The following Fedora 24 Security updates need testing: Age URL 23 https://bodhi.fedoraproject.org/updates/FEDORA-2016-95edf19d8a squid-3.5.19-2.fc24 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dfa325d31b community-mysql-5.7.12-1.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-50b0066b7f ntp-4.2.6p5-41.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e0f3fcd7df kernel-4.5.7-300.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-44821f9576 mxml-2.9-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a771d67ba0 nfdump-1.6.15-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d5917e939e python-2.7.11-5.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3d4c0d27b6 clementine-1.3.1-2.fc24 sqlite-3.12.2-1.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-41bde7479f lorax-24.19-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3a7f36c0c1 vim-7.4.1868-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bf01498e92 evolution-mapi-3.20.3-1.fc24 evolution-ews-3.20.3-1.fc24 evolution-3.20.3-1.fc24 evolution-data-server-3.20.3-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e0f3fcd7df kernel-4.5.7-300.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-52fd6003b8 librsvg2-2.40.16-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d5917e939e python-2.7.11-5.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab6fa06b1c thunderbird-45.1.1-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3bbae10376 perl-5.22.2-360.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c80727621 util-linux-2.28-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5437995928 lvm2-2.02.150-2.fc24 The following builds have been pushed to Fedora 24 updates-testing atomic-1.10.5-1.gitce09e40.fc24 copr-cli-1.51-1.fc24 fpaste-0.3.8.3-1.fc24 gnome-boxes-3.20.2-3.fc24 grub2-2.02-0.33.fc24 grub2-2.02-0.34.fc24 kde-workspace-4.11.22-16.fc24 keepassx-2.0.2-2.fc24 lvm2-2.02.150-2.fc24 mailnag-1.2.1-1.fc24 mod_gnutls-0.7.5-1.fc24 mozilla-fira-fonts-4.202-1.fc24 muffin-3.0.4-2.fc24 perl-5.22.2-360.fc24 perl-Image-ExifTool-10.20-1.fc24 php-goutte-2.0.4-1.fc24 php-nrk-Predis-1.1.0-1.fc24 php-zendframework-zend-form-2.9.0-1.fc24 php-zendframework-zend-i18n-2.7.3-1.fc24 php-zendframework-zend-inputfilter-2.7.2-1.fc24 pki-core-10.3.2-4.fc24 python-2.7.11-5.fc24 thunderbird-45.1.1-2.fc24 util-linux-2.28-3.fc24 Details about builds: ================================================================================ atomic-1.10.5-1.gitce09e40.fc24 (FEDORA-2016-7cd281f6f2) Tool for managing ProjectAtomic systems and containers -------------------------------------------------------------------------------- Update Information: bump atomic v1.10.5 ---- build atomic 1.10 commit 1d6aecf ---- build atomic 1.9 commit#72cdbef -------------------------------------------------------------------------------- ================================================================================ copr-cli-1.51-1.fc24 (FEDORA-2016-2e96648256) Command line interface for COPR -------------------------------------------------------------------------------- Update Information: Support for package manipulation as a main new feature. -------------------------------------------------------------------------------- ================================================================================ fpaste-0.3.8.3-1.fc24 (FEDORA-2016-449bccfaa8) A simple tool for pasting info onto sticky notes instances -------------------------------------------------------------------------------- Update Information: * Migrate to pagure.io * Add `--rawurl` option * Use https -------------------------------------------------------------------------------- ================================================================================ gnome-boxes-3.20.2-3.fc24 (FEDORA-2016-e843d33009) A simple GNOME 3 application to access remote or virtual systems -------------------------------------------------------------------------------- Update Information: Do not show priviledge escalation dialog each time Boxes starts up -------------------------------------------------------------------------------- ================================================================================ grub2-2.02-0.33.fc24 (FEDORA-2016-c4d43baacc) Bootloader with support for Linux, Multiboot and more -------------------------------------------------------------------------------- Update Information: Reverts TPM patches, they break some x86 platforms and ppc64. Also fixes EFI chainloading on x86_64. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334075 - TPM prevents grub menu, drops to grub rescue; BIOS settings no help https://bugzilla.redhat.com/show_bug.cgi?id=1334075 [ 2 ] Bug #1334672 - Beta-1.3 ppc64le ISO boot failure https://bugzilla.redhat.com/show_bug.cgi?id=1334672 [ 3 ] Bug #1320273 - chainloading bootmgr.efi on UEFI results in error: out of memory https://bugzilla.redhat.com/show_bug.cgi?id=1320273 [ 4 ] Bug #1344700 - Data Storage Exception from grub2-2.02-0.33.fc24.ppc64le https://bugzilla.redhat.com/show_bug.cgi?id=1344700 [ 5 ] Bug #1344512 - [UEFI][DELL Precison M6800] unable to boot Windows 10 - no shim lock protocol https://bugzilla.redhat.com/show_bug.cgi?id=1344512 -------------------------------------------------------------------------------- ================================================================================ grub2-2.02-0.34.fc24 (FEDORA-2016-c4d43baacc) Bootloader with support for Linux, Multiboot and more -------------------------------------------------------------------------------- Update Information: Reverts TPM patches, they break some x86 platforms and ppc64. Also fixes EFI chainloading on x86_64. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1334075 - TPM prevents grub menu, drops to grub rescue; BIOS settings no help https://bugzilla.redhat.com/show_bug.cgi?id=1334075 [ 2 ] Bug #1334672 - Beta-1.3 ppc64le ISO boot failure https://bugzilla.redhat.com/show_bug.cgi?id=1334672 [ 3 ] Bug #1320273 - chainloading bootmgr.efi on UEFI results in error: out of memory https://bugzilla.redhat.com/show_bug.cgi?id=1320273 [ 4 ] Bug #1344700 - Data Storage Exception from grub2-2.02-0.33.fc24.ppc64le https://bugzilla.redhat.com/show_bug.cgi?id=1344700 [ 5 ] Bug #1344512 - [UEFI][DELL Precison M6800] unable to boot Windows 10 - no shim lock protocol https://bugzilla.redhat.com/show_bug.cgi?id=1344512 -------------------------------------------------------------------------------- ================================================================================ kde-workspace-4.11.22-16.fc24 (FEDORA-2016-e8ad31da94) KDE Workspace -------------------------------------------------------------------------------- Update Information: Use generic 'fedora' kdm theme (instead of f23-kde-theme) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1344920 - KDM uses f23-kdm-theme but not installed by default so KDM not working https://bugzilla.redhat.com/show_bug.cgi?id=1344920 -------------------------------------------------------------------------------- ================================================================================ keepassx-2.0.2-2.fc24 (FEDORA-2016-645a4b89a9) Cross-platform password manager -------------------------------------------------------------------------------- Update Information: Add /usr/bin/keepassx symlink. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1338054 - Fedora 24 keepassx has a lower version number it wants to upgrade a higher version package from Fedora 23 https://bugzilla.redhat.com/show_bug.cgi?id=1338054 -------------------------------------------------------------------------------- ================================================================================ lvm2-2.02.150-2.fc24 (FEDORA-2016-5437995928) Userland logical volume management tools -------------------------------------------------------------------------------- Update Information: Fix possible segfault on error path while destroying device-mapper ioctl task in lvm2. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343115 - [abrt] [faf] lvm2: dm_task_destroy(): /usr/sbin/lvm killed by 11 https://bugzilla.redhat.com/show_bug.cgi?id=1343115 -------------------------------------------------------------------------------- ================================================================================ mailnag-1.2.1-1.fc24 (FEDORA-2016-a683f7559f) Mail notification daemon -------------------------------------------------------------------------------- Update Information: Update to 1.2.1 -------------------------------------------------------------------------------- ================================================================================ mod_gnutls-0.7.5-1.fc24 (FEDORA-2016-47d118a74b) GnuTLS module for the Apache HTTP server -------------------------------------------------------------------------------- Update Information: rebase to 0.7.5 (rhbz#1339412) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1339412 - mod_gnutls causing apach to hang at 100 % CPU load https://bugzilla.redhat.com/show_bug.cgi?id=1339412 -------------------------------------------------------------------------------- ================================================================================ mozilla-fira-fonts-4.202-1.fc24 (FEDORA-2016-af48ef66dc) Mozilla's Fira fonts -------------------------