The following Fedora 24 Security updates need testing: Age URL 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e339a7779 optipng-0.7.6-1.fc24 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f3b40fcbc3 jenkins-mailer-plugin-1.17-1.fc24 jenkins-credentials-plugin-1.27-1.fc24 jenkins-script-security-plugin-1.18.1-1.fc24 jenkins-junit-plugin-1.12-1.fc24 jenkins-1.651.1-1.fc24 stapler-1.242-1.fc24 tiger-types-2.2-1.fc24 owasp-java-html-sanitizer-20160422.1-1.fc24 jenkins-remoting-2.57-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a4d504509 obs-signd-2.2.1-8.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cfa7b58c7e owncloud-8.2.4-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ad6005ba92 imlib2-1.4.9-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f36c5935e5 libdwarf-20160507-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c36ab3e363 nodejs-4.4.4-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74 glibc-2.23.1-6.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c25125c408 moodle-3.0.4-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-46240c1a39 pgpdump-0.31-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-81ee229332 xen-4.6.1-7.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e8652e3efb cacti-0.8.8h-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5e070dcb15 lorax-24.18-1.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2f1d9fb2cf lxsession-0.5.2-9.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-16c46e44e1 livecd-tools-23.3-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ad6005ba92 imlib2-1.4.9-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7b7b2316c5 cheese-3.20.2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-04f51f7bac kde-baseapps-16.04.1-1.fc24 kde-runtime-16.04.1-1.fc24 kdelibs-4.14.20-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b321728d74 glibc-2.23.1-6.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fc8d3f9515 kf5-knotifications-5.21.0-3.fc24 kf5-knotifyconfig-5.21.0-2.fc24 phonon-4.9.0-3.fc24 The following builds have been pushed to Fedora 24 updates-testing 389-ds-base-1.3.5.3-1.fc24 GeoIP-GeoLite-data-2016.05-1.fc24 ansible-inventory-grapher-2.1.0-2.fc24 ansible-lint-2.6.2-1.fc24 atril-1.14.0-3.fc24 baloo-widgets-16.04.1-1.fc24 btrfs-progs-4.5.2-1.fc24 cacti-0.8.8h-1.fc24 cheese-3.20.2-1.fc24 corebird-1.2-1.fc24 cppformat-2.1.1-1.fc24 cqrlog-2.0.1-1.fc24 dolphin-16.04.1-1.fc24 dolphin-plugins-16.04.1-1.fc24 emacs-common-ess-16.04-1.fc24 enki-16.04.0-2.fc24 enki-16.04.0-3.fc24 erlang-eflame-0-0.1.gita085181.fc24 erlang-kvc-1.7.0-1.fc24 erlang-parse_trans-2.9.2-1.fc24 erlang-setup-1.7-1.fc24 fedora-motd-0.1.3-1.fc24 filezilla-3.17.0.1-1.fc24 fllog-1.2.3-1.fc24 geomorph-0.62-1.fc24 glibc-2.23.1-6.fc24 gnome-devel-docs-3.20.2-1.fc24 gssproxy-0.5.0-4.fc24 gtkd-3.2.2-2.fc24 hadoop-2.4.1-16.fc24 help2man-1.47.4-1.fc24 ipsilon-1.2.0-3.fc24 jovie-16.04.1-1.fc24 kaccessible-16.04.1-1.fc24 kate-16.04.1-1.fc24 kde-baseapps-16.04.1-1.fc24 kde-l10n-16.04.1-1.fc24 kde-runtime-16.04.1-1.fc24 kdelibs-4.14.20-1.fc24 kf5-knotifications-5.21.0-3.fc24 kf5-knotifyconfig-5.21.0-2.fc24 khelpcenter-16.04.1-1.fc24 kmag-16.04.1-1.fc24 kmousetool-16.04.1-1.fc24 kmouth-16.04.1-1.fc24 konsole5-16.04.1-1.fc24 lbdb-0.41-1.fc24 libinput-1.3.0-1.fc24 marisa-0.2.4-15.fc24 milter-greylist-4.6-1.fc24 mingw-freetype-2.6.3-1.fc24 mingw-gtk2-2.24.30-1.fc24 mongodb-3.2.6-1.fc24 moodle-3.0.4-1.fc24 nodejs-4.4.4-1.fc24 nodejs-process-nextick-args-1.0.7-1.fc24 nudoku-0.2.4-2.fc24 perl-CPAN-Perl-Releases-2.76-1.fc24 perl-DateTime-Format-Strptime-1.68-1.fc24 perl-Dumbbench-0.10-3.fc24 perl-IPC-SysV-2.07-1.fc24 perl-Module-CoreList-5.20160507-1.fc24 perl-Params-Validate-1.24-1.fc24 perl-RPC-XML-0.80-1.fc24 pgpdump-0.31-1.fc24 phonon-4.9.0-3.fc24 pidgin-2.10.12-3.fc24 pngquant-2.7.0-1.fc24 postgresql-pgpool-II-3.5.2-1.fc24 python-aodhclient-0.4.0-2.fc24 python-docker-squash-1.0.0-0.5.rc4.fc24 python-hghooks-0.7.0-2.fc24 python-parse_type-0.3.4-10.fc24 python-pysocks-1.5.6-3.fc24 python-qutepart-3.0.0-1.fc24 python-requests-toolbelt-0.6.1-1.fc24 python-waitress-0.9.0-1.fc24 qemu-2.6.0-0.2.rc5.fc24 rubygem-github-linguist-4.8.5-1.fc24 setroubleshoot-3.3.6-1.fc24 setroubleshoot-plugins-3.3.4-1.fc24 spectrwm-3.0.1-5.fc24 vinagre-3.20.2-1.fc24 vino-3.20.2-1.fc24 vlgothic-fonts-20141206-6.fc24 xen-4.6.1-7.fc24 Details about builds: ================================================================================ 389-ds-base-1.3.5.3-1.fc24 (FEDORA-2016-e547f9262a) 389 Directory Server (base) -------------------------------------------------------------------------------- Update Information: Release 1.3.5.3-1 -------------------------------------------------------------------------------- ================================================================================ GeoIP-GeoLite-data-2016.05-1.fc24 (FEDORA-2016-a4651897d0) Free GeoLite IP geolocation country database -------------------------------------------------------------------------------- Update Information: This month's database update. -------------------------------------------------------------------------------- ================================================================================ ansible-inventory-grapher-2.1.0-2.fc24 (FEDORA-2016-6e738dda0a) Creates graphs representing ansible inventory -------------------------------------------------------------------------------- Update Information: Use github source that provided license and test files ---- Update to 2.1.0 -------------------------------------------------------------------------------- ================================================================================ ansible-lint-2.6.2-1.fc24 (FEDORA-2016-53933e302e) Best practices checker for Ansible -------------------------------------------------------------------------------- Update Information: Update to 2.6.2 release -------------------------------------------------------------------------------- ================================================================================ atril-1.14.0-3.fc24 (FEDORA-2016-5219642bcd) Document viewer -------------------------------------------------------------------------------- Update Information: - revert fix for rhbz (#1303999), which introduced regressions - use right dependencies for dvi backend, fix libjpeg dependency -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333811 - [abrt] atril: ev_web_view_disconnect_handlers(): atril killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1333811 -------------------------------------------------------------------------------- ================================================================================ baloo-widgets-16.04.1-1.fc24 (FEDORA-2016-5108e43dfa) Widgets for Baloo -------------------------------------------------------------------------------- Update Information: Core KDE Applications 16.04.1 -------------------------------------------------------------------------------- ================================================================================ btrfs-progs-4.5.2-1.fc24 (FEDORA-2016-3436cc999b) Userspace programs for btrfs -------------------------------------------------------------------------------- Update Information: Pushing btrfs-progs-4.5.2 to f24 to match the 4.5 kernel shipping in that release. -------------------------------------------------------------------------------- ================================================================================ cacti-0.8.8h-1.fc24 (FEDORA-2016-e8652e3efb) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information: - Update to 0.8.8h - CVE-2016-3659 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334330 - cacti-0.8.8h is available https://bugzilla.redhat.com/show_bug.cgi?id=1334330 -------------------------------------------------------------------------------- ================================================================================ cheese-3.20.2-1.fc24 (FEDORA-2016-7b7b2316c5) Application for taking pictures and movies from a webcam -------------------------------------------------------------------------------- Update Information: Update to 3.20.2 -------------------------------------------------------------------------------- ================================================================================ corebird-1.2-1.fc24 (FEDORA-2016-dcb70e461e) Native GTK Twitter client -------------------------------------------------------------------------------- Update Information: Corebird 1.2 release. - Inline media and avatars are no longer cached on disk - Videos now indicate download progress showing a preview thumbnail with a circular progress overlay - We download higher-resolution avatars on HiDPI displays now - The build system usage has seen a major refactoring an cleanup, thanks to Rico Tzschichholz - The sidebar is now at the top and dark - Favorites now us a heart icon - Sending tweets is now cancellable (e.g. when multiple images are attached, in which case it might take a while) - Inline media are now displayed "full-size", scaled to the current window size. - Instagram videos are now correctly marked as videos, instead of was images - If you have GTK+ >= 3.19, there's now a GtkShortcutsWindow accessible from the app menuexplaining the various keyboard shortcuts. Note that Corebird still compiles and runs with GTK+ 3.16 - The big "add media" button in the compose window has been replaced with a regular text button. The added images are scaled down and displayed below it - You can quote your own tweets now - The settings dialog now contains a setting to hide "inappropriate content", and it is enabled by default. - The file selection dialog in the compose window now keeps you from selecting files > 3MB. -------------------------------------------------------------------------------- ================================================================================ cppformat-2.1.1-1.fc24 (FEDORA-2016-00ca01a385) Small, safe and fast formatting library for C++ -------------------------------------------------------------------------------- Update Information: Updating to [2.1.1](https://github.com/cppformat/cppformat/compare/2.0.0...2.1.1). -------------------------------------------------------------------------------- ================================================================================ cqrlog-2.0.1-1.fc24 (FEDORA-2016-f2571a2e7d) An amateur radio contact logging program -------------------------------------------------------------------------------- Update Information: Version 2.0.1 * fixed "TApplication.HandleException TControl.InvalidatePreferredSize loop" * frequency memories didn't switch between AM and FM when radio is on USB or LSB - fixed * bandmap didn't show CW spots when radio was in CWR mode - fixed * statistics and filter with group by didn't work on MySQL 5.7 - fixed * rigctld where not closed after closing cqrlog - fixed (Bill, WK2X) * RBN monitor window was always opened after program started - fixed * loading FromDate and ToDate from membership files fixed * fixed compiling for ARM64, powerpc and other non x86 platforms -------------------------------------------------------------------------------- References: [ 1 ] Bug #1329024 - cqrlog-v2.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1329024 -------------------------------------------------------------------------------- ================================================================================ dolphin-16.04.1-1.fc24 (FEDORA-2016-5108e43dfa) KDE File Manager -------------------------------------------------------------------------------- Update Information: Core KDE Applications 16.04.1 -------------------------------------------------------------------------------- ================================================================================ dolphin-plugins-16.04.1-1.fc24 (FEDORA-2016-5108e43dfa) Dolphin plugins for revision control systems -------------------------------------------------------------------------------- Update Information: Core KDE Applications 16.04.1 -------------------------------------------------------------------------------- ================================================================================ emacs-common-ess-16.04-1.fc24 (FEDORA-2016-cbe316df78) Emacs Speaks Statistics add-on package for Emacs -------------------------------------------------------------------------------- Update Information: Update to the latest stable release. The list of changes in this version can be found at http://article.gmane.org/gmane.emacs.ess.general/9191 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1234519 - Package should not ship a -el sub-package https://bugzilla.redhat.com/show_bug.cgi?id=1234519 [ 2 ] Bug #1266065 - emacs-common-ess-16.04 is available https://bugzilla.redhat.com/show_bug.cgi?id=1266065 -------------------------------------------------------------------------------- ================================================================================ enki-16.04.0-2.fc24 (FEDORA-2016-9a42569920) Text editor for programmers -------------------------------------------------------------------------------- Update Information: Enki version 16.04.0 - - Comment/Uncomment code functionality - Better Locator dialogue - Migration to Python3 and Qt-5 - A lot of improvements, https://github.com/hlamer/enki/issues?q=milestone%3Av16.04+is%3Aclosed Qutepart version 3.0.0 - - Migration to Python3 and PyQt5 (now only) - More syntaxes - Better colors - Better Ruby support -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328450 - enki-16.04.