The following Fedora 24 Security updates need testing: Age URL 51 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e339a7779 optipng-0.7.6-1.fc24 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a4d504509 obs-signd-2.2.1-8.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-95edf19d8a squid-3.5.19-2.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b86ae2068d openslp-2.0.0-9.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dfa325d31b community-mysql-5.7.12-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b967ac1a74 php-5.6.22-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e21eeb4202 docker-1.10.3-11.git8ecd47f.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f13ea849c5 qemu-2.6.0-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e3240782ec phpMyAdmin-4.6.2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f10f7ee784 libusbmuxd-1.0.10-5.fc24 libimobiledevice-1.2.0-7.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a82ad4c373 gd-2.2.1-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d23d2712de roundcubemail-1.2.0-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa49938267 pungi-4.0.15-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-43d1395a18 selinux-policy-3.13.1-189.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3d4c0d27b6 sqlite-3.12.2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f10f7ee784 libusbmuxd-1.0.10-5.fc24 libimobiledevice-1.2.0-7.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-88baa4e5ce libXfixes-5.0.2-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b941a4053d parted-3.2-20.fc24 The following builds have been pushed to Fedora 24 updates-testing IQmol-2.7.1-3.fc24 R-Rcpp-0.12.5-1.fc24 bind-9.10.4-1.P1.fc24 bind-dyndb-ldap-9.0-3.fc24 ccsm-0.8.12.4-1.fc24 cherrytree-0.37.0-1.fc24 cinnamon-3.0.4-1.fc24 cinnamon-desktop-3.0.2-1.fc24 cinnamon-menus-3.0.1-1.fc24 cinnamon-session-3.0.1-1.fc24 cinnamon-translations-3.0.2-1.fc24 copr-dist-git-0.18-1.fc24 dkms-2.2.0.3-34.git.9e0394d.fc24 dnf-1.1.9-2.fc24 dnf-plugins-core-0.1.21-2.fc24 dnsperf-2.1.0.0-2.fc24 docker-1.10.3-11.git8ecd47f.fc24 emerald-themes-0.8.12.1-1.fc24 engrampa-1.14.1-2.fc24 gd-2.2.1-1.fc24 gecode-4.4.0-10.fc24 ghc-7.8.4-48.fc24 gimp-data-extras-2.0.2-14.fc24 glabels-3.4.0-1.fc24 globus-xio-udt-driver-1.21-1.fc24 gofer-2.8.1-1.fc24 graphite-api-1.1.3-1.fc24 gyazo-1.2-1.fc24 libXfixes-5.0.2-2.fc24 libguestfs-1.33.32-1.fc24 libimobiledevice-1.2.0-7.fc24 libusbmuxd-1.0.10-5.fc24 mariadb-10.1.14-2.fc24 mate-desktop-1.14.1-2.fc24 mate-terminal-1.14.0-2.fc24 mate-themes-3.20.8-0.1.git20160526.59b3286.fc24 mkvtoolnix-9.1.0-2.fc24 mozjs45-45.1.1-3.fc24 muffin-3.0.4-1.fc24 ndisc6-1.0.3-1.fc24 nemo-3.0.3-2.fc24 parted-3.2-20.fc24 pdc-client-1.0.0-1.fc24 pdns-4.0.0-0.7.beta1.fc24 perl-B-Generate-1.54-1.fc24 php-zendframework-zend-log-2.8.3-1.fc24 phpMyAdmin-4.6.2-1.fc24 poco-1.7.3-4.fc24 python-docker-squash-1.0.0-0.8.rc6.fc24 python-persistent-4.2.1-1.fc24 python-resultsdb_api-1.2.2-3.fc24 qemu-2.6.0-3.fc24 roundcubemail-1.2.0-1.fc24 salt-2015.5.10-1.fc24 skopeo-0.1.12-2.fc24 sqlite-3.12.2-1.fc24 tcsh-6.19.00-9.fc24 xfce4-power-manager-1.6.0-3.fc24 Details about builds: ================================================================================ IQmol-2.7.1-3.fc24 (FEDORA-2016-a88e158b2c) A free open-source molecular editor and visualization package -------------------------------------------------------------------------------- Update Information: Update to 2.7.1. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1321072 - update 2.7.1 https://bugzilla.redhat.com/show_bug.cgi?id=1321072 [ 2 ] Bug #1307278 - IQmol: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1307278 -------------------------------------------------------------------------------- ================================================================================ R-Rcpp-0.12.5-1.fc24 (FEDORA-2016-1cce615d03) Seamless R and C++ Integration -------------------------------------------------------------------------------- Update Information: https://cran.r-project.org/web/packages/Rcpp/news.html -------------------------------------------------------------------------------- ================================================================================ bind-9.10.4-1.P1.fc24 (FEDORA-2016-4d3e925874) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information: New version of BIND -------------------------------------------------------------------------------- ================================================================================ bind-dyndb-ldap-9.0-3.fc24 (FEDORA-2016-4d3e925874) LDAP back-end plug-in for BIND -------------------------------------------------------------------------------- Update Information: New version of BIND -------------------------------------------------------------------------------- ================================================================================ ccsm-0.8.12.4-1.fc24 (FEDORA-2016-97e863fd86) Plugin and configuration tool - Compiz Fusion Project -------------------------------------------------------------------------------- Update Information: ccsm - update to 0.8.12.4 release emerald-themes - update to 0.8.12.1 release - obsolete emerald-themes-extra - themes are moved to main package -------------------------------------------------------------------------------- ================================================================================ cherrytree-0.37.0-1.fc24 (FEDORA-2016-5ceb6c0711) Hierarchical note taking application -------------------------------------------------------------------------------- Update Information: update cherrytree to 0.37.