The following Fedora 24 Security updates need testing: Age URL 24 https://bodhi.fedoraproject.org/updates/FEDORA-2016-71b4804526 imlib2-1.4.8-1.fc24 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e339a7779 optipng-0.7.6-1.fc24 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c3387a7dad squid-3.5.16-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aff691237e roundcubemail-1.1.5-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f3b40fcbc3 jenkins-mailer-plugin-1.17-1.fc24 jenkins-credentials-plugin-1.27-1.fc24 jenkins-script-security-plugin-1.18.1-1.fc24 jenkins-junit-plugin-1.12-1.fc24 jenkins-1.651.1-1.fc24 stapler-1.242-1.fc24 tiger-types-2.2-1.fc24 owasp-java-html-sanitizer-20160422.1-1.fc24 jenkins-remoting-2.57-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8f4b54b005 pgpdump-0.30-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f4e73663f4 php-5.6.21-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0c57b12c7b gd-2.1.1-7.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5e897e9b85 glib-networking-2.48.1-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 24 https://bodhi.fedoraproject.org/updates/FEDORA-2016-71b4804526 imlib2-1.4.8-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5e070dcb15 lorax-24.18-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8fad3111e6 openldap-2.4.43-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-615f943a0c taglib-1.11-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-72ba8169a1 openssh-7.2p2-6.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7a3619a46d thunderbird-45.0-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e4c126ab13 firefox-46.0-5.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5e897e9b85 glib-networking-2.48.1-1.fc24 The following builds have been pushed to Fedora 24 updates-testing baloo-4.14.3-8.fc24 capnproto-0.5.3-2.fc24 dyninst-9.1.0-4.fc24 erlang-riak_sysmon-2.1.2-1.fc24 euca2ools-3.3.0-3.fc24 firefox-46.0-5.fc24 glib-networking-2.48.1-1.fc24 google-noto-cjk-fonts-1.004-5.fc24 google-noto-emoji-fonts-20160406-4.fc24 google-noto-fonts-20150929-1.fc24 gparted-0.26.0-1.fc24 grib_api-1.15.0-1.fc24 hawkey-0.6.3-2.fc24 ipsec-tools-0.8.2-5.fc24 jetbrains-annotations-15.0-2.fc24 latexmk-4.45-1.fc24 lxqt-common-0.10.0-10.fc24 lxqt-qtplugin-0.10.0-4.fc24 nomacs-3.2.0-1.fc24 openldap-2.4.43-4.fc24 openssh-7.2p2-6.fc24 pcp-3.11.2-2.fc24 perl-Archive-Any-Lite-0.11-1.fc24 pgRouting-2.2.2-1.fc24 php-zendframework-zend-file-2.7.0-1.fc24 python-fedmsg-meta-fedora-infrastructure-0.17.4-1.fc24 python-requestbuilder-0.5.2-1.fc24 relval-2.1.3-1.fc24 storaged-2.5.1-1.fc24 system-switch-java-1.1.6-3.fc24 taglib-1.11-1.fc24 tcpreplay-4.1.1-1.fc24 thunderbird-45.0-4.fc24 webkitgtk4-2.12.2-2.fc24 xulrunner-44.0-6.fc24 yubico-piv-tool-1.3.1-1.fc24 Details about builds: ================================================================================ baloo-4.14.3-8.fc24 (FEDORA-2016-21a010bfba) A framework for searching and managing metadata -------------------------------------------------------------------------------- Update Information: Fix FTBFS, -libs: drop Requires: baloo -------------------------------------------------------------------------------- ================================================================================ capnproto-0.5.3-2.fc24 (FEDORA-2016-c023e41c9b) A data interchange format and capability-based RPC system -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328968 - Review Request: capnproto - A data interchange format and capability-based RPC system https://bugzilla.redhat.com/show_bug.cgi?id=1328968 -------------------------------------------------------------------------------- ================================================================================ dyninst-9.1.0-4.fc24 (FEDORA-2016-748f888241) An API for Run-time Code Generation -------------------------------------------------------------------------------- Update Information: Corrects a symbol export in libdyninstAPI_RT.so, so it may be loaded and used without having dyninst-debuginfo installed. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1315841 - preserve debuginfo in libdyninstAPI_RT.so https://bugzilla.redhat.com/show_bug.cgi?id=1315841 -------------------------------------------------------------------------------- ================================================================================ erlang-riak_sysmon-2.1.2-1.fc24 (FEDORA-2016-ba1ff34fbe) Rate-limiting system_monitor event handler for Riak -------------------------------------------------------------------------------- Update Information: * Ver. 2.1.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331601 - erlang-riak_sysmon-2.