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328450 -------------------------------------------------------------------------------- ================================================================================ enki-16.04.0-3.fc24 (FEDORA-2016-a65c5ce647) Text editor for programmers -------------------------------------------------------------------------------- Update Information: Enki version 16.04.0 - - Comment/Uncomment code functionality - Better Locator dialogue - Migration to Python3 and Qt-5 - A lot of improvements, https://github.com/hlamer/enki/issues?q=milestone%3Av16.04+is%3Aclosed Rebuild for PyQt5 v5.6 - - rhbz#1332274 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328450 - enki-16.04.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328450 [ 2 ] Bug #1332274 - enki: FTBFS in rawhide due to errors and finally segmentation fault while tests execution https://bugzilla.redhat.com/show_bug.cgi?id=1332274 -------------------------------------------------------------------------------- ================================================================================ erlang-eflame-0-0.1.gita085181.fc24 (FEDORA-2016-9257f22c99) Flame Graph profiler for Erlang -------------------------------------------------------------------------------- Update Information: * Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #1329845 - Review Request: erlang-eflame - Flame Graph profiler for Erlang https://bugzilla.redhat.com/show_bug.cgi?id=1329845 -------------------------------------------------------------------------------- ================================================================================ erlang-kvc-1.7.0-1.fc24 (FEDORA-2016-09ab1b9d77) Key Value Coding for Erlang data structures -------------------------------------------------------------------------------- Update Information: * Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #1329847 - Review Request: erlang-kvc - Key Value Coding for Erlang data structures https://bugzilla.redhat.com/show_bug.cgi?id=1329847 -------------------------------------------------------------------------------- ================================================================================ erlang-parse_trans-2.9.2-1.fc24 (FEDORA-2016-88f7e9c2e7) Parse transform utilities for Erlang -------------------------------------------------------------------------------- Update Information: * Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #1329848 - Review Request: erlang-parse_trans - Parse transform utilities for Erlang https://bugzilla.redhat.com/show_bug.cgi?id=1329848 -------------------------------------------------------------------------------- ================================================================================ erlang-setup-1.7-1.fc24 (FEDORA-2016-60984c635a) Generic setup utility for Erlang-based systems -------------------------------------------------------------------------------- Update Information: * Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #1329852 - Review Request: erlang-setup - Generic setup utility for Erlang-based systems https://bugzilla.redhat.com/show_bug.cgi?id=1329852 -------------------------------------------------------------------------------- ================================================================================ fedora-motd-0.1.3-1.fc24 (FEDORA-2016-c8948356b9) Fedora MOTD -------------------------------------------------------------------------------- Update Information: #### Changes - Add support for Python3 alongside Python2 - Add motdgen service file - Put all runtime files under /var/run/motdgen - Fix SELinux labels for motdgen runtime files - Automate including /etc/pam.d/motdgen in /etc/pam.d/sshd #### Testing Atomic host - Boot up an F24 alpha atomic host and then do the following as root. - rpm-ostree rebase fedora-atomic:fedora- atomic/f23/x86_64/testing/docker-host - reboot - ostree admin unlock --hotfix - rpm -ivh https://kojipkgs.fedoraproject.org//packages/fedora- motd/0.1.3/1.fc24/noarch/fedora-motd-0.1.3-1.fc24.noarch.rpm Now try to do ssh login to your atomic host, and you should see the dynamic MOTD. You also need to assert that there are no error logs preventing motdgen from writing to ``/var/run/motdgen`` due to SELinux. You can do: ``ausearch -m avc`` -------------------------------------------------------------------------------- References: [ 1 ] Bug #1309792 - Review Request: fedora-motd - Generate dynamic MOTD for Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1309792 -------------------------------------------------------------------------------- ================================================================================ filezilla-3.17.0.1-1.fc24 (FEDORA-2016-8a57abd9de) FTP, FTPS and SFTP client -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334341 - filezilla-3.17.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334341 -------------------------------------------------------------------------------- ================================================================================ fllog-1.2.3-1.fc24 (FEDORA-2016-31b06e845c) Amateur Radio Log Program -------------------------------------------------------------------------------- Update Information: Corrects table display issue when number of log entries occupy less than height of the table. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1309836 - fllog-1.2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1309836 -------------------------------------------------------------------------------- ================================================================================ geomorph-0.62-1.fc24 (FEDORA-2016-dd6afa3e3e) A height field editor for Linux -------------------------------------------------------------------------------- Update Information: New upstream version ---- Fix Gdk-ERROR: The program 'geomorph' received an X Window System error. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1307529 - geomorph: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1307529 -------------------------------------------------------------------------------- ================================================================================ glibc-2.23.1-6.fc24 (FEDORA-2016-b321728d74) The GNU libc libraries -------------------------------------------------------------------------------- Update Information: This update contains minor security fixes (for CVE-2016-3075 and CVE-2016-1234) and collects fixes for bugs encountered by Fedora users. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333945 - glibc: dlerror () returns NULL after dlsym (RTLD_NEXT) of a non-existent symbol https://bugzilla.redhat.com/show_bug.cgi?id=1333945 [ 2 ] Bug #1334289 - glibc: ldconfig -X should not remove stale symbolic links https://bugzilla.redhat.com/show_bug.cgi?id=1334289 [ 3 ] Bug #1315648 - CVE-2016-1234 glibc: Stack-based buffer overflow in glob with GLOB_ALTDIRFUNC and crafted directory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1315648 [ 4 ] Bug #1307234 - strfmon_l does not group digits. https://bugzilla.redhat.com/show_bug.cgi?id=1307234 [ 5 ] Bug #1313404 - Test suite failure: elf/tst-audit10 and elf/tst-audit4 https://bugzilla.redhat.com/show_bug.cgi?id=1313404 [ 6 ] Bug #1332914 - glibc: Backport nss_dns hardening patches https://bugzilla.redhat.com/show_bug.cgi?id=1332914 [ 7 ] Bug #1316972 - glibc: NULL pointer dereference in stub resolver with unconnectable name server addresses https://bugzilla.redhat.com/show_bug.cgi?id=1316972 [ 8 ] Bug #1321954 - CVE-2016-3075 glibc: Stack overflow in nss_dns_getnetbyname_r [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1321954 [ 9 ] Bug #1332917 - glibc: Deadlock between fflush, getdelim, and fork https://bugzilla.redhat.com/show_bug.cgi?id=1332917 [ 10 ] Bug #1332912 - glibc: nss_hesiod: Heap overflow in get_txt_records https://bugzilla.redhat.com/show_bug.cgi?id=1332912 [ 11 ] Bug #1333901 - glibc: getnameinfo: fix memory leak and incorrect truncation checks https://bugzilla.redhat.com/show_bug.cgi?id=1333901 [ 12 ] Bug #1321861 - glibc: "getent group" listing using nss_db fails when entries are long https://bugzilla.redhat.com/show_bug.cgi?id=1321861 [ 13 ] Bug #1321372 - Incorrect first day of the week for es_CL locale https://bugzilla.redhat.com/show_bug.cgi?id=1321372 -------------------------------------------------------------------------------- ================================================================================ gnome-devel-docs-3.20.2-1.fc24 (FEDORA-2016-a617dcd276) GNOME developer documentation -------------------------------------------------------------------------------- Update Information: Update to 3.20.2 -------------------------------------------------------------------------------- ================================================================================ gssproxy-0.5.0-4.fc24 (FEDORA-2016-c68f632054) GSSAPI Proxy -------------------------------------------------------------------------------- Update Information: Fix an issue where gssproxy would refuse to start if the apache user didn't exist. This configuration snippet can later be shipped by mod_auth_gssapi instead. Subsumes three previous attempts to get gssproxy-0.5.0 out the door. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333191 - Error: nothing provides libini_onfig needed by gssproxy-0.5.0-1.fc25.x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1333191 [ 2 ] Bug #1334150 - gssproxy daemon cannot start if the user apache does not exist https://bugzilla.redhat.com/show_bug.cgi?id=1334150 -------------------------------------------------------------------------------- ================================================================================ gtkd-3.2.2-2.fc24 (FEDORA-2016-54c5190778) D binding and OO wrapper of GTK+ -------------------------------------------------------------------------------- Update Information: The update fixed broken gtkd dependencies. -------------------------------------------------------------------------------- ================================================================================ hadoop-2.4.1-16.fc24 (FEDORA-2016-e821eb5c2f) A software platform for processing vast amounts of data -------------------------------------------------------------------------------- Update Information: rebuild (aarch64) -------------------------------------------------------------------------------- ================================================================================ help2man-1.47.4-1.fc24 (FEDORA-2016-dd01361584) Create simple man pages from --help output -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334338 - help2man-1.47.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334338 -------------------------------------------------------------------------------- ================================================================================ ipsilon-1.2.0-3.fc24 (FEDORA-2016-ce35cd55c7) An Identity Provider Server -------------------------------------------------------------------------------- Update Information: Rebased to upstream 1.2.0 release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334583 - warning: user ipsilon does not exist - using root https://bugzilla.redhat.com/show_bug.cgi?id=1334583 -------------------------------------------------------------------------------- ================================================================================ jovie-16.04.1-1.fc24 (FEDORA-2016-e76f5e0387) Text to speech support -------------------------------------------------------------------------------- Update Information: KDE Accessibility 16.04.1 -------------------------------------------------------------------------------- ================================================================================ kaccessible-16.04.1-1.fc24 (FEDORA-2016-e76f5e0387) An accessibility bridge plugin -------------------------------------------------------------------------------- Update Information: KDE Accessibility 16.04.1 -------------------------------------------------------------------------------- ================================================================================ kate-16.04.1-1.fc24 (FEDORA-2016-5108e43dfa) Advanced Text Editor -------------------------------------------------------------------------------- Update Information: Core KDE Applications 16.04.1 -------------------------------------------------------------------------------- ================================================================================ kde-baseapps-16.04.1-1.fc24 (FEDORA-2016-04f51f7bac) KDE Core Applications -------------------------------------------------------------------------------- Update Information: KDE4 Core/Runtime components as part of KDE Applications 16.04.1 release. -------------------------------------------------------------------------------- ================================================================================ kde-l10n-16.04.1-1.fc24 (FEDORA-2016-099c73551f) Internationalization support for KDE Applications -------------------------------------------------------------------------------- Update Information: KDE Applications 16.04.1 translations -------------------------------------------------------------------------------- ================================================================================ kde-runtime-16.04.1-1.fc24 (FEDORA-2016-04f51f7bac) KDE Runtime -------------------------------------------------------------------------------- Update Information: KDE4 Core/Runtime components as part of KDE Applications 16.04.1 release. -------------------------------------------------------------------------------- ================================================================================ kdelibs-4.14.20-1.fc24 (FEDORA-2016-04f51f7bac) KDE Libraries -------------------------------------------------------------------------------- Update Information: KDE4 Core/Runtime components as part of KDE Applications 16.04.1 release. -------------------------------------------------------------------------------- ================================================================================ kf5-knotifications-5.21.0-3.fc24 (FEDORA-2016-fc8d3f9515) KDE Frameworks 5 Tier 2 solution with abstraction for system notifications -------------------------------------------------------------------------------- Update Information: Pull in phonon-related path fixes. -------------------------------------------------------------------------------- ================================================================================ kf5-knotifyconfig-5.21.0-2.fc24 (FEDORA-2016-fc8d3f9515) KDE Frameworks 5 Tier 3 module for KNotify configuration -------------------------------------------------------------------------------- Update Information: Pull in phonon-related path fixes. -------------------------------------------------------------------------------- ================================================================================ khelpcenter-16.04.1-1.fc24 (FEDORA-2016-5108e43dfa) Show documentation for KDE applications -------------------------------------------------------------------------------- Update Information: Core KDE Applications 16.04.1 -------------------------------------------------------------------------------- ================================================================================ kmag-16.04.1-1.fc24 (FEDORA-2016-e76f5e0387) A screen magnifier -------------------------------------------------------------------------------- Update Information: KDE Accessibility 16.04.1 -------------------------------------------------------------------------------- ================================================================================ kmousetool-16.04.1-1.fc24 (FEDORA-2016-e76f5e0387) A program that clicks the mouse for you -------------------------------------------------------------------------------- Update Information: KDE Accessibility 16.04.1 -------------------------------------------------------------------------------- ================================================================================ kmouth-16.04.1-1.fc24 (FEDORA-2016-e76f5e0387) A program that speaks for you -------------------------------------------------------------------------------- Update Information: KDE Accessibility 16.04.1 -------------------------------------------------------------------------------- ================================================================================ konsole5-16.04.1-1.fc24 (FEDORA-2016-5108e43dfa) KDE Terminal emulator -------------------------------------------------------------------------------- Update Information: Core KDE Applications 16.04.1 -------------------------------------------------------------------------------- ================================================================================ lbdb-0.41-1.fc24 (FEDORA-2016-e04b1df10a) Address Database for mutt -------------------------------------------------------------------------------- Update Information: Update to upstream release 0.41 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1259881 - /usr/libexec/lbdb/mutt_ldap_query throws deprecated warnings in F23 https://bugzilla.redhat.com/show_bug.cgi?id=1259881 -------------------------------------------------------------------------------- ================================================================================ libinput-1.3.0-1.fc24 (FEDORA-2016-cf9b8022d6) Input device library -------------------------------------------------------------------------------- Update Information: libinput 1.3.0 -------------------------------------------------------------------------------- ================================================================================ marisa-0.2.4-15.fc24 (FEDORA-2016-8dc3bd0c79) Static and spece-efficient trie data structure library -------------------------------------------------------------------------------- Update Information: Fix marisa-perl packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246698 - Fix marisa-perl packaging https://bugzilla.redhat.com/show_bug.cgi?id=1246698 -------------------------------------------------------------------------------- ================================================================================ milter-greylist-4.6-1.fc24 (FEDORA-2016-eb5ba5846e) Milter for greylisting, the next step in the spam control war -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. -------------------------------------------------------------------------------- ================================================================================ mingw-freetype-2.6.3-1.fc24 (FEDORA-2016-2d78d6860a) Free and portable font rendering engine -------------------------------------------------------------------------------- Update Information: MinGW cross compiled freetype 2.6.3 release. -------------------------------------------------------------------------------- ================================================================================ mingw-gtk2-2.24.30-1.fc24 (FEDORA-2016-cfe37a08d2) MinGW Windows Gtk2 library -------------------------------------------------------------------------------- Update Information: MinGW cross compiled gtk+ 2.24.30 release. -------------------------------------------------------------------------------- ================================================================================ mongodb-3.2.6-1.fc24 (FEDORA-2016-07fa6e8c55) High-performance, schema-free document-oriented database -------------------------------------------------------------------------------- Update Information: Upgrade to latest upstream minor release. -------------------------------------------------------------------------------- ================================================================================ moodle-3.0.4-1.fc24 (FEDORA-2016-c25125c408) A Course Management System -------------------------------------------------------------------------------- Update Information: 3.0.4 -------------------------------------------------------------------------------- ================================================================================ nodejs-4.4.4-1.fc24 (FEDORA-2016-c36ab3e363) JavaScript runtime -------------------------------------------------------------------------------- Update Information: https://github.com/nodejs/node/blob/v4.4.4/CHANGELOG.md https://nodejs.org/en/blog/vulnerability/openssl-may-2016/ -------------------------------------------------------------------------------- ================================================================================ nodejs-process-nextick-args-1.0.7-1.fc24 (FEDORA-2016-3a5607a323) The process.nextTick() but always with args -------------------------------------------------------------------------------- Update Information: Update to 1.0.7 -------------------------------------------------------------------------------- ================================================================================ nudoku-0.2.4-2.fc24 (FEDORA-2016-af70854c6a) Ncurses based Sudoku game -------------------------------------------------------------------------------- Update Information: Add nudoku to repositories -------------------------------------------------------------------------------- References: [ 1 ] Bug #1315486 - Review Request: nudoku - Ncurses based sudoku game https://bugzilla.redhat.com/show_bug.cgi?id=1315486 -------------------------------------------------------------------------------- ================================================================================ perl-CPAN-Perl-Releases-2.76-1.fc24 (FEDORA-2016-40e127e1ae) Mapping Perl releases on CPAN to the location of the tarballs -------------------------------------------------------------------------------- Update Information: Updated to the latest version ---- Updated to the latest version ---- Updated to the latest version ---- Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334537 - perl-CPAN-Perl-Releases-2.76 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334537 [ 2 ] Bug #1333390 - perl-CPAN-Perl-Releases-2.74 is available https://bugzilla.redhat.com/show_bug.cgi?id=1333390 [ 3 ] Bug #1332332 - perl-CPAN-Perl-Releases-2.72 is available https://bugzilla.redhat.com/show_bug.cgi?id=1332332 [ 4 ] Bug #1331894 - perl-CPAN-Perl-Releases-2.70 is available https://bugzilla.redhat.com/show_bug.cgi?id=1331894 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-Format-Strptime-1.68-1.fc24 (FEDORA-2016-3e24b9ca8e) Parse and format strptime and strftime patterns -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334333 - perl-DateTime-Format-Strptime-1.68 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334333 -------------------------------------------------------------------------------- ================================================================================ perl-Dumbbench-0.10-3.fc24 (FEDORA-2016-b9d8706a47) More reliable bench-marking with the least amount of thinking -------------------------------------------------------------------------------- Update Information: This release removes SOOT support because it is incompatible with root 6. -------------------------------------------------------------------------------- ================================================================================ perl-IPC-SysV-2.07-1.fc24 (FEDORA-2016-315b07c5ff) Object interface to System V IPC -------------------------------------------------------------------------------- Update Information: This release corrects a test. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334539 - perl-IPC-SysV-2.07 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334539 -------------------------------------------------------------------------------- ================================================================================ perl-Module-CoreList-5.20160507-1.fc24 (FEDORA-2016-7c6ffc7b6e) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information: This release fixes a warning about too deep recursion. It also provides data for perl 5.24.0 and 5.25.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334542 - perl-Module-CoreList-5.20160507 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334542 -------------------------------------------------------------------------------- ================================================================================ perl-Params-Validate-1.24-1.fc24 (FEDORA-2016-a8f7c7e2c1) Params-Validate Perl module -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334352 - perl-Params-Validate-1.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334352 -------------------------------------------------------------------------------- ================================================================================ perl-RPC-XML-0.80-1.fc24 (FEDORA-2016-857bffe3fa) Set of classes for core data, message and XML handling -------------------------------------------------------------------------------- Update Information: This release fixes a leak with Expat parser, it avoids deprecated IO::Socket::INET option, it fixes processing elements with numeric names. It also makes tests more portable. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334357 - perl-RPC-XML-0.80 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334357 -------------------------------------------------------------------------------- ================================================================================ pgpdump-0.31-1.fc24 (FEDORA-2016-46240c1a39) PGP packet visualizer -------------------------------------------------------------------------------- Update Information: fix possible buffer overflow -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334350 - pgpdump-0.31 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334350 -------------------------------------------------------------------------------- ================================================================================ phonon-4.9.0-3.fc24 (FEDORA-2016-fc8d3f9515) Multimedia framework api -------------------------------------------------------------------------------- Update Information: Pull in phonon-related path fixes. -------------------------------------------------------------------------------- ================================================================================ pidgin-2.10.12-3.fc24 (FEDORA-2016-ec2e452e19) A Gtk+ based multiprotocol instant messaging client -------------------------------------------------------------------------------- Update Information: Disable SILC support -------------------------------------------------------------------------------- ================================================================================ pngquant-2.7.0-1.fc24 (FEDORA-2016-490f28f87c) PNG quantization tool for reducing image file size -------------------------------------------------------------------------------- Update Information: Update to 2.7.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334353 - pngquant-2.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1334353 -------------------------------------------------------------------------------- ================================================================================ postgresql-pgpool-II-3.5.2-1.fc24 (FEDORA-2016-1eea76823c) Pgpool is a connection pooling/replication server for PostgreSQL -------------------------------------------------------------------------------- Update Information: Update to latest minor version. ---- rebuld for pgool 3.5.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1332329 - Upgrade pgpool-II to 3.4.6 for EPEL7 https://bugzilla.redhat.com/show_bug.cgi?id=1332329 [ 2 ] Bug #1303393 - postgresql-pgpool-II-3.5.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1303393 [ 3 ] Bug #976947 - Upgrade to pgpool-II 3.2.4 https://bugzilla.redhat.com/show_bug.cgi?id=976947 -------------------------------------------------------------------------------- ================================================================================ python-aodhclient-0.4.0-2.fc24 (FEDORA-2016-92e8cc8cae) Python API and CLI for OpenStack Aodh -------------------------------------------------------------------------------- Update Information: Rebase to 0.4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1304467 - Review Request: python-aodhclient - Python client for Aodh https://bugzilla.redhat.com/show_bug.cgi?id=1304467 -------------------------------------------------------------------------------- ================================================================================ python-docker-squash-1.0.0-0.5.rc4.fc24 (FEDORA-2016-86ef02399b) Docker layer squashing tool -------------------------------------------------------------------------------- Update Information: This update obsoletes the `python-docker-scripts` package. This package is a newer version which adds support for Docker 1.10 and higher. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334515 - atomic-reactor depends on python-docker-squash which does not exist in f23 https://bugzilla.redhat.com/show_bug.cgi?id=1334515 -------------------------------------------------------------------------------- ================================================================================ python-hghooks-0.7.0-2.fc24 (FEDORA-2016-d246b3480e) A set of useful hooks for Mercurial -------------------------------------------------------------------------------- Update Information: Fix summary line in the package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333783 - python-hghooks-0.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1333783 -------------------------------------------------------------------------------- ================================================================================ python-parse_type-0.3.4-10.fc24 (FEDORA-2016-5384ef60ba) Simplifies to build parse types based on the parse module -------------------------------------------------------------------------------- Update Information: Correctly do Provides/Obsoletes -------------------------------------------------------------------------------- ================================================================================ python-pysocks-1.5.6-3.fc24 (FEDORA-2016-120392ec64) A Python SOCKS client module -------------------------------------------------------------------------------- Update Information: Fix typo in explicit Conflicts with python-SocksiPy. -------------------------------------------------------------------------------- ================================================================================ python-qutepart-3.0.0-1.fc24 (FEDORA-2016-9a42569920) Code editor widget -------------------------------------------------------------------------------- Update Information: Enki version 16.04.0 - - Comment/Uncomment code functionality - Better Locator dialogue - Migration to Python3 and Qt-5 - A lot of improvements, https://github.com/hlamer/enki/issues?q=milestone%3Av16.04+is%3Aclosed Qutepart version 3.0.0 - - Migration to Python3 and PyQt5 (now only) - More syntaxes - Better colors - Better Ruby support -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328450 - enki-16.04.