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1340299 - cherrytree-0.37.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1340299 -------------------------------------------------------------------------------- ================================================================================ cinnamon-3.0.4-1.fc24 (FEDORA-2016-6ac0d717d5) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: cinnamon update -------------------------------------------------------------------------------- ================================================================================ cinnamon-desktop-3.0.2-1.fc24 (FEDORA-2016-6ac0d717d5) Shared code among cinnamon-session, nemo, etc -------------------------------------------------------------------------------- Update Information: cinnamon update -------------------------------------------------------------------------------- ================================================================================ cinnamon-menus-3.0.1-1.fc24 (FEDORA-2016-6ac0d717d5) A menu system for the Cinnamon project -------------------------------------------------------------------------------- Update Information: cinnamon update -------------------------------------------------------------------------------- ================================================================================ cinnamon-session-3.0.1-1.fc24 (FEDORA-2016-6ac0d717d5) Cinnamon session manager -------------------------------------------------------------------------------- Update Information: cinnamon update -------------------------------------------------------------------------------- ================================================================================ cinnamon-translations-3.0.2-1.fc24 (FEDORA-2016-6ac0d717d5) Translations for Cinnamon and Nemo -------------------------------------------------------------------------------- Update Information: cinnamon update -------------------------------------------------------------------------------- ================================================================================ copr-dist-git-0.18-1.fc24 (FEDORA-2016-abbe48a0c6) Copr services for Dist Git server -------------------------------------------------------------------------------- Update Information: implemented building from rubygems -------------------------------------------------------------------------------- ================================================================================ dkms-2.2.0.3-34.git.9e0394d.fc24 (FEDORA-2016-adb91e429e) Dynamic Kernel Module Support Framework -------------------------------------------------------------------------------- Update Information: Multiprocessor build support and bugfixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334103 - RFE: Use parallel build on multiprocessor systems https://bugzilla.redhat.com/show_bug.cgi?id=1334103 [ 2 ] Bug #912300 - DKMS do not preserve timestamps when copying source into build directory, this may cause some pkgs re-build failures or at least extra work. https://bugzilla.redhat.com/show_bug.cgi?id=912300 -------------------------------------------------------------------------------- ================================================================================ dnf-1.1.9-2.fc24 (FEDORA-2016-ce664c0f73) Package manager forked from Yum, using libsolv as a dependency resolver -------------------------------------------------------------------------------- Update Information: Critical fixes since 1.1.9 -------------------------------------------------------------------------------- ================================================================================ dnf-plugins-core-0.1.21-2.fc24 (FEDORA-2016-ce664c0f73) Core Plugins for DNF -------------------------------------------------------------------------------- Update Information: Critical fixes since 1.1.9 -------------------------------------------------------------------------------- ================================================================================ dnsperf-2.1.0.0-2.fc24 (FEDORA-2016-4d3e925874) Benchmarking authorative and recursing DNS servers -------------------------------------------------------------------------------- Update Information: New version of BIND -------------------------------------------------------------------------------- ================================================================================ docker-1.10.3-11.git8ecd47f.fc24 (FEDORA-2016-e21eeb4202) Automates deployment of containerized applications -------------------------------------------------------------------------------- Update Information: Resolves: #1335649 - enable Red Hat subscription use in Docker containers on Fedora ---- built docker @projectatomic/fedora-1.10.3 commit 8ecd47f -------------------------------------------------------------------------------- References: [ 1 ] Bug #1335649 - Enable use of Red Hat subscriptions in docker containers on Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1335649 [ 2 ] Bug #1329454 - CVE-2016-3697 docker: privilege escalation via confusion of usernames and UIDs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1329454 -------------------------------------------------------------------------------- ================================================================================ emerald-themes-0.8.12.1-1.fc24 (FEDORA-2016-97e863fd86) Themes for Emerald, a window decorator for Compiz Fusion -------------------------------------------------------------------------------- Update Information: ccsm - update