The following Fedora 25 Security updates need testing: Age URL 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f4a443888b tomcat-8.0.36-2.fc25 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b17661de5 jasper-1.900.1-33.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4dedc6ec3d firewalld-0.4.3.3-1.fc25 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bcf95f3847 java-1.8.0-openjdk-aarch32-1.8.0.102-1.160812.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d1408c3ba3 ca-certificates-2016.2.9-1.1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aab0a156ab gnupg-1.4.21-1.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170 chicken-4.11.0-3.fc25 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a2b4a9589e canl-c-2.1.7-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-49e1e93a66 phpMyAdmin-4.6.4-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9299ce1c7d mediawiki-1.27.1-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-125ea34ff9 keepass-2.34-1.fc25
The following Fedora 25 Critical Path updates have yet to be approved: Age URL 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-060003fc51 cups-2.2-0.3rc1.fc25 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d1392ad5ad nss-3.26.0-1.0.fc25 nss-softokn-3.26.0-1.0.fc25 nss-util-3.26.0-1.0.fc25 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b17661de5 jasper-1.900.1-33.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6ff35490f4 yum-utils-1.1.31-511.fc25 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-06a24ce0fb openssh-7.3p1-3.fc25 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-672bb93f5a libfm-1.2.4-6.D20160627git2a537414de.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aab0a156ab gnupg-1.4.21-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d1408c3ba3 ca-certificates-2016.2.9-1.1.fc25 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cf4cb4e3f7 spatialite-tools-4.3.0-13.fc25 sqlite-3.14.1-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-37c9db36c2 dracut-044-77.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b930b840b krb5-1.14.3-6.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cbdde50ec4 selinux-policy-3.13.1-211.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5e40d80b1c livecd-tools-23.4-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f017106a66 gdb-7.11.90.20160807-7.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4976a748a1 libtasn1-4.9-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d229985a56 curl-7.50.1-2.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-de1f4e692b elfutils-0.167-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-788a7edfd7 network-manager-applet-1.4.0-1.fc25 NetworkManager-1.4.0-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f695073a52 xorg-x11-server-1.18.4-4.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e4e1add318 pcmanfm-1.2.4-3.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf60f55f04 lxsession-0.5.2-11.D20160817git699c1695c2.fc25
The following builds have been pushed to Fedora 25 updates-testing
IQmol-2.7.1-4.fc25 calibre-2.65.1-1.fc25 gammu-1.37.4-1.fc25 getdp-2.9.2-1.fc25 gnome-chemistry-utils-0.14.14-2.fc25 gnudiff-1.15-9.fc25 gnumeric-1.12.32-1.fc25 goffice-0.10.32-1.fc25 hitch-1.3.1-1.fc25 inadyn-mt-2.28.07-1.fc25 jdns-2.0.4-1.fc25 k3b-2.0.3-11.fc25 keepass-2.34-1.fc25 mediawiki-1.27.1-1.fc25 mksh-53a-1.fc25 perl-TeX-Hyphen-1.17-1.fc25 phpMyAdmin-4.6.4-2.fc25 python-wstool-0.1.13-1.fc25 qwtplot3d-0.2.7-22.fc25 tlp-0.9-1.fc25 wammu-0.42-1.fc25 wine-1.9.17-1.fc25 wxmacmolplt-7.7-1.fc25 xonsh-0.4.5-1.fc25
Details about builds:
================================================================================ IQmol-2.7.1-4.fc25 (FEDORA-2016-91e5ef244c) A free open-source molecular editor and visualization package -------------------------------------------------------------------------------- Update Information:
Rebuild --------------------------------------------------------------------------------
================================================================================ calibre-2.65.1-1.fc25 (FEDORA-2016-358bc46d83) E-book converter and library manager -------------------------------------------------------------------------------- Update Information:
Update to 2.65.1. Fixes bug #1370676 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370676 - calibre-2.65.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370676 [ 2 ] Bug #1370926 - calibre does not work in Fedora 25 https://bugzilla.redhat.com/show_bug.cgi?id=1370926 --------------------------------------------------------------------------------
================================================================================ gammu-1.37.4-1.fc25 (FEDORA-2016-ce18993e0e) Command Line utility to work with mobile phones -------------------------------------------------------------------------------- Update Information:
1.37.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370746 - gammu-1.37.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370746 [ 2 ] Bug #1370851 - wammu-0.42 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370851 --------------------------------------------------------------------------------
================================================================================ getdp-2.9.2-1.fc25 (FEDORA-2016-a53f91324a) General Environment for the Treatment of Discrete Problems -------------------------------------------------------------------------------- Update Information:
Update to 2.9.2 and fix FTBFS. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1354698 - getdp-2.9.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1354698 --------------------------------------------------------------------------------
================================================================================ gnome-chemistry-utils-0.14.14-2.fc25 (FEDORA-2016-c2881dfbb2) A set of chemical utilities -------------------------------------------------------------------------------- Update Information:
This is an update to the latest upstream releases of gnumeric and goffice: * http://gnumeric.org/announcements/1.12/gnumeric-1.12.32.html --------------------------------------------------------------------------------
================================================================================ gnudiff-1.15-9.fc25 (FEDORA-2016-9b319a4058) GNU Diff for Java -------------------------------------------------------------------------------- Update Information:
