The following Fedora 24 Security updates need testing: Age URL 55 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e339a7779 optipng-0.7.6-1.fc24 11 https://bodhi.fedoraproject.org/updates/FEDORA-2016-95edf19d8a squid-3.5.19-2.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dfa325d31b community-mysql-5.7.12-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d23d2712de roundcubemail-1.2.0-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e5f722a9a7 docker-1.10.3-12.git4158ccc.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0d90ead5d7 GraphicsMagick-1.3.24-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c329fc4c32 nginx-1.10.1-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa49938267 pungi-4.0.15-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f85aa7dd6b selinux-policy-3.13.1-190.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-775b61dc0e xorg-x11-drv-evdev-2.10.3-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-550dcbaa52 accountsservice-0.6.40-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e38c21c74b findutils-4.6.0-5.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6408de4c1d bluez-5.40-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3d4c0d27b6 clementine-1.3.1-2.fc24 sqlite-3.12.2-1.fc24 The following builds have been pushed to Fedora 24 updates-testing GraphicsMagick-1.3.24-1.fc24 accountsservice-0.6.40-4.fc24 beep-1.3-16.fc24 bluez-5.40-1.fc24 certbot-0.7.0-1.fc24 clementine-1.3.1-2.fc24 composer-1.1.2-1.fc24 eclipse-cdt-9.0.0-0.7.gitdff6b3b.fc24 eclipse-gef-3.11.0-0.1gitd3e8eb2.fc24 engauge-digitizer-8.1-1.fc24 erlang-lucene_parser-1-1.fc24 findutils-4.6.0-5.fc24 flatpak-0.6.3-1.fc24 fldigi-3.23.10-1.fc24 keycloak-httpd-client-install-0.3-1.fc24 knot-resolver-1.0.0-1.fc24 libfabric-1.3.0-2.fc24 nginx-1.10.1-1.fc24 owncloud-9.0.2-1.fc24 pagure-2.2-1.fc24 pam_yubico-2.22-1.fc24 php-nette-database-2.3.9-1.fc24 php-sabre-dav-3.0.9-1.fc24 php-sabre-http-4.2.1-1.fc24 php-symfony-2.8.6-2.fc24 php-symfony-security-acl-2.8.0-1.fc24 php-zendframework-zend-mvc-2.7.8-1.fc24 pioneer-20160512-3.fc24 python-acme-0.7.0-1.fc24 qgnomeplatform-0.2-1.20160531git.fc24 qt5-qtdeclarative-5.6.0-11.fc24 rsibreak-0.12.3-1.fc24 salt-2015.5.10-2.fc24 seafile-5.1.2-3.fc24 sqlite-3.12.2-1.fc24 strace-4.12-1.fc24 ti-uim-0-0.4.a0236bc.fc24 xorg-x11-drv-evdev-2.10.3-1.fc24 Details about builds: ================================================================================ GraphicsMagick-1.3.24-1.fc24 (FEDORA-2016-0d90ead5d7) An ImageMagick fork, offering faster image generation and better quality -------------------------------------------------------------------------------- Update Information: New GraphicsMagick bugfix/security release, see also: http://www.graphicsmagick.org/NEWS.html#may-30-2016 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1306148 - CVE-2016-2317 CVE-2016-2318 GraphicsMagick: SVG parsing issues https://bugzilla.redhat.com/show_bug.cgi?id=1306148 [ 2 ] Bug #1340814 - CVE-2016-5118 ImageMagick: Remote code execution via filename https://bugzilla.redhat.com/show_bug.cgi?id=1340814 [ 3 ] Bug #1333410 - GraphicsMagick: SVG converting issues https://bugzilla.redhat.com/show_bug.cgi?id=1333410 -------------------------------------------------------------------------------- ================================================================================ accountsservice-0.6.40-4.fc24 (FEDORA-2016-550dcbaa52) D-Bus interfaces for querying and manipulating user account information -------------------------------------------------------------------------------- Update Information: Don't create /root/.cache at startup -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331926 - AVC denied accounts-daemon write access root https://bugzilla.redhat.com/show_bug.cgi?id=1331926 -------------------------------------------------------------------------------- ================================================================================ beep-1.3-16.fc24 (FEDORA-2016-368b7a4ca3) Beep the PC speaker any number of ways -------------------------------------------------------------------------------- Update Information: `beep-1.3-16.fc*` adds documentation and helping files for non-root users to run `beep` successfully. This includes: * Updated documentation in `/usr/share/doc/beep/README.fedora` which explains the `sudo` based setup. * Example _sudoers_ configuration file at `/etc/sudoers.d/beep` which the system admin must adapt for their local system's needs. * Shell aliases for `beep` to allow non-root users to run `beep` from the shell via `sudo -n`, for both _sh_ and _csh_ type shells. If you do not set up _sudoers_, the behaviour of `beep` is the same: As root, running `beep` beeps. As non-root user, running `beep` produces an error message. The error message is just a different one now, produced by `sudo`. