Fedora 25 updates-testing report

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Fedora 25 updates-testing report

updates-3
The following Fedora 25 Security updates need testing:
 Age  URL
 173  https://bodhi.fedoraproject.org/updates/FEDORA-2016-d79ba708cb   exim-4.87.1-1.fc25
  72  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d17af41e   python-XStatic-jquery-ui-1.12.0.1-4.fc25
  15  https://bodhi.fedoraproject.org/updates/FEDORA-2017-7dbbbafea6   runc-1.0.0-7.git6394544.fc25.2
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec3c82e64d   libstaroffice-0.0.3-3.fc25
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d7498559f   nodejs-brace-expansion-1.1.7-1.fc25
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-63789c8c29   tomcat-8.0.44-1.fc25
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-bcfa3569d6   libmwaw-0.3.11-3.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a66e2c5b62   chromium-59.0.3071.86-3.fc25 chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-62aacc1474   mercurial-3.8.1-3.fc25


The following Fedora 25 Critical Path updates have yet to be approved:
 Age URL
  15  https://bodhi.fedoraproject.org/updates/FEDORA-2017-613a72e282   lorax-25.22-1.fc25
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2017-bd92718a5a   pungi-4.1.16-1.fc25
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-d530a04779   pcre2-10.23-8.fc25
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c4b191036b   vim-8.0.642-1.fc25
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a83e0e61d6   fwupd-0.9.4-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-2a026bd3a1   audit-2.7.7-1.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c1937fe117   qt5-qtdeclarative-5.7.1-8.fc25
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-fc2e82175e   gstreamer1-vaapi-1.10.5-1.fc25 gstreamer1-plugins-ugly-free-1.10.5-1.fc25 gstreamer1-plugins-bad-free-1.10.5-1.fc25 gstreamer1-plugins-good-1.10.5-1.fc25 gst-editing-services-1.10.5-1.fc25 python-gstreamer1-1.10.5-1.fc25 gstreamer1-rtsp-server-1.10.5-1.fc25 gstreamer1-plugins-base-1.10.5-1.fc25 gstreamer1-1.10.5-1.fc25


The following builds have been pushed to Fedora 25 updates-testing

    MySQL-zrm-3.0-15.fc25
    chromium-59.0.3071.86-3.fc25
    chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc25
    mbuffer-20170515-1.fc25
    mercurial-3.8.1-3.fc25
    mosquitto-1.4.12-2.fc25
    perl-MetaCPAN-API-0.51-1.fc25
    python-XStatic-Patternfly-Bootstrap-Treeview-2.1.3.2-1.fc25
    python-influxdb-4.1.1-2.fc25
    smuxi-1.0.7-1.fc25
    sway-0.13.0-1.fc25

Details about builds:


================================================================================
 MySQL-zrm-3.0-15.fc25 (FEDORA-2017-97afc58a48)
 MySQL backup manager
--------------------------------------------------------------------------------
Update Information:

- Check exit status of all commands in pipes (bug #1151623) - Do not use --same-
order with -c for tar (bug #1458038)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1458038 - Backup data file is empty due to invalid tar parameters, but still reports success
        https://bugzilla.redhat.com/show_bug.cgi?id=1458038
--------------------------------------------------------------------------------


================================================================================
 chromium-59.0.3071.86-3.fc25 (FEDORA-2017-a66e2c5b62)
 A WebKit (Blink) powered web browser
--------------------------------------------------------------------------------
Update Information:

Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for
CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074,
CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078,
CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083,
CVE-2017-5085
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1459037 - CVE-2017-5085 chromium-browser: inappropriate javascript execution on webui pages
        https://bugzilla.redhat.com/show_bug.cgi?id=1459037
  [ 2 ] Bug #1459036 - CVE-2017-5083 chromium-browser: ui spoofing in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1459036
  [ 3 ] Bug #1459035 - CVE-2017-5082 chromium-browser: insufficient hardening in credit card editor
        https://bugzilla.redhat.com/show_bug.cgi?id=1459035
  [ 4 ] Bug #1459034 - CVE-2017-5081 chromium-browser: extension verification bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=1459034
  [ 5 ] Bug #1459033 - CVE-2017-5080 chromium-browser: use after free in credit card autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=1459033
  [ 6 ] Bug #1459032 - CVE-2017-5079 chromium-browser: ui spoofing in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1459032
  [ 7 ] Bug #1459031 - CVE-2017-5078 chromium-browser: possible command injection in mailto handling
        https://bugzilla.redhat.com/show_bug.cgi?id=1459031
  [ 8 ] Bug #1459030 - CVE-2017-5077 chromium-browser: heap buffer overflow in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1459030
  [ 9 ] Bug #1459029 - CVE-2017-5076 chromium-browser: address spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1459029
  [ 10 ] Bug #1459028 - CVE-2017-5086 chromium-browser: address spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1459028
  [ 11 ] Bug #1459027 - CVE-2017-5075 chromium-browser: information leak in csp reporting
        https://bugzilla.redhat.com/show_bug.cgi?id=1459027
  [ 12 ] Bug #1459025 - CVE-2017-5074 chromium-browser: use after free in apps bluetooth
        https://bugzilla.redhat.com/show_bug.cgi?id=1459025
  [ 13 ] Bug #1459024 - CVE-2017-5073 chromium-browser: use after free in print preview
        https://bugzilla.redhat.com/show_bug.cgi?id=1459024
  [ 14 ] Bug #1459023 - CVE-2017-5072 chromium-browser: address spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1459023
  [ 15 ] Bug #1459022 - CVE-2017-5071 chromium-browser: out of bounds read in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1459022
  [ 16 ] Bug #1459021 - CVE-2017-5070 chromium-browser: type confusion in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1459021
--------------------------------------------------------------------------------