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1331601 -------------------------------------------------------------------------------- ================================================================================ euca2ools-3.3.0-3.fc24 (FEDORA-2016-c30c538f1c) Eucalyptus/AWS-compatible command line tools -------------------------------------------------------------------------------- Update Information: This update backports numerous bugfixes from upstream. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1315331 - Update euca2ools to 3.3.0 https://bugzilla.redhat.com/show_bug.cgi?id=1315331 -------------------------------------------------------------------------------- ================================================================================ firefox-46.0-5.fc24 (FEDORA-2016-e4c126ab13) Mozilla Firefox Web browser -------------------------------------------------------------------------------- Update Information: - Fixed wrong keyboard focus (rhbz#1322626) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1322626 - [XINPUT2] Cannot type into any window other than most recently opened window in firefox using twm https://bugzilla.redhat.com/show_bug.cgi?id=1322626 -------------------------------------------------------------------------------- ================================================================================ glib-networking-2.48.1-1.fc24 (FEDORA-2016-5e897e9b85) Networking support for GLib -------------------------------------------------------------------------------- Update Information: Update to 2.48.1. Add patch for denial of service when TLS server sends the same self-signed certificate twice in a chain. -------------------------------------------------------------------------------- ================================================================================ google-noto-cjk-fonts-1.004-5.fc24 (FEDORA-2016-fa721e5bef) Google Noto Sans CJK Fonts -------------------------------------------------------------------------------- Update Information: Fixes spec. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331405 - Required obsolete and provides https://bugzilla.redhat.com/show_bug.cgi?id=1331405 -------------------------------------------------------------------------------- ================================================================================ google-noto-emoji-fonts-20160406-4.fc24 (FEDORA-2016-d61f328b5b) Google Noto Emoji Fonts -------------------------------------------------------------------------------- Update Information: Fixes spec. ---- new package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331282 - Required obsolete and provides https://bugzilla.redhat.com/show_bug.cgi?id=1331282 [ 2 ] Bug #1326217 - Review Request: google-noto-emoji-fonts - Google Noto Emoji Fonts https://bugzilla.redhat.com/show_bug.cgi?id=1326217 -------------------------------------------------------------------------------- ================================================================================ google-noto-fonts-20150929-1.fc24 (FEDORA-2016-0f2558f1b5) Hinted and Non Hinted OpenType fonts for Unicode scripts -------------------------------------------------------------------------------- Update Information: - Upstream divided google-noto-fonts package into noto-cjk-font and noto-emoji - Removed subpackages: google-noto-color-emoji-fonts, google-noto-sans (cjk-fonts, japanese-fonts, simplified-chinese-fonts and traditional-chinese-fonts) - Replaced by google-noto-cjk-fonts and google-noto-emoji-fonts - New subpackages - google-noto-nastaliq-urdu-fonts and google-noto-sans-tibetan-fonts -------------------------------------------------------------------------------- References: [ 1 ] Bug #1269404 - Update with latest upstream release with split tarballs https://bugzilla.redhat.com/show_bug.cgi?id=1269404 -------------------------------------------------------------------------------- ================================================================================ gparted-0.26.0-1.fc24 (FEDORA-2016-d732a1264d) Gnome Partition Editor -------------------------------------------------------------------------------- Update Information: Update to latest upstream release. - Introduces read-only LUKS support. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1310381 - RFE: gparted and luks https://bugzilla.redhat.com/show_bug.cgi?id=1310381 -------------------------------------------------------------------------------- ================================================================================ grib_api-1.15.0-1.fc24 (FEDORA-2016-541e08ae40) WMO FM-92 GRIB (v1,v2) interface accessible from C and FORTRAN programs -------------------------------------------------------------------------------- Update Information: Update to 1.15.0, including a large number of improvements and bug fixes. Please check the Release Notes for a comprehensive list. https://software.ecmwf.int/wiki/display/GRIB/GRIB+API+version+1.15.0+released This also changes the layout of the grib_api python module. -------------------------------------------------------------------------------- ================================================================================ hawkey-0.6.3-2.fc24 (FEDORA-2016-01078e58cc) Library providing simplified C and Python API to libsolv -------------------------------------------------------------------------------- Update Information: Fix packaging to comply packaging guidelines -------------------------------------------------------------------------------- ================================================================================ ipsec-tools-0.8.2-5.fc24 (FEDORA-2016-7ac82a71af) Tools for configuring and using IPSEC -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1251691 ifup-ipsec causes invalid ICMP redirects -------------------------------------------------------------------------------- References: [ 1 ] Bug #1251691 - ifup-ipsec causes invalid ICMP redirects https://bugzilla.redhat.com/show_bug.cgi?id=1251691 -------------------------------------------------------------------------------- ================================================================================ jetbrains-annotations-15.0-2.fc24 (FEDORA-2016-5a560d7399) IntelliJ IDEA Annotations -------------------------------------------------------------------------------- Update Information: Initial import (#1328062). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328062 - Review Request: jetbrains-annotations - IntelliJ IDEA Annotations https://bugzilla.redhat.com/show_bug.cgi?id=1328062 -------------------------------------------------------------------------------- ================================================================================ latexmk-4.45-1.fc24 (FEDORA-2016-e2c39f3625) A make-like utility for LaTeX files -------------------------------------------------------------------------------- Update Information: Upstream notes on version 4.45: - Fix problem of -C not always working correctly when compilation was with -pdf and clear was default. - Fix bug in limiting number of passes when $max_repeat >= 10 - Fix bug in finding id of viewer process id under OS-X -------------------------------------------------------------------------------- ================================================================================ lxqt-common-0.10.0-10.fc24 (FEDORA-2016-cef689f239) Common resources for LXQt desktop suite -------------------------------------------------------------------------------- Update Information: Add fixedFont=Monospace to default preferences (/etc/xdg/lxqt/lxqt.conf) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1330150 - When using the lxqt desktop, konsole defaults to the proportional font "DejaVu Sans" https://bugzilla.redhat.com/show_bug.cgi?id=1330150 -------------------------------------------------------------------------------- ================================================================================ lxqt-qtplugin-0.10.0-4.fc24 (FEDORA-2016-cef689f239) Qt plugin framework for LXQt Desktop Suite -------------------------------------------------------------------------------- Update Information: Add fixedFont=Monospace to default preferences (/etc/xdg/lxqt/lxqt.conf) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1330150 - When using the lxqt desktop, konsole defaults to the proportional font "DejaVu Sans" https://bugzilla.redhat.com/show_bug.cgi?id=1330150 -------------------------------------------------------------------------------- ================================================================================ nomacs-3.2.0-1.fc24 (FEDORA-2016-97166fc494) Lightweight image viewer -------------------------------------------------------------------------------- Update Information: Version bump -------------------------------------------------------------------------------- References: [ 1 ] Bug #1315675 - nomacs-3.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1315675 -------------------------------------------------------------------------------- ================================================================================ openldap-2.4.43-4.fc24 (FEDORA-2016-8fad3111e6) LDAP support libraries -------------------------------------------------------------------------------- Update Information: - Keep *.so libraries in %{_libdir}/openldap/ (#1331484) - Include AllOp overlay (#1319782) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1319782 - Include AllOp overlay in openldap-servers https://bugzilla.redhat.com/show_bug.cgi?id=1319782 [ 2 ] Bug #1331484 - Cannot load module due to module's .la file missing https://bugzilla.redhat.com/show_bug.cgi?id=1331484 -------------------------------------------------------------------------------- ================================================================================ openssh-7.2p2-6.fc24 (FEDORA-2016-72ba8169a1) An open source implementation of SSH protocol versions 1 and 2 -------------------------------------------------------------------------------- Update Information: Add legacy sshd-keygen for anaconda (#1331077) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331077 - sshd doesn't start during installation https://bugzilla.redhat.com/show_bug.cgi?id=1331077 -------------------------------------------------------------------------------- ================================================================================ pcp-3.11.2-2.fc24 (FEDORA-2016-bad5995fe9) System-level performance monitoring and performance management -------------------------------------------------------------------------------- Update Information: Update to latest PCP Sources -------------------------------------------------------------------------------- References: [ 1 ] Bug #328432 - None https://bugzilla.redhat.com/show_bug.cgi?id=328432 [ 2 ] Bug #1325363 - multithreaded clients with concurrent pmNewContext suffer deadlocks or low performance https://bugzilla.redhat.com/show_bug.cgi?id=1325363 [ 3 ] Bug #1323521 - remote operation of pmie based pmda restarter interferes with local pmcd https://bugzilla.redhat.com/show_bug.cgi?id=1323521 [ 4 ] Bug #1319288 - segv in libpcp during discovery error processing https://bugzilla.redhat.com/show_bug.cgi?id=1319288 -------------------------------------------------------------------------------- ================================================================================ perl-Archive-Any-Lite-0.11-1.fc24 (FEDORA-2016-006bd89478) Simple CPAN package extractor -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. -------------------------------------------------------------------------------- ================================================================================ pgRouting-2.2.2-1.fc24 (FEDORA-2016-26a7170eca) Provides routing functionality to PostGIS/PostgreSQL -------------------------------------------------------------------------------- Update Information: Fixed regression error on pgr_drivingDistance -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-file-2.7.0-1.fc24 (FEDORA-2016-1bf898b26f) Zend Framework File component -------------------------------------------------------------------------------- Update Information: **Version 2.7.0** - 2016-04-28 - [#25](https://github.com/zendframework/zend- file/pull/25) adds and publishes documentation to https://zendframework.github.io/zend-file/ - [#25](https://github.com/zendframework/zend-file/pull/25) deprecates the `Zend\File\Transfer` subcomponent. Its functionality is now split between each of: - zend-filter, for moving uploaded files to their final location, renaming them, and potentially transforming them. - zend-validator, for validating upload succes, file type, hash, etc. - zend-progressbar, for managing upload status. -------------------------------------------------------------------------------- ================================================================================ python-fedmsg-meta-fedora-infrastructure-0.17.4-1.fc24 (FEDORA-2016-03832e4d1c) Metadata providers for Fedora Infrastructure's fedmsg deployment -------------------------------------------------------------------------------- Update Information: Latest upstream. Enabled python3 subpackage. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331370 - Please enable python3-fedmsg-meta-fedora-infrastructure https://bugzilla.redhat.com/show_bug.cgi?id=1331370 [ 2 ] Bug #1331442 - python-fedmsg-meta-fedora-infrastructure-0.17.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1331442 -------------------------------------------------------------------------------- ================================================================================ python-requestbuilder-0.5.2-1.fc24 (FEDORA-2016-c30c538f1c) Command line-driven HTTP request builder -------------------------------------------------------------------------------- Update Information: This update backports numerous bugfixes from upstream. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1315331 - Update euca2ools to 3.3.0 https://bugzilla.redhat.com/show_bug.cgi?id=1315331 -------------------------------------------------------------------------------- ================================================================================ relval-2.1.3-1.fc24 (FEDORA-2016-38f0b02863) Tool for interacting with Fedora QA wiki pages -------------------------------------------------------------------------------- Update Information: This update provides the latest version of [relval](https://www.happyassassin.net/relval). This update fixes two major bugs in `relval compose --download-only`: it did not respect `--force` (if the page already existed, it would not be rewritten) and it did not in fact quit after writing the download page, it would continue to write the rest of the pages, exactly the opposite of its design. -------------------------------------------------------------------------------- ================================================================================ storaged-2.5.1-1.fc24 (FEDORA-2016-eea5fd9b01) Disk Manager -------------------------------------------------------------------------------- Update Information: Upgrade to 2.5.1 ---- Fix segfault when no configuration is given for a LUKS device -------------------------------------------------------------------------------- ================================================================================ system-switch-java-1.1.6-3.fc24 (FEDORA-2016-0f25c4a52b) A tool for changing the default Java toolset -------------------------------------------------------------------------------- Update Information: added upsteam patch 107 for better jdk9 support -------------------------------------------------------------------------------- ================================================================================ taglib-1.11-1.fc24 (FEDORA-2016-615f943a0c) Audio Meta-Data Library -------------------------------------------------------------------------------- Update Information: taglib-1.11 (final) bugfix release -------------------------------------------------------------------------------- ================================================================================ tcpreplay-4.1.1-1.fc24 (FEDORA-2016-207239132d) Replay captured network traffic -------------------------------------------------------------------------------- Update Information: Fixes include: - Improve --pps accuracy and performance (#236) - Option --unique-ip accepts --duration (#227) - RFC1624 incremental checksums (#225) - Option --duration performance optimizations (#223) - Correct company name in license (#217) - Compile and mult-arch cross-compile on ARM (#211) - Switch to wire speed after 30 minutes at 6 Gbps (#210) - Tap device support for Linux and FreeBSD from Murat Demirten (#207) - Handle loopback for linux cooked capture files from corentin-p1(Linux SLL) (#204) - Master doesn't compile on OS X 10.11 (#203) - Recognise tbd stubs from Dominyk Tiller (#202) - Support for tcprewrite multiple IP CIDR (#199) - Fix incorrect checksums after editing fragmented packets (#190) - Option --loop=0 full wire wire speed after 1st pass (#172 #191) - Big-endian tcpliveplay work-around from Brian Micek (#194) - Build OS X using existing XCode SDK (#185) - Update to autogen version 5.18.6 and libopts 46.0.16 (#182) - netmap reports impossibly high capacity (#176) - Duration feature from dexteradeus (#175) - Stop sending and exit when limit is reached (#174) - Extra packets sent with -L option (#173) - Buffer overflow bug in tcpprep (#167) - netmap optimizations (#93) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1117242 - Please build tcpreplay for EPEL 7 https://bugzilla.redhat.com/show_bug.cgi?id=1117242 -------------------------------------------------------------------------------- ================================================================================ thunderbird-45.0-4.fc24 (FEDORA-2016-7a3619a46d) Mozilla Thunderbird mail/newsgroup client -------------------------------------------------------------------------------- Update Information: Fix FTBFS on secondary arches -------------------------------------------------------------------------------- ================================================================================ webkitgtk4-2.12.2-2.fc24 (FEDORA-2016-7b0438989a) GTK+ Web content engine library -------------------------------------------------------------------------------- Update Information: Fix packaging ---- This update brings the following changes: - Fix rendering of scrollbars with GTK themes using stepper buttons. - Fix compatibility issue with 2.12.1 regarding local storage access from file URLs. - Make menu list buttons use the text color from the theme. - Do not show resize grip in non-resizable text fields. - Fix accessibility events causing Orca to echo key presses instead of speaking the inserted characters in password fields. - Fix an off by one error in hyphenation. - Fix several crashes and rendering issues. - Fix the build with libjpeg v9. - Translation updates: Bulgarian, Finnish, Greek, Italian, Turkish. -------------------------------------------------------------------------------- ================================================================================ xulrunner-44.0-6.fc24 (FEDORA-2016-0c53661e0d) XUL Runtime for Gecko Applications -------------------------------------------------------------------------------- Update Information: Fix FTBFS on secondary arches -------------------------------------------------------------------------------- ================================================================================ yubico-piv-tool-1.3.1-1.fc24 (FEDORA-2016-e0a3b318cb) Tool for interacting with the PIV applet on a YubiKey NEO -------------------------------------------------------------------------------- Update Information: New (forgotten) upstream release 1.3.2 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