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1133231 - beep only works for root https://bugzilla.redhat.com/show_bug.cgi?id=1133231 -------------------------------------------------------------------------------- ================================================================================ bluez-5.40-1.fc24 (FEDORA-2016-6408de4c1d) Bluetooth utilities -------------------------------------------------------------------------------- Update Information: Update to 5.40 bugfix relesae -------------------------------------------------------------------------------- ================================================================================ certbot-0.7.0-1.fc24 (FEDORA-2016-b2b998fb4f) A free, automated certificate authority client -------------------------------------------------------------------------------- Update Information: Update to 0.7.0 -------------------------------------------------------------------------------- ================================================================================ clementine-1.3.1-2.fc24 (FEDORA-2016-3d4c0d27b6) A music player and library organizer -------------------------------------------------------------------------------- Update Information: Updated to version 3.12.2 (https://sqlite.org/releaselog/3_12_2.html) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1323540 - [abrt] clementine: logging::MessageHandler(): clementine killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1323540 -------------------------------------------------------------------------------- ================================================================================ composer-1.1.2-1.fc24 (FEDORA-2016-31f7380f4e) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.1.2** - 2016-05-31 * Fixed degraded mode issue when accessing packagist.org * Fixed GitHub access_token being added on subsequent requests in case of redirections * Fixed exclude-from-classmap not working in some circumstances * Fixed openssl warning preventing the use of config command for disabling tls -------------------------------------------------------------------------------- ================================================================================ eclipse-cdt-9.0.0-0.7.gitdff6b3b.fc24 (FEDORA-2016-66e4af5a88) Eclipse C/C++ Development Tools (CDT) plugin -------------------------------------------------------------------------------- Update Information: Add missing Requires of eclipse-launchbar -------------------------------------------------------------------------------- References: [ 1 ] Bug #1340953 - Eclipse CDT Standalone Debugger crashes. https://bugzilla.redhat.com/show_bug.cgi?id=1340953 -------------------------------------------------------------------------------- ================================================================================ eclipse-gef-3.11.0-0.1gitd3e8eb2.fc24 (FEDORA-2016-32858854e4) Graphical Editing Framework (GEF) Eclipse plug-in -------------------------------------------------------------------------------- Update Information: Update to Neon pre-release to sync with rest of the Eclipse stack. -------------------------------------------------------------------------------- ================================================================================ engauge-digitizer-8.1-1.fc24 (FEDORA-2016-cfdf687aa4) Convert graphs or map files into numbers -------------------------------------------------------------------------------- Update Information: - Update to 8.1 -------------------------------------------------------------------------------- ================================================================================ erlang-lucene_parser-1-1.fc24 (FEDORA-2016-4b6ddd3cde) A library for Lucene-like query syntax parsing -------------------------------------------------------------------------------- Update Information: * Initial build -------------------------------------------------------------------------------- References: [ 1 ] Bug #1336726 - Review Request: erlang-lucene_parser - A library for Lucene-like query syntax parsing https://bugzilla.redhat.com/show_bug.cgi?id=1336726 -------------------------------------------------------------------------------- ================================================================================ findutils-4.6.0-5.fc24 (FEDORA-2016-e38c21c74b) The GNU versions of find utilities (find and xargs) -------------------------------------------------------------------------------- Update Information: - make sure that find -exec + passes all arguments (upstream bug #48030) - clarify exit status handling of -exec cmd {} + in find(1) man page (#1325049) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1325049 - Documentation issue for '-exec {} +' syntax https://bugzilla.redhat.com/show_bug.cgi?id=1325049 -------------------------------------------------------------------------------- ================================================================================ flatpak-0.6.3-1.fc24 (FEDORA-2016-28555f5c00) Application deployment framework for desktop apps -------------------------------------------------------------------------------- Update Information: Update to 0.6.3 -------------------------------------------------------------------------------- ================================================================================ fldigi-3.23.10-1.fc24 (FEDORA-2016-a91153d0d2) Digital modem program for Linux -------------------------------------------------------------------------------- Update Information: =Version 3.23.10= 2016-05-23 David Freese <iam_w1hkj@xxxxxxxxx> 33ad2e6: logger c184758: Restore focus af25ef7: RsID button ae93f9c: flmsg keepalive 5b367fb: 4bars b4b8df4: ASCII ctl chars 759e6cf: Suppress dockable macros 065ead7: Packet Prep 2016-04-13 Edouard Lafargue W6ELA <edouard@xxxxxxxxxxxxx> 505c8b3: Portaudio Mono 2016-04-13 David Freese <iam_w1hkj@xxxxxxxxx> 68d9b32: FSQ message files 2016-04-12 Robert Stiles <kk5vd@xxxxxxxxx> 4ab48d4: KISS, 8PSK, FLARQ icon Modifications 2016-04-12 David Freese <iam_w1hkj@xxxxxxxxx> 76ab77c: FLARQ 9c04f07: focus behavior 2a3f4d4: PTT delays -------------------------------------------------------------------------------- References: [ 1 ] Bug #1314945 - fldigi-3.23.10.