The following Fedora 24 Security updates need testing: Age URL 53 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e339a7779 optipng-0.7.6-1.fc24 25 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a4d504509 obs-signd-2.2.1-8.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-95edf19d8a squid-3.5.19-2.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b86ae2068d openslp-2.0.0-9.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dfa325d31b community-mysql-5.7.12-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b967ac1a74 php-5.6.22-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e21eeb4202 docker-1.10.3-11.git8ecd47f.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e3240782ec phpMyAdmin-4.6.2-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d23d2712de roundcubemail-1.2.0-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cfea37952b xen-4.6.1-10.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa49938267 pungi-4.0.15-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3d4c0d27b6 sqlite-3.12.2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c36f610022 krb5-1.14.1-6.fc24 The following builds have been pushed to Fedora 24 updates-testing atoum-2.7.0-1.fc24 chck-0-1.20160408git5275403.fc24 edgar-1.24-1.fc24 gnome-software-3.20.3-1.fc24 knot-2.2.0-3.fc24 kubernetes-1.2.0-0.22.git4a3f9c5.fc24 ndctl-53.1-1.fc24 nvml-1.0-2.fc24 pcsc-cyberjack-3.99.5final.SP09-1.fc24 perl-MCE-1.708-1.fc24 php-bartlett-php-compatinfo-db-1.9.0-1.fc24 php-phpunit-git-2.1.2-1.fc24 python-hypothesis-3.4.0-1.fc24 python-shapely-1.5.16-1.fc24 python-werkzeug-0.11.10-1.fc24 xemacs-21.5.34-16.20160507hgd5b51c618ef8.fc24 xen-4.6.1-10.fc24 Details about builds: ================================================================================ atoum-2.7.0-1.fc24 (FEDORA-2016-72c43f8365) PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: **Version 2.7.0** - 2016-06-20 * [#594](https://github.com/atoum/atoum/pull/594) Add telemtry report to CI builds ([jubianchi]) * [#600](https://github.com/atoum/atoum/pull/600) Reports override correctly when using -ulr/-utr ([jubianchi]) * [#593](https://github.com/atoum/atoum/pull/593) Assertions on PHP 7 exceptions/throwables/errors are now working correctly ([jubianchi]) -------------------------------------------------------------------------------- ================================================================================ chck-0-1.20160408git5275403.fc24 (FEDORA-2016-c1c4dd94aa) Collection of C utilities -------------------------------------------------------------------------------- Update Information: Update to more recent git commit -------------------------------------------------------------------------------- ================================================================================ edgar-1.24-1.fc24 (FEDORA-2016-9458a607e5) A platform game -------------------------------------------------------------------------------- Update Information: * Updated Brazilian Portuguese and German translations * The ice blocks dropped by the large blue book's third form now shatter if they land on lifts -------------------------------------------------------------------------------- ================================================================================ gnome-software-3.20.3-1.fc24 (FEDORA-2016-2be09c9861) A software center for GNOME -------------------------------------------------------------------------------- Update Information: gnome-software 3.20.3. This stable release fixes the following bugs: * Fix several issues with system upgrades * Fix several issues with the Ubuntu reviews dialog * Fix an issue that caused incorrect package versions to be shown in the update panel * Fix an issue that caused offline updates to not start under certain conditions This release also updates translations. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1337336 - gnome-software shows updates but "Restart & Install" button doesn't install them https://bugzilla.redhat.com/show_bug.cgi?id=1337336 [ 2 ] Bug #1336482 - Change label "Installing" to "Downloading" https://bugzilla.redhat.com/show_bug.cgi?id=1336482 [ 3 ] Bug #1335414 - Graphical upgrade failed with error with no details https://bugzilla.redhat.com/show_bug.cgi?id=1335414 [ 4 ] Bug #1336459 - installing a package between Download and Install actions of graphical upgrade breaks graphical upgrade https://bugzilla.redhat.com/show_bug.cgi?id=1336459 -------------------------------------------------------------------------------- ================================================================================ knot-2.2.0-3.fc24 (FEDORA-2016-13d3faa3f0) High-performance authoritative DNS server -------------------------------------------------------------------------------- Update Information: Fix default configuration file. -------------------------------------------------------------------------------- ================================================================================ kubernetes-1.2.0-0.22.git4a3f9c5.fc24 (FEDORA-2016-d79a8ed83c) Container cluster management -------------------------------------------------------------------------------- Update Information: Bump to origin v1.2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1340643 - Update to origin v1.2.0 https://bugzilla.redhat.com/show_bug.cgi?id=1340643 -------------------------------------------------------------------------------- ================================================================================ ndctl-53.1-1.fc24 (FEDORA-2016-8505baabe1) Manage "libnvdimm" subsystem devices (Non-volatile Memory) -------------------------------------------------------------------------------- Update Information: - Fix up tag format vs source url confusion - add daxctl-libs + daxctl-devel packages - add bash completion -------------------------------------------------------------------------------- ================================================================================ nvml-1.0-2.fc24 (FEDORA-2016-1ba843f879) Non-Volatile Memory Library -------------------------------------------------------------------------------- Update Information: Exclude PPC architecture -------------------------------------------------------------------------------- ================================================================================ pcsc-cyberjack-3.99.5final.SP09-1.fc24 (FEDORA-2016-e672c38dd8) PC/SC driver for REINER SCT cyberjack USB chip card reader -------------------------------------------------------------------------------- Update Information: New upstream, which fixes an usb-bug. Gui finally removed by upstream, was not build/packaged anyway. The cyberjack binary, used for troubleshooting the install, was also removed upstream. -------------------------------------------------------------------------------- ================================================================================ perl-MCE-1.708-1.fc24 (FEDORA-2016-ff73f4e786) Many-core Engine for Perl providing parallel processing capabilities -------------------------------------------------------------------------------- Update Information: Current upstream maintenance release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339851 - perl-MCE-1.707 is available https://bugzilla.redhat.com/show_bug.cgi?id=1339851 -------------------------------------------------------------------------------- ================================================================================ php-bartlett-php-compatinfo-db-1.9.0-1.fc24 (FEDORA-2016-8b44a1f34e) Reference Database to be used with php-compatinfo library -------------------------------------------------------------------------------- Update Information: **Version 1.9.0** - 2016-05-27 - Support to PHP 7.0.7 - Support to PHP 5.6.22 - Support to PHP 5.5.36 -------------------------------------------------------------------------------- ================================================================================ php-phpunit-git-2.1.2-1.fc24 (FEDORA-2016-7055fb1db1) Simple wrapper for Git -------------------------------------------------------------------------------- Update Information: **Version 2.1.2** * Fix getCurrentBranch() to support branches with slashes -------------------------------------------------------------------------------- ================================================================================ python-hypothesis-3.4.0-1.fc24 (FEDORA-2016-e14755683c) A library for property based testing -------------------------------------------------------------------------------- Update Information: Latest release, see https://hypothesis.readthedocs.io/en/latest/changes.html for changelog -------------------------------------------------------------------------------- ================================================================================ python-shapely-1.5.16-1.fc24 (FEDORA-2016-6763413e23) Manipulation and analysis of geometric objects in the Cartesian plane -------------------------------------------------------------------------------- Update Information: - Bug fix: eliminate memory leak when unpickling geometry objects (#384, #385). - Bug fix: prevent crashes when attempting to pickle a prepared geometry, raising ``PicklingError`` instead (#386). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1340577 - python-shapely-1.5.16 is available https://bugzilla.redhat.com/show_bug.cgi?id=1340577 -------------------------------------------------------------------------------- ================================================================================ python-werkzeug-0.11.10-1.fc24 (FEDORA-2016-d8698f4a8d) The Swiss Army knife of Python web development -------------------------------------------------------------------------------- Update Information: Upstream 0.11.10 ---- Upstream 0.11.6 (upstream #822) -------------------------------------------------------------------------------- ================================================================================ xemacs-21.5.34-16.20160507hgd5b51c618ef8.fc24 (FEDORA-2016-d104d3608c) Different version of Emacs -------------------------------------------------------------------------------- Update Information: This update fixes a problem that prevents M-x shell from working under tcsh. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222897 - Warning: no access to tty (Inappropriate ioctl for device). When opening a shell https://bugzilla.redhat.com/show_bug.cgi?id=1222897 [ 2 ] Bug #1260785 - TCSH shells have process control problems in Xemacs https://bugzilla.redhat.com/show_bug.cgi?id=1260785 -------------------------------------------------------------------------------- ================================================================================ xen-4.6.1-10.fc24 (FEDORA-2016-cfea37952b) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: cleaner way to set kernel module load list Unrestricted qemu logging [XSA-180, CVE-2014-3672] (#1339125) Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write [CVE-2016-4439] (#1337502) Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd [CVE-2016-4441] (#1337505) Qemu: scsi: megasas: out-of-bounds write while setting controller properties [CVE-2016-5106] (#1339578) Qemu: scsi: megasas: stack information leakage while reading configuration [CVE-2016-5105] (#1339583) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1337502 - CVE-2016-4439 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write https://bugzilla.redhat.com/show_bug.cgi?id=1337502 [ 2 ] Bug #1337505 - CVE-2016-4441 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd https://bugzilla.redhat.com/show_bug.cgi?id=1337505 [ 3 ] Bug #1339578 - CVE-2016-5106 Qemu: scsi: megasas: out-of-bounds write while setting controller properties https://bugzilla.redhat.com/show_bug.cgi?id=1339578 [ 4 ] Bug #1339583 - CVE-2016-5105 Qemu: scsi: megasas: stack information leakage while reading configuration https://bugzilla.redhat.com/show_bug.cgi?id=1339583 [ 5 ] Bug #1339123 - CVE-2014-3672 xen: Unrestricted qemu logging https://bugzilla.redhat.com/show_bug.cgi?id=1339123 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
