environment that you
want to scan: 1. Create at least one authentication profile with root-level
access to Rho: ``` rho auth add --name auth_name --username
root_name(--sshkeyfile key_file | --password) ``` a. At the Rho vault password
prompt, create a new Rho vault password. This password is required to access the
encrypted Rho data, such as authentication and network profiles, scan data, and
other information. b. If you did not use the sshkeyfile option to provide an
SSH key for the username value, enter the password of the user with root-level
access at the connection password prompt. For example, for an authentication
profile where the authentication profile name is roothost1, the user with root-
level access is root, and the SSH key for the user is in the path ~/.ssh/id_rsa,
you would enter the following command: ``` rho auth add --name roothost1
--username root --sshkeyfile ~/.ssh/id_rsa ``` You can also use the sudo-
password option to create an authentication profile for a user with root-level
access who requires a password to obtain this privilege. You can use the sudo-
password option with either the sshkeyfile or the password option. For example,
for an authentication profile where the authentication profile name is
sudouser1, the user with root-level access is sysadmin, and the access is
obtained through the password option, you would enter the following command: ```
rho auth add --name sudouser1 --username sysadmin --password --sudo-password ```
After you enter this command, you are prompted to enter two passwords. First,
you would enter the connection password for the username user, and then you
would enter the password for the sudo command. 2. Create at least one network
profile that specifies one or more network identifiers, such as a host name, an
IP address, a list of IP addresses, or an IP range, and one or more
authentication profiles to be used for the scan: ``` rho profile add --name
profile_name --hosts host_name_or_file --auth auth_name ``` For example, for a
network profile where the name of the network profile is mynetwork, the network
to be scanned is the 192.0.2.0/24 subnet, and the authentication profiles that
are used to run the scan are roothost1 and roothost2, you would enter the
following command: ``` rho profile add --name mynetwork --hosts 192.0.2.[1:254]
--auth roothost1 roothost2 ``` You can also use a file to pass in the network
identifiers. If you use a file to enter multiple network identifiers, such as
multiple individual IP addresses, enter each on a single line. For example, for
a network profile where the path to this file is /home/user1/hosts_file, you
would enter the following command: ``` rho profile add --name mynetwork --hosts
/home/user1/hosts_file --auth roothost1 roothost2 ``` # Running a scan Run the
scan by using the scan command, specifying a network profile for the profile
option and a location to store the output as a file in the comma-separated
variables (CSV) format for the reportfile option: ``` rho scan --profile
profile_name --reportfile filename.csv ``` For example, if you want to use the
network profile mynetwork and save the report as mynetwork_scan1.csv, you would
enter the following command: ``` rho scan --profile mynetwork --reportfile
mynetwork_scan1.csv ```
--------------------------------------------------------------------------------
================================================================================
scidavis-1.21-6.fc25 (FEDORA-2017-149d198190)
Application for Scientific Data Analysis and Visualization
--------------------------------------------------------------------------------
Update Information:
Reintroducing the package. Many bugfixes, enhancements and code changes since it
was dropped from the distribution, over a year ago.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1490054 - Review Request: scidavis - Application for Scientific Data Analysis
and Visualization
https://bugzilla.redhat.com/show_bug.cgi?id=1490054
--------------------------------------------------------------------------------
================================================================================
sudo-1.8.21p2-1.fc25 (FEDORA-2017-8d6667b0ae)
Allows restricted root access for specified users
--------------------------------------------------------------------------------
Update Information:
update to 1.8.21p2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1484603 - sudo-1.8.21p2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1484603
--------------------------------------------------------------------------------
================================================================================
switchboard-plug-notifications-0.1.3-1.fc25 (FEDORA-2017-0bbd0ab0dc)
Switchboard Notifications plug
--------------------------------------------------------------------------------
Update Information:
Update to version 0.1.3 and 2.0.3. These releases add support for the new
settings:// URL scheme.
--------------------------------------------------------------------------------
================================================================================
thunderbird-enigmail-1.9.8.3-1.fc25 (FEDORA-2017-b2a85abab1)
Authentication and encryption extension for Mozilla Thunderbird
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
tracer-0.6.13.1-2.fc25 (FEDORA-2017-98104623b5)
Finds outdated running applications in your system
--------------------------------------------------------------------------------
Update Information:
- Fix argparse logic (RhBug:
[
1492078](https://bugzilla.redhat.com/show_bug.cgi?id=1492078)) ---- Correct
package version comparision (seanokeeffe797(a)gmail.com)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1492078 - python3-tracer depends on python2 packages
https://bugzilla.redhat.com/show_bug.cgi?id=1492078
[ 2 ] Bug #1469282 - tracer-common should require python3-argcomplete
https://bugzilla.redhat.com/show_bug.cgi?id=1469282
--------------------------------------------------------------------------------
================================================================================
udiskie-1.7.1-1.fc25 (FEDORA-2017-ba4a255e5a)
Removable disk auto-mounter
--------------------------------------------------------------------------------
Update Information:
Overdue udiskie update to the latest upstream version. The optional python-
keyutils dependency is no included, as it is not available as RPM.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1497927 - Excessive notifications with docker
https://bugzilla.redhat.com/show_bug.cgi?id=1497927
[ 2 ] Bug #1323537 - udiskie-1.7.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1323537
--------------------------------------------------------------------------------
================================================================================
unbound-1.6.6-2.fc25 (FEDORA-2017-83d19671e4)
Validating, recursive, and caching DNS(SEC) resolver
--------------------------------------------------------------------------------
Update Information:
Enable RFC 8145 Trust Anchor Signaling to help the root zone get keytag
statistics
--------------------------------------------------------------------------------
================================================================================
vte291-0.46.3-1.fc25 (FEDORA-2017-1391851bdb)
Terminal emulator library
--------------------------------------------------------------------------------
Update Information:
Update to 0.46.3
--------------------------------------------------------------------------------
================================================================================
wingpanel-indicator-notifications-2.0.3-1.fc25 (FEDORA-2017-0bbd0ab0dc)
Notifications Indicator for wingpanel
--------------------------------------------------------------------------------
Update Information:
Update to version 0.1.3 and 2.0.3. These releases add support for the new
settings:// URL scheme.
--------------------------------------------------------------------------------
================================================================================
xen-4.7.3-6.fc25 (FEDORA-2017-99bcbc7bef)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
ARM: Some memory not scrubbed at boot [XSA-245] Qemu: vga: reachable assert
failure during during display update [CVE-2017-13673] (#1486591) Qemu: vga: OOB
read access during display update [CVE-2017-13672] (#1486562)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1486588 - CVE-2017-13673 Qemu: vga: reachable assert failure during during
display update
https://bugzilla.redhat.com/show_bug.cgi?id=1486588
[ 2 ] Bug #1486560 - CVE-2017-13672 Qemu: vga: OOB read access during display update
https://bugzilla.redhat.com/show_bug.cgi?id=1486560
--------------------------------------------------------------------------------