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1314945 -------------------------------------------------------------------------------- ================================================================================ keycloak-httpd-client-install-0.3-1.fc24 (FEDORA-2016-1ad0de9c41) Tools to configure Apache HTTPD as Keycloak client -------------------------------------------------------------------------------- Update Information: Initial upstream release -------------------------------------------------------------------------------- ================================================================================ knot-resolver-1.0.0-1.fc24 (FEDORA-2016-8c0eb27b8d) Caching full DNS Resolver -------------------------------------------------------------------------------- Update Information: Final upstream release. -------------------------------------------------------------------------------- ================================================================================ libfabric-1.3.0-2.fc24 (FEDORA-2016-6eaf8d8982) Open Fabric Interfaces -------------------------------------------------------------------------------- Update Information: Use psm/psm2 if possible on Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1340988 - Please rebuild libfabric to support psm and psm2 https://bugzilla.redhat.com/show_bug.cgi?id=1340988 -------------------------------------------------------------------------------- ================================================================================ nginx-1.10.1-1.fc24 (FEDORA-2016-c329fc4c32) A high performance web server and reverse proxy server -------------------------------------------------------------------------------- Update Information: update to upstream release 1.10.1 to fix CVE-2016-4450 -------------------------------------------------------------------------------- ================================================================================ owncloud-9.0.2-1.fc24 (FEDORA-2016-a7d88ae655) Private file sync and share server -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 [ 3 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 -------------------------------------------------------------------------------- ================================================================================ pagure-2.2-1.fc24 (FEDORA-2016-12b1688984) A git-centered forge -------------------------------------------------------------------------------- Update Information: Update to 2.2 ---- Update to 2.1.1 -------------------------------------------------------------------------------- ================================================================================ pam_yubico-2.22-1.fc24 (FEDORA-2016-2e19bc36ef) A Pluggable Authentication Module for yubikeys -------------------------------------------------------------------------------- Update Information: update to 2.22 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1336774 - Segfault locks us out of the servers https://bugzilla.redhat.com/show_bug.cgi?id=1336774 [ 2 ] Bug #1334799 - F23/F24 - pam_yubico upgrade fails, incorrect use of REQUIRES https://bugzilla.redhat.com/show_bug.cgi?id=1334799 [ 3 ] Bug #1338786 - pam_yubico-2.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1338786 -------------------------------------------------------------------------------- ================================================================================ php-nette-database-2.3.9-1.fc24 (FEDORA-2016-d58305872d) Nette Database Component -------------------------------------------------------------------------------- Update Information: **Released version 2.3.9** * Helpers::detectType() detects DATERANGE as text * Structure::analyzeForeignKeys() fixed lowercased name #122 -------------------------------------------------------------------------------- ================================================================================ php-sabre-dav-3.0.9-1.fc24 (FEDORA-2016-a7d88ae655) WebDAV Framework for PHP -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 [ 3 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 -------------------------------------------------------------------------------- ================================================================================ php-sabre-http-4.2.1-1.fc24 (FEDORA-2016-a7d88ae655) Library for dealing with http requests and responses -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 [ 3 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 -------------------------------------------------------------------------------- ================================================================================ php-symfony-2.8.6-2.fc24 (FEDORA-2016-a7d88ae655) PHP framework for web projects -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 [ 3 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 -------------------------------------------------------------------------------- ================================================================================ php-symfony-security-acl-2.8.0-1.fc24 (FEDORA-2016-a7d88ae655) Symfony Security Component - ACL (Access Control List) -------------------------------------------------------------------------------- Update Information: Owncloud 9.0.2 update Please note this fixes the shipped nginx configuration so that it works out the box with an install of owncloud-nginx ... if you have an existing nginx based oC install please review your configuration after installing the update. This also moves oC to its own php-fpm pool rather than the default www one so that better segregation of configuration is possible without impacting other PHP services. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275826 - php-symfony-2.8.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275826 [ 2 ] Bug #1261011 - owncloud-9.