to 0.8.12.4 release emerald-themes - update to 0.8.12.1 release - obsolete emerald-themes-extra - themes are moved to main package -------------------------------------------------------------------------------- ================================================================================ engrampa-1.14.1-2.fc24 (FEDORA-2016-e44fa6030a) MATE Desktop file archiver -------------------------------------------------------------------------------- Update Information: - use compositor as default for f24 mate-terminal and engrampa - switch to gtk3 for f24 -------------------------------------------------------------------------------- ================================================================================ gd-2.2.1-1.fc24 (FEDORA-2016-a82ad4c373) A graphics library for quick creation of PNG or JPEG images -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2015-8877 --- Upgrade to latest version - mainly bugfixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1338907 - CVE-2015-8877 php: gdImageScaleTwoPass function in gd_interpolation.c uses inconsistent allocate and free approaches https://bugzilla.redhat.com/show_bug.cgi?id=1338907 -------------------------------------------------------------------------------- ================================================================================ gecode-4.4.0-10.fc24 (FEDORA-2016-367c74025a) Generic constraint development environment -------------------------------------------------------------------------------- Update Information: Fix ppc typo -------------------------------------------------------------------------------- ================================================================================ ghc-7.8.4-48.fc24 (FEDORA-2016-adf100b036) Glasgow Haskell Compiler -------------------------------------------------------------------------------- Update Information: Tweak for mips port. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1294873 - Do not package ghc-split on MIPS https://bugzilla.redhat.com/show_bug.cgi?id=1294873 -------------------------------------------------------------------------------- ================================================================================ gimp-data-extras-2.0.2-14.fc24 (FEDORA-2016-4a97ca2090) Extra files for GIMP -------------------------------------------------------------------------------- Update Information: No AppStream metadata file was shipped in previous releases, this release adds one. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1316293 - Ship AppStream metadata file https://bugzilla.redhat.com/show_bug.cgi?id=1316293 -------------------------------------------------------------------------------- ================================================================================ glabels-3.4.0-1.fc24 (FEDORA-2016-6d9867dc66) A program for creating labels and business cards for GNOME -------------------------------------------------------------------------------- Update Information: Update to new upstream release (3.4.0): fixing many bugs, such as missing contacts on vcard import, potential crashes on "Select All", delayed rotation/flipping, and incorrect sensitivity of first handle of line objects. Additional enhancements include auto-detection of CSV file encoding, object- dragging enhancements, added properties dialog, and a GS1 input mode for Datamatrix barcodes, as well as many new templates and fixes to existing product templates and updated UI and documentation translations. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339690 - New upstream version available https://bugzilla.redhat.com/show_bug.cgi?id=1339690 -------------------------------------------------------------------------------- ================================================================================ globus-xio-udt-driver-1.21-1.fc24 (FEDORA-2016-41714d5bfb) Globus Toolkit - Globus XIO UDT Driver -------------------------------------------------------------------------------- Update Information: Add GLOBUS_XIO_UDT_STUNSERVER environment variable override -------------------------------------------------------------------------------- ================================================================================ gofer-2.8.1-1.fc24 (FEDORA-2016-84697a9973) A lightweight, extensible python agent -------------------------------------------------------------------------------- Update Information: Latest upstream. Fixes unwanted python package dependency. ---- Latest upstream. New feature: Support added for both *direct* and *fork* RMI execution models. Prior to 2.8, only *direct* was supported. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1340262 - python-gofer depends on gofer, but does not declare the dependency https://bugzilla.redhat.com/show_bug.cgi?id=1340262 -------------------------------------------------------------------------------- ================================================================================ graphite-api-1.1.3-1.fc24 (FEDORA-2016-5e4475c46f) Graphite-web, without the interface. Just the rendering HTTP API -------------------------------------------------------------------------------- Update Information: Update to 1.1.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1338773 - graphite-api-1.