fixing https://bugzilla.redhat.com/show_bug.cgi?id=1307552 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1307552 - gnudiff: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1307552 --------------------------------------------------------------------------------
================================================================================ gnumeric-1.12.32-1.fc25 (FEDORA-2016-c2881dfbb2) Spreadsheet program for GNOME -------------------------------------------------------------------------------- Update Information:
This is an update to the latest upstream releases of gnumeric and goffice: * http://gnumeric.org/announcements/1.12/gnumeric-1.12.32.html --------------------------------------------------------------------------------
================================================================================ goffice-0.10.32-1.fc25 (FEDORA-2016-c2881dfbb2) G Office support libraries -------------------------------------------------------------------------------- Update Information:
This is an update to the latest upstream releases of gnumeric and goffice: * http://gnumeric.org/announcements/1.12/gnumeric-1.12.32.html --------------------------------------------------------------------------------
================================================================================ hitch-1.3.1-1.fc25 (FEDORA-2016-c2541804fd) Network proxy that terminates TLS/SSL connections -------------------------------------------------------------------------------- Update Information:
New upstream release; a feature and bugfix release. New feature: Support for OCSP. For fixed bugs, see the changelog included in the package, or online at https://github.com/varnish/hitch/blob/master/CHANGES.rst -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1335334 - hitch-1.3.0~beta1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1335334 --------------------------------------------------------------------------------
================================================================================ inadyn-mt-2.28.07-1.fc25 (FEDORA-2016-75617282a4) Dynamic DNS Client -------------------------------------------------------------------------------- Update Information:
- accomodate ipv4 only client stack, ipv6 socket create failure - finally fix no ifaddrs.h compile failures - added explicit DDNS ip auto detect option --svr_auto_detect -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370898 - inadyn-mt-.02.28.07 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370898 --------------------------------------------------------------------------------
================================================================================ jdns-2.0.4-1.fc25 (FEDORA-2016-75eb1f4c69) A simple DNS queries library -------------------------------------------------------------------------------- Update Information:
Update to 2.0.4 --------------------------------------------------------------------------------
================================================================================ k3b-2.0.3-11.fc25 (FEDORA-2016-cd8e848620) CD/DVD/Blu-ray burning application -------------------------------------------------------------------------------- Update Information:
Workaround FTBFS, and backport no_fake_mimetypes fix from master/ branch. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1307677 - k3b: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1307677 --------------------------------------------------------------------------------
================================================================================ keepass-2.34-1.fc25 (FEDORA-2016-125ea34ff9) Password manager -------------------------------------------------------------------------------- Update Information:
Update to version 2.34. Security fix for CVE-2016-5119. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1341963 - CVE-2016-5119 keepass: MitM attack against update check https://bugzilla.redhat.com/show_bug.cgi?id=1341963 --------------------------------------------------------------------------------
================================================================================ mediawiki-1.27.1-1.fc25 (FEDORA-2016-9299ce1c7d) A wiki engine -------------------------------------------------------------------------------- Update Information:
https://www.mediawiki.org/wiki/MediaWiki_1.27 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1369613 - CVE-2016-6331 CVE-2016-6332 CVE-2016-6333 CVE-2016-6334 CVE-2016-6335 CVE-2016-6336 mediawiki: multiple flaws fixed in 1.27.1, 1.26.4 and 1.23.15 https://bugzilla.redhat.com/show_bug.cgi?id=1369613 --------------------------------------------------------------------------------
================================================================================ mksh-53a-1.fc25 (FEDORA-2016-38acfc3669) MirBSD enhanced version of the Korn Shell -------------------------------------------------------------------------------- Update Information:
R53a is a snapshot/feature release: * Fix spelling * Unbreak multi-line command history broken by history flush * Fix redefining POSIX functions that were Korn functions before * Fix bounds checks in Vi editing mode * Handle combining characters at end of string or output correctly * Fix ${!#} ${!?} ${!-} (POSIX, prompted by izabera) * Fix shf.c-internal buffer overread on printing digits * Fix a typo in the testsuite * Increase default edit line size (unless MKSH_SMALL) * Improve description of Emacs mode keybindings, especially ^U * Abort read builtin in case of read(2) errors * Fix most of the ambiguous corner cases related to ${[pfx]var[op[word]]} (${@:-1} still unsupported) * Contribute some more testsuite coverage * WDS_TPUTS now emits QCHAR newline reentrant-safe * Fix var=<< implementation (LP#1380389) * Make XSI test(1) extensions behave as if they were POSIX * Add $(<<<x) and $(<<EOF���) implementation * Lower minimum screen size accepted as ���sane��� from the OS to 4��2 * Simplify tilde-expanded parameters * Fix default PS1 for substring matches * Apply defer-builtin-with-arguments logic to realpath builtin * Rework string pooling (own vs. compiler���s) (LP#1580348) * Feature: print -A, prints arguments as characters * Replace <<< and >>> as ROL and ROR operators with their new ^< and ^> spelling as per this proposal * Clear-to- EOL under tmux to work around its anti-feature * Remove support for using file descriptors with more than a single digit, in preparation for named file descriptors * Correct, but simplify (at the potential cost of more tty I/O than strictly necessary, though never redundant and (probably) not more than before when it was miscalculated), line clearing and redrawing * Implement new evaluate-region editing command Esc+Ctrl-E * Prefer external rename utility over the recovery builtin * Remove redundant full-line redraws * Fix errorlevel of ���.��� (���dot��� special builtin) when the sourced script does not run any commands, for POSIX compliance * Refactor op tokens and edchars to shave off some more bytes * Fix some bugs in the manpage and some occasional/minor code bugs * Mark tests requiring new perl as !need-pass * Add $KSH_MATCH and, to make it usable, ${foo@/bar/baz} * Fix bogus patch from OpenBSD: only NULL the global source in unwind when actually reclaiming its Area * Mention in the manpage that integer bases go up to 36 * Fix /= operator broken during refactoring --------------------------------------------------------------------------------