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261011 [ 3 ] Bug #1332900 - owncloud-nginx ships a config that does not work https://bugzilla.redhat.com/show_bug.cgi?id=1332900 -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-mvc-2.7.8-1.fc24 (FEDORA-2016-212bf62a7b) Zend Framework Mvc component -------------------------------------------------------------------------------- Update Information: **zend-mvc 2.7.8** - 2016-05-31 - [#138](https://github.com/zendframework/zend- mvc/pull/138) adds support for PHP 7 `Throwable`s within each of: - `DispatchListener` - `MiddlewareListener` - The console `RouteNotFoundStrategy` and `ExceptionStrategy` - The HTTP `DefaultRenderingStrategy` and `RouteNotFoundStrategy` -------------------------------------------------------------------------------- ================================================================================ pioneer-20160512-3.fc24 (FEDORA-2016-85301993ca) A game of lonely space adventure -------------------------------------------------------------------------------- Update Information: - New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339158 - Review Request: pioneer - A game of lonely space adventure https://bugzilla.redhat.com/show_bug.cgi?id=1339158 -------------------------------------------------------------------------------- ================================================================================ python-acme-0.7.0-1.fc24 (FEDORA-2016-b2b998fb4f) Python library for the ACME protocol -------------------------------------------------------------------------------- Update Information: Update to 0.7.0 -------------------------------------------------------------------------------- ================================================================================ qgnomeplatform-0.2-1.20160531git.fc24 (FEDORA-2016-a90d9b7157) Qt Platform Theme aimed to accommodate Gnome settings -------------------------------------------------------------------------------- Update Information: Update to latest git snapshot. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1318802 - One specific Qt5 widget doesn't accommodate Gnome's font settings https://bugzilla.redhat.com/show_bug.cgi?id=1318802 [ 2 ] Bug #1318787 - no font and no window scaling with Qt5.6.0, fonts too small https://bugzilla.redhat.com/show_bug.cgi?id=1318787 -------------------------------------------------------------------------------- ================================================================================ qt5-qtdeclarative-5.6.0-11.fc24 (FEDORA-2016-7e822d9239) Qt5 - QtDeclarative component -------------------------------------------------------------------------------- Update Information: Include upstream workaround for a common crash condition. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1259472 - [abrt] plasma-workspace: KCrash::defaultCrashHandler(int)(): kscreenlocker_greet killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1259472 -------------------------------------------------------------------------------- ================================================================================ rsibreak-0.12.3-1.fc24 (FEDORA-2016-2ef57508b4) A small utility which bothers you at certain intervals -------------------------------------------------------------------------------- Update Information: Latest rsibreak release. -------------------------------------------------------------------------------- ================================================================================ salt-2015.5.10-2.fc24 (FEDORA-2016-ccea8c7735) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Updated patch ---- Update to bugfix release 2015.5.10 -------------------------------------------------------------------------------- ================================================================================ seafile-5.1.2-3.fc24 (FEDORA-2016-6aa664154f) Cloud storage cli client -------------------------------------------------------------------------------- Update Information: Initial commit -------------------------------------------------------------------------------- References: [ 1 ] Bug #1160671 - Review Request: seafile - Cloud storage system https://bugzilla.redhat.com/show_bug.cgi?id=1160671 -------------------------------------------------------------------------------- ================================================================================ sqlite-3.12.2-1.fc24 (FEDORA-2016-3d4c0d27b6) Library that implements an embeddable SQL database engine -------------------------------------------------------------------------------- Update Information: Updated to version 3.12.2 (https://sqlite.org/releaselog/3_12_2.html) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1323540 - [abrt] clementine: logging::MessageHandler(): clementine killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1323540 -------------------------------------------------------------------------------- ================================================================================ strace-4.12-1.fc24 (FEDORA-2016-05bb01e38b) Tracks and displays system calls associated with a running process -------------------------------------------------------------------------------- Update Information: v4.11-163-g972018f -> v4.12. -------------------------------------------------------------------------------- ================================================================================ ti-uim-0-0.4.a0236bc.fc24 (FEDORA-2016-4f1cc8b19c) Texas Instruments User Mode Init manager -------------------------------------------------------------------------------- Update Information: Latest git snapshot -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-evdev-2.10.3-1.fc24 (FEDORA-2016-775b61dc0e) Xorg X11 evdev input driver -------------------------------------------------------------------------------- Update Information: evdev 2.10.3 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