================================================================================
 chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc25 (FEDORA-2017-a66e2c5b62)
 Google Native Client Toolchain
--------------------------------------------------------------------------------
Update Information:

Chromium 59. Add smaller logo files. Fix lots of security bugs: Security fix for
CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074,
CVE-2017-5075, CVE-2017-5086, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078,
CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083,
CVE-2017-5085
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1459037 - CVE-2017-5085 chromium-browser: inappropriate javascript execution on webui pages
        https://bugzilla.redhat.com/show_bug.cgi?id=1459037
  [ 2 ] Bug #1459036 - CVE-2017-5083 chromium-browser: ui spoofing in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1459036
  [ 3 ] Bug #1459035 - CVE-2017-5082 chromium-browser: insufficient hardening in credit card editor
        https://bugzilla.redhat.com/show_bug.cgi?id=1459035
  [ 4 ] Bug #1459034 - CVE-2017-5081 chromium-browser: extension verification bypass
        https://bugzilla.redhat.com/show_bug.cgi?id=1459034
  [ 5 ] Bug #1459033 - CVE-2017-5080 chromium-browser: use after free in credit card autofill
        https://bugzilla.redhat.com/show_bug.cgi?id=1459033
  [ 6 ] Bug #1459032 - CVE-2017-5079 chromium-browser: ui spoofing in blink
        https://bugzilla.redhat.com/show_bug.cgi?id=1459032
  [ 7 ] Bug #1459031 - CVE-2017-5078 chromium-browser: possible command injection in mailto handling
        https://bugzilla.redhat.com/show_bug.cgi?id=1459031
  [ 8 ] Bug #1459030 - CVE-2017-5077 chromium-browser: heap buffer overflow in skia
        https://bugzilla.redhat.com/show_bug.cgi?id=1459030
  [ 9 ] Bug #1459029 - CVE-2017-5076 chromium-browser: address spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1459029
  [ 10 ] Bug #1459028 - CVE-2017-5086 chromium-browser: address spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1459028
  [ 11 ] Bug #1459027 - CVE-2017-5075 chromium-browser: information leak in csp reporting
        https://bugzilla.redhat.com/show_bug.cgi?id=1459027
  [ 12 ] Bug #1459025 - CVE-2017-5074 chromium-browser: use after free in apps bluetooth
        https://bugzilla.redhat.com/show_bug.cgi?id=1459025
  [ 13 ] Bug #1459024 - CVE-2017-5073 chromium-browser: use after free in print preview
        https://bugzilla.redhat.com/show_bug.cgi?id=1459024
  [ 14 ] Bug #1459023 - CVE-2017-5072 chromium-browser: address spoofing in omnibox
        https://bugzilla.redhat.com/show_bug.cgi?id=1459023
  [ 15 ] Bug #1459022 - CVE-2017-5071 chromium-browser: out of bounds read in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1459022
  [ 16 ] Bug #1459021 - CVE-2017-5070 chromium-browser: type confusion in v8
        https://bugzilla.redhat.com/show_bug.cgi?id=1459021
--------------------------------------------------------------------------------


================================================================================
 mbuffer-20170515-1.fc25 (FEDORA-2017-10a630a517)
 Measuring Buffer is an enhanced version of buffer
--------------------------------------------------------------------------------
Update Information:

Update to new upstream version 20170515
--------------------------------------------------------------------------------


================================================================================
 mercurial-3.8.1-3.fc25 (FEDORA-2017-62aacc1474)
 Mercurial -- a distributed SCM
--------------------------------------------------------------------------------
Update Information:

Fixes CVE-2017-9462.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1459485 - CVE-2017-9462 mercurial: Python debugger accessible to authorized users [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1459485
--------------------------------------------------------------------------------


================================================================================
 mosquitto-1.4.12-2.fc25 (FEDORA-2017-0efaec1e6c)
 An Open Source MQTT v3.1/v3.1.1 Broker
--------------------------------------------------------------------------------
Update Information:

Rebuild for libwebsockets
--------------------------------------------------------------------------------


================================================================================
 perl-MetaCPAN-API-0.51-1.fc25 (FEDORA-2017-390164a5ee)
 A comprehensive, DWIM-featured API to MetaCPAN
--------------------------------------------------------------------------------
Update Information:

Updated to current upstream release using v1 API; the MetaCPAN service no longer
supports the old v0 API.
--------------------------------------------------------------------------------


================================================================================
 python-XStatic-Patternfly-Bootstrap-Treeview-2.1.3.2-1.fc25 (FEDORA-2017-3c751e6c6a)
 Patternfly Bootstrap Treeview CSS/JS framework (XStatic packaging standard)
--------------------------------------------------------------------------------
Update Information:

Initial version of the package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1447089 - None
        https://bugzilla.redhat.com/show_bug.cgi?id=1447089
--------------------------------------------------------------------------------


================================================================================
 python-influxdb-4.1.1-2.fc25 (FEDORA-2017-54cc632748)
 InfluxDB client
--------------------------------------------------------------------------------
Update Information:

Update from uptsream,  ----  Update from uptsream,
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1442584 - python-influxdb-v4.1.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1442584
--------------------------------------------------------------------------------


================================================================================
 smuxi-1.0.7-1.fc25 (FEDORA-2017-97db694f02)
 Powerful, flexible, user-friendly chat client
--------------------------------------------------------------------------------
Update Information:

- Update to 1.0.7
--------------------------------------------------------------------------------


================================================================================
 sway-0.13.0-1.fc25 (FEDORA-2017-9e1037e7e8)
 i3-compatible window manager for Wayland
--------------------------------------------------------------------------------
Update Information:

update to 0.13
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- [hidden email]
To unsubscribe send an email to [hidden email]