The following Fedora 25 Security updates need testing: Age URL 336 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb exim-4.87.1-1.fc25 174 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f nodejs-brace-expansion-1.1.7-1.fc25 124 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2232fe97b4 docker-distribution-2.6.2-1.git48294d9.fc25 39 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7089c6e789 suricata-3.2.4-1.fc25 32 https://bodhi.fedoraproject.org/updates/FEDORA-2017-51f49ebbce apr-1.6.3-1.fc25 32 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f563b201ba apr-util-1.5.4-4.fc25 32 https://bodhi.fedoraproject.org/updates/FEDORA-2017-45ed341e61 httpd-2.4.29-1.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e67e4e45b poppler-0.45.0-10.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-481e4f6f8c ldns-1.6.17-22.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e5bbb657c5 chromium-62.0.3202.89-1.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cdfd888e2e git-2.9.5-3.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e40e02e0dd moodle-3.1.9-1.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-78f0991378 openssh-7.4p1-5.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1fb805bfc2 xrdp-0.9.4-2.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2577f2108 xen-4.7.4-1.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e5afe777a docker-1.12.6-8.gitbe5610c.fc25 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4994d364de rb_libtorrent-1.1.5-1.fc25 qbittorrent-4.0.1-1.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c6722f0b3c linux-firmware-20171126-80.git17e62881.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-832dbdac75 python-dulwich-0.18.6-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d7ab32cc23 collectd-5.8.0-2.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-62f44716bb fedora-arm-installer-2.1-1.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7f8abb1866 ca-certificates-2017.2.20-1.0.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-905bb449bc kernel-4.13.16-100.fc25
The following Fedora 25 Critical Path updates have yet to be approved: Age URL 178 https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282 lorax-25.22-1.fc25 57 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3fc5429e7e iproute-4.12.0-1.fc25 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b89e9f62d8 bind99-9.9.10-3.P3.fc25 25 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dbf347055a hwdata-0.306-1.fc25 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6e67e4e45b poppler-0.45.0-10.fc25 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-15b7f781f0 nss-3.34.0-1.0.fc25 nss-softokn-3.34.0-1.0.fc25 nss-util-3.34.0-1.0.fc25 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cdfd888e2e git-2.9.5-3.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-78f0991378 openssh-7.4p1-5.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5c8aaa03b5 man-db-2.7.5-7.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ebe7851cb1 pungi-4.1.20-3.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1524498243 sssd-1.16.0-3.fc25 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4ac58bd7e5 groff-1.22.3-9.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f2577f2108 xen-4.7.4-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf1dd0bb89 libtiff-4.0.9-1.fc25 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-779d5b7efb pcre2-10.23-11.fc25 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c6722f0b3c linux-firmware-20171126-80.git17e62881.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-905bb449bc kernel-4.13.16-100.fc25 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7f8abb1866 ca-certificates-2017.2.20-1.0.fc25 The following builds have been pushed to Fedora 25 updates-testing ca-certificates-2017.2.20-1.0.fc25 collectd-5.8.0-2.fc25 copr-cli-1.65-1.fc25 fedora-arm-installer-2.1-1.fc25 kernel-4.13.16-100.fc25 Details about builds: ================================================================================ ca-certificates-2017.2.20-1.0.fc25 (FEDORA-2017-7f8abb1866) The Mozilla CA root certificate bundle -------------------------------------------------------------------------------- Update Information: This is a cumulative update to the Mozilla CA certificates trust list version 2.20, which has been published as part of Mozilla NSS 3.34.1. It also includes the changes that were previously released as version 2.18 as part of NSS 3.34. For additional details, please refer to the release notes of NSS 3.34.1 https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.34.1_release_notes ) and NSS 3.34 (https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.34_release_notes ). -------------------------------------------------------------------------------- ================================================================================ collectd-5.8.0-2.fc25 (FEDORA-2017-d7ab32cc23) Statistics collection daemon for filling RRD files -------------------------------------------------------------------------------- Update Information: Upstream released new version. See https://collectd.org/news.shtml#news106 for the list of changes. Fixes CVE-2017-16820 (double free in snmp plugin) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1516450 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1516450 [ 2 ] Bug #1516449 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1516449 [ 3 ] Bug #1516451 - CVE-2017-16820 collectd: double free in csnmp_read_table function in snmp.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1516451 -------------------------------------------------------------------------------- ================================================================================ copr-cli-1.65-1.fc25 (FEDORA-2017-ce5b52a631) Command line interface for COPR -------------------------------------------------------------------------------- Update Information: - allow to set use_bootstrap_container via API -------------------------------------------------------------------------------- ================================================================================ fedora-arm-installer-2.1-1.fc25 (FEDORA-2017-62f44716bb) Writes binary image files to any specified block device -------------------------------------------------------------------------------- Update Information: Update to 2.1 ---- Update to 2.0, Initial support for aarch64 images and associated SBCs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1464968 - CVE-2017-7496 fedora-arm-installer: Unsafe mount in /tmp allows privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=1464968 -------------------------------------------------------------------------------- ================================================================================ kernel-4.13.16-100.fc25 (FEDORA-2017-905bb449bc) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.13.16 update contains various fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1516267 - CVE-2017-16649 kernel: Divide-by-zero in drivers/net/usb/cdc_ether.c https://bugzilla.redhat.com/show_bug.cgi?id=1516267 [ 2 ] Bug #1516265 - CVE-2017-16650 kernel: Divide-by-zero in drivers/net/usb/qmi_wwan.c https://bugzilla.redhat.com/show_bug.cgi?id=1516265 [ 3 ] Bug #1516273 - CVE-2017-16644 kernel: Improper error handling in drivers/media/usb/hdpvr/hdpvr-core.c https://bugzilla.redhat.com/show_bug.cgi?id=1516273 [ 4 ] Bug #1516270 - CVE-2017-16647 kernel: NULL pointer dereference in drivers/net/usb/asix_devices.c https://bugzilla.redhat.com/show_bug.cgi?id=1516270 [ 5 ] Bug #1518155 - CVE-2017-16994 kernel: mm/pagewalk.c:walk_hugetlb_range function mishandles holes in hugetlb ranges causing information leak https://bugzilla.redhat.com/show_bug.cgi?id=1518155 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@lists.fedoraproject.org To unsubscribe send an email to test-le...@lists.fedoraproject.org