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328450 -------------------------------------------------------------------------------- ================================================================================ python-requests-toolbelt-0.6.1-1.fc24 (FEDORA-2016-ec0f5b6a15) A utility belt for advanced users of python-requests -------------------------------------------------------------------------------- Update Information: update to 0.6.1 release -------------------------------------------------------------------------------- ================================================================================ python-waitress-0.9.0-1.fc24 (FEDORA-2016-8d2b0d5178) Waitress WSGI server -------------------------------------------------------------------------------- Update Information: Update to 0.9.0 (official release after betas like 0.9.0b1) -------------------------------------------------------------------------------- ================================================================================ qemu-2.6.0-0.2.rc5.fc24 (FEDORA-2016-a0f1d7a855) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * Fix gtk UI crash when switching to monitor (bz #1333424) * Fix sdl2 UI lockup lockup when switching to monitor * Rebased to qemu-2.6.0-rc5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333424 - crash in the gtk ui when selecting compatmonitor0 https://bugzilla.redhat.com/show_bug.cgi?id=1333424 -------------------------------------------------------------------------------- ================================================================================ rubygem-github-linguist-4.8.5-1.fc24 (FEDORA-2016-dd23f1bfc1) GitHub Language detection -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333995 - rubygem-github-linguist-v4.8.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1333995 -------------------------------------------------------------------------------- ================================================================================ setroubleshoot-3.3.6-1.fc24 (FEDORA-2016-812271b66f) Helps troubleshoot SELinux problems -------------------------------------------------------------------------------- Update Information: setroubleshoot-plugins was fixed to use correct quotation around audit comm field, it suggest to create my-[command].pp modules instead of mypol.pp to allow distinguish between several modules suggested by it and finally it suggests to use priority 300 for all setroubleshoot suggested modules. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1329037 - module name in troubleshoot instruction should be my_<command> instead of mypol https://bugzilla.redhat.com/show_bug.cgi?id=1329037 [ 2 ] Bug #1322654 - Few buttons in setroubleshoot are not localized https://bugzilla.redhat.com/show_bug.cgi?id=1322654 [ 3 ] Bug #1329321 - Suggests non working command when trimmed processes names are encountered https://bugzilla.redhat.com/show_bug.cgi?id=1329321 -------------------------------------------------------------------------------- ================================================================================ setroubleshoot-plugins-3.3.4-1.fc24 (FEDORA-2016-812271b66f) Analysis plugins for use with setroubleshoot -------------------------------------------------------------------------------- Update Information: setroubleshoot-plugins was fixed to use correct quotation around audit comm field, it suggest to create my-[command].pp modules instead of mypol.pp to allow distinguish between several modules suggested by it and finally it suggests to use priority 300 for all setroubleshoot suggested modules. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1329037 - module name in troubleshoot instruction should be my_<command> instead of mypol https://bugzilla.redhat.com/show_bug.cgi?id=1329037 [ 2 ] Bug #1322654 - Few buttons in setroubleshoot are not localized https://bugzilla.redhat.com/show_bug.cgi?id=1322654 [ 3 ] Bug #1329321 - Suggests non working command when trimmed processes names are encountered https://bugzilla.redhat.com/show_bug.cgi?id=1329321 -------------------------------------------------------------------------------- ================================================================================ spectrwm-3.0.1-5.fc24 (FEDORA-2016-26a6a49302) Minimalist tiling window manager written in C -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1333593 - update to 3.0.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333593 - update spectrwm window manage to 3.0.1 https://bugzilla.redhat.com/show_bug.cgi?id=1333593 -------------------------------------------------------------------------------- ================================================================================ vinagre-3.20.2-1.fc24 (FEDORA-2016-f97ba3e777) VNC client for GNOME -------------------------------------------------------------------------------- Update Information: Update to 3.20.2 -------------------------------------------------------------------------------- ================================================================================ vino-3.20.2-1.fc24 (FEDORA-2016-b1c2a491ce) A remote desktop system for GNOME -------------------------------------------------------------------------------- Update Information: Update to 3.20.2 -------------------------------------------------------------------------------- ================================================================================ vlgothic-fonts-20141206-6.fc24 (FEDORA-2016-84c01deb16) Japanese TrueType font -------------------------------------------------------------------------------- Update Information: Reassign U+23F4 and U+23F5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331050 - glyphs reversed, black medium left- and right-pointing triangles https://bugzilla.redhat.com/show_bug.cgi?id=1331050 -------------------------------------------------------------------------------- ================================================================================ xen-4.6.1-7.fc24 (FEDORA-2016-81ee229332) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: qemu-kvm: Integer overflow in SDL when creating too wide screen, QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds check [XSA-179, CVE-2016-3710, CVE-2016-3712] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1318727 - qemu-kvm: Integer overflow in SDL when creating too wide screen https://bugzilla.redhat.com/show_bug.cgi?id=1318727 [ 2 ] Bug #1331401 - CVE-2016-3710 qemu: incorrect banked access bounds checking in vga module https://bugzilla.redhat.com/show_bug.cgi?id=1331401 [ 3 ] Bug #1318712 - CVE-2016-3712 qemu-kvm: Out-of-bounds read when creating weird vga screen surface https://bugzilla.redhat.com/show_bug.cgi?id=1318712 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