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1338773 -------------------------------------------------------------------------------- ================================================================================ gyazo-1.2-1.fc24 (FEDORA-2016-3193c9df0d) Screen capture tool -------------------------------------------------------------------------------- Update Information: Used this spec file as template -------------------------------------------------------------------------------- ================================================================================ libXfixes-5.0.2-2.fc24 (FEDORA-2016-88baa4e5ce) X Fixes library -------------------------------------------------------------------------------- Update Information: libXfixes 5.0.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1340078 - libXfixes-5.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1340078 -------------------------------------------------------------------------------- ================================================================================ libguestfs-1.33.32-1.fc24 (FEDORA-2016-47fd828746) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information: New upstream version 1.33.32. -------------------------------------------------------------------------------- ================================================================================ libimobiledevice-1.2.0-7.fc24 (FEDORA-2016-f10f7ee784) Library for connecting to mobile devices -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-5104 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339988 - CVE-2016-5104 libimobiledevice: Sockets listening on INADDR_ANY https://bugzilla.redhat.com/show_bug.cgi?id=1339988 -------------------------------------------------------------------------------- ================================================================================ libusbmuxd-1.0.10-5.fc24 (FEDORA-2016-f10f7ee784) Client library USB multiplex daemon for Apple's iOS devices -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-5104 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339988 - CVE-2016-5104 libimobiledevice: Sockets listening on INADDR_ANY https://bugzilla.redhat.com/show_bug.cgi?id=1339988 -------------------------------------------------------------------------------- ================================================================================ mariadb-10.1.14-2.fc24 (FEDORA-2016-1d438bc429) A community developed branch of MySQL -------------------------------------------------------------------------------- Update Information: Fix mysql-prepare-db-dir -------------------------------------------------------------------------------- References: [ 1 ] Bug #1335849 - None https://bugzilla.redhat.com/show_bug.cgi?id=1335849 -------------------------------------------------------------------------------- ================================================================================ mate-desktop-1.14.1-2.fc24 (FEDORA-2016-e44fa6030a) Shared code for mate-panel, mate-session, mate-file-manager, etc -------------------------------------------------------------------------------- Update Information: - use compositor as default for f24 mate-terminal and engrampa - switch to gtk3 for f24 -------------------------------------------------------------------------------- ================================================================================ mate-terminal-1.14.0-2.fc24 (FEDORA-2016-e44fa6030a) Terminal emulator for MATE -------------------------------------------------------------------------------- Update Information: - use compositor as default for f24 mate-terminal and engrampa - switch to gtk3 for f24 -------------------------------------------------------------------------------- ================================================================================ mate-themes-3.20.8-0.1.git20160526.59b3286.fc24 (FEDORA-2016-9404a773db) MATE Desktop themes -------------------------------------------------------------------------------- Update Information: - update to git snapshot from 2016-05-26 -------------------------------------------------------------------------------- ================================================================================ mkvtoolnix-9.1.0-2.fc24 (FEDORA-2016-0edd658013) Matroska container manipulation utilities -------------------------------------------------------------------------------- Update Information: This update is built against system json library instead of the bundled one. -------------------------------------------------------------------------------- ================================================================================ mozjs45-45.1.1-3.fc24 (FEDORA-2016-1515138bb9) JavaScript interpreter and libraries -------------------------------------------------------------------------------- Update Information: New package mozjs45 - contains JS engine from Firefox 45. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1336728 - Review Request: mozjs45 - JavaScript interpreter and libraries https://bugzilla.redhat.com/show_bug.cgi?id=1336728 -------------------------------------------------------------------------------- ================================================================================ muffin-3.0.4-1.fc24 (FEDORA-2016-6ac0d717d5) Window and compositing manager based on Clutter -------------------------------------------------------------------------------- Update Information: cinnamon update -------------------------------------------------------------------------------- ================================================================================ ndisc6-1.0.3-1.fc24 (FEDORA-2016-78b835a108) IPv6 diagnostic tools -------------------------------------------------------------------------------- Update Information: New upstream and push to epel7 as well -------------------------------------------------------------------------------- References: [ 1 ] Bug #1310352 - Update to latest version / epel7 https://bugzilla.redhat.com/show_bug.cgi?id=1310352 -------------------------------------------------------------------------------- ================================================================================ nemo-3.0.3-2.fc24 (FEDORA-2016-6ac0d717d5) File manager for Cinnamon -------------------------------------------------------------------------------- Update Information: cinnamon update -------------------------------------------------------------------------------- ================================================================================ parted-3.2-20.fc24 (FEDORA-2016-b941a4053d) The GNU disk partition manipulation program -------------------------------------------------------------------------------- Update Information: - libparted: Fix probing AIX disks on other arches - partprobe: Open the device once for probing -------------------------------------------------------------------------------- ================================================================================ pdc-client-1.0.0-1.fc24 (FEDORA-2016-3255d8ec30) Client library and console client for Product Definition Center -------------------------------------------------------------------------------- Update Information: 1. Change filtering arguments's underscore to minus to be consistent. 2. Modify compose-tree-locations in client because API url changed. 3. Add support for repo manipulation into pdc client (ycheng@xxxxxxxxxx) -------------------------------------------------------------------------------- ================================================================================ pdns-4.0.0-0.7.beta1.fc24 (FEDORA-2016-56aa99e7dd) A modern, advanced and high performance authoritative-only nameserver -------------------------------------------------------------------------------- Update Information: - Update to 4.0.0 beta 1 Release notes: https://doc.powerdns.com/md/changelog /#powerdns-authoritative-server-400-beta1 -------------------------------------------------------------------------------- ================================================================================ perl-B-Generate-1.54-1.fc24 (FEDORA-2016-0a52d8292e) Create your own op trees -------------------------------------------------------------------------------- Update Information: Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1340296 - perl-B-Generate-1.54 is available https://bugzilla.redhat.com/show_bug.cgi?id=1340296 -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-log-2.8.3-1.fc24 (FEDORA-2016-8eaca46c97) Zend Framework Log component -------------------------------------------------------------------------------- Update Information: **zend-log 2.8.3** - 2016-05-25 - Corrected licence headers across files within the project -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.6.2-1.fc24 (FEDORA-2016-e3240782ec) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.6.2 (2016-05-25) ============================= - [security] User SQL queries can be revealed through URL GET parameters, see PMASA-2016-14 - [security] Self XSS vulneratbility, see PMASA-2016-16 - Use https for documentation links - Fix schema export with too many tables - Avoid parsing non JSON responses as JSON - Avoid using too log URLs when getting javascripts - Fixed setting mixed case languages - Avoid storing objects in session when debugging SQL - Fix cookie path on IIS - Fix occassional 200 errors on Windows - Fix locking issues when importing SQL - Avoid confusing warning when mysql extension is missing - Improve handling of logout - Safer handling of sessions during authentication - Fix server selection on main page - Avoid storing full error data in session - Fixed export of ARCHIVE tables with keys - Add session reload for config authentication - Do not fail on errors stored in session - Fix loading of APC based upload progress bar -------------------------------------------------------------------------------- References: [ 1 ] Bug #1340066 - phpMyAdmin: Multiple issues fixed in 4.6.2 and 4.4.15.6 (PMASA-2016-16,PMASA-2016-15,PMASA-2016-14) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1340066 [ 2 ] Bug #1339852 - phpMyAdmin-4.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1339852 -------------------------------------------------------------------------------- ================================================================================ poco-1.7.3-4.fc24 (FEDORA-2016-6b91c31bcf) C++ class libraries for network-centric applications -------------------------------------------------------------------------------- Update Information: Restore removal of bundled sources ---- allow build without mongodb, like on big endian arches ---- New upstream release 1.7.3 -------------------------------------------------------------------------------- ================================================================================ python-docker-squash-1.0.0-0.8.rc6.fc24 (FEDORA-2016-246d0c6226) Docker layer squashing tool -------------------------------------------------------------------------------- Update Information: Upstream release `1.0.0rc6` -------------------------------------------------------------------------------- References: [ 1 ] Bug #1319006 - python-docker-scripts-1.0.0rc6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1319006 -------------------------------------------------------------------------------- ================================================================================ python-persistent-4.2.1-1.fc24 (FEDORA-2016-43208fb3c8) Translucent