================================================================================ perl-TeX-Hyphen-1.17-1.fc25 (FEDORA-2016-2389de4bde) Hyphenate words using TeX's patterns -------------------------------------------------------------------------------- Update Information:
Rebase to upstream version 1.17. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370818 - perl-TeX-Hyphen-1.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370818 --------------------------------------------------------------------------------
================================================================================ phpMyAdmin-4.6.4-2.fc25 (FEDORA-2016-49e1e93a66) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information:
phpMyAdmin 4.6.4 (2016-08-16) ============================= This release includes many security fixes of various levels of severity. Upstream recommends all users upgrade to this release immediately. For full information on the vulnerabilities fixed and mitigation factors for users who are unable to upgrade, refer to the ChangeLog file included with this release and the security announcements at https://www.phpmyadmin.net/security/ Aside from the security fixes, bugs have been fixed affecting: * Create view when no view name specified * Changing a password * Fix deleting of users with non-English locales * Fixed password change on MariaDB without auth plugin -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370778 - phpMyAdmin-4.6.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370778 --------------------------------------------------------------------------------
================================================================================ python-wstool-0.1.13-1.fc25 (FEDORA-2016-a17cc9e2cb) Tool for managing a workspace of multiple heterogeneous SCM repositories -------------------------------------------------------------------------------- Update Information:
Update to latest upstream release. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1330381 - python-wstool-0.1.13 is available https://bugzilla.redhat.com/show_bug.cgi?id=1330381 --------------------------------------------------------------------------------
================================================================================ qwtplot3d-0.2.7-22.fc25 (FEDORA-2016-f9eac9b4c7) Qt/OpenGL-based C++ library providing a bunch of 3D-widgets -------------------------------------------------------------------------------- Update Information:
- Unbundle gl2ps (bz#1077865) - Fix compiler/linker flags -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1077865 - Build with system gl2ps instead of bundled one https://bugzilla.redhat.com/show_bug.cgi?id=1077865 --------------------------------------------------------------------------------
================================================================================ tlp-0.9-1.fc25 (FEDORA-2016-038e573c4a) Advanced power management tool for Linux -------------------------------------------------------------------------------- Update Information:
Update to 0.9 --------------------------------------------------------------------------------
================================================================================ wammu-0.42-1.fc25 (FEDORA-2016-ce18993e0e) Mobile Phone Manager - Gammu GUI -------------------------------------------------------------------------------- Update Information:
1.37.4 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370746 - gammu-1.37.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370746 [ 2 ] Bug #1370851 - wammu-0.42 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370851 --------------------------------------------------------------------------------
================================================================================ wine-1.9.17-1.fc25 (FEDORA-2016-1dac348e7b) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information:
Better exception handling on 64-bit. Various improvements in joystick support. Some more stream support in the C++ runtime. Font embedding improvements. More metafile support in GDI+. Various bug fixes. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370831 - wine-1.9.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370831 --------------------------------------------------------------------------------
================================================================================ wxmacmolplt-7.7-1.fc25 (FEDORA-2016-2f6838a264) A graphics program for plotting 3-D molecular structures and normal modes -------------------------------------------------------------------------------- Update Information:
* Added a menu item to copy the cartesian coordinates in NWChem format (ie. without the atomic number column). * Corrected a bug in the menu selection for flash export. * Added animated GIF movie exports (requires wx 2.9 or later, so only on Fedora 25 or newer). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370844 - wxmacmolplt-7.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370844 --------------------------------------------------------------------------------
================================================================================ xonsh-0.4.5-1.fc25 (FEDORA-2016-bb4eebdac7) A general purpose, Python-ish shell -------------------------------------------------------------------------------- Update Information:
New upstream release 0.4.5 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1370833 - xonsh-0.4.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370833 --------------------------------------------------------------------------------