persistent python objects -------------------------------------------------------------------------------- Update Information: This update fixes the return type of TimeStamp_hash for python 3. -------------------------------------------------------------------------------- ================================================================================ python-resultsdb_api-1.2.2-3.fc24 (FEDORA-2016-f02a31c029) Interface api to ResultsDB -------------------------------------------------------------------------------- Update Information: Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #1336833 - Review Request: python-resultsdb_api - API to resultsdb https://bugzilla.redhat.com/show_bug.cgi?id=1336833 -------------------------------------------------------------------------------- ================================================================================ qemu-2.6.0-3.fc24 (FEDORA-2016-f13ea849c5) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * CVE-2016-4020: memory leak in kvmvapic.c (bz #1326904) * CVE-2016-4439: scsi: esb: OOB write #1 (bz #1337503) * CVE-2016-4441: scsi: esb: OOB write #2 (bz #1337506) * Fix regression installing windows 7 with qxl/vga (bz #1339267) * Fix crash with aarch64 gic-version=host and accel=tcg (bz #1339977) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1313686 - CVE-2016-4020 Qemu: i386: leakage of stack memory to guest in kvmvapic.c https://bugzilla.redhat.com/show_bug.cgi?id=1313686 [ 2 ] Bug #1337502 - CVE-2016-4439 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write https://bugzilla.redhat.com/show_bug.cgi?id=1337502 [ 3 ] Bug #1337505 - CVE-2016-4441 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd https://bugzilla.redhat.com/show_bug.cgi?id=1337505 -------------------------------------------------------------------------------- ================================================================================ roundcubemail-1.2.0-1.fc24 (FEDORA-2016-d23d2712de) Round Cube Webmail is a browser-based multilingual IMAP client -------------------------------------------------------------------------------- Update Information: Upstream announcement: [Roundcube Webmail 1.2.0 released](https://roundcube.net/news/2016/05/22/roundcube- webmail-1.2.0-released) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339654 - CVE-2016-5103 roundcube: XSS vulnerability in mail content page https://bugzilla.redhat.com/show_bug.cgi?id=1339654 -------------------------------------------------------------------------------- ================================================================================ salt-2015.5.10-1.fc24 (FEDORA-2016-ebb0929e83) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Update to bugfix release 2015.5.10 -------------------------------------------------------------------------------- ================================================================================ skopeo-0.1.12-2.fc24 (FEDORA-2016-68e53074c3) Inspect Docker images and repositories on registries -------------------------------------------------------------------------------- Update Information: update to v0.1.12 -------------------------------------------------------------------------------- ================================================================================ sqlite-3.12.2-1.fc24 (FEDORA-2016-3d4c0d27b6) Library that implements an embeddable SQL database engine -------------------------------------------------------------------------------- Update Information: Updated to version 3.12.2 (https://sqlite.org/releaselog/3_12_2.html) -------------------------------------------------------------------------------- ================================================================================ tcsh-6.19.00-9.fc24 (FEDORA-2016-90a585a00d) An enhanced version of csh, the C shell -------------------------------------------------------------------------------- Update Information: ** tl;dr; version: ** *2 latest issues discovered have been fixed:* * git_tcsh_completion should work again now * output of 'jobs' builtin now goes correctly to stdout (instead of stderr) Previous (related) update notes: ==================== TCSH has been updated to latest upstream version. Highlights ----------- * tcsh can now be build with gcc-6 * $vimode variable can now be used to control VImode, see 'man tcsh' * additional relevant patches backported from upstream * many fixes that should improve user experience with tcsh Other ------ * code not accepted/supported by upstream has been removed * specfile has gone through significant maintenance * $tcsh_posix_status variable is now deprecated, use $anyerror instead -------------------------------------------------------------------------------- ================================================================================ xfce4-power-manager-1.6.0-3.fc24 (FEDORA-2016-ab452c4475) Power management for the Xfce desktop environment -------------------------------------------------------------------------------- Update Information: Have the desktop file not show xfce4-power-manager when using the MATE desktop env. It has it's own power manager. ---- Update to 1.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1318642 - Please add MATE to NotShowIn in desktop file https://bugzilla.redhat.com/show_bug.cgi?id=1318642 [ 2 ] Bug #1339335 - Update xfce4-power-manager to current upstream release https://bugzilla.redhat.com/show_bug.cgi?id=1339335 [ 3 ] Bug #1241899 - PM plugin leaks memory https://bugzilla.redhat.com/show_bug.cgi?id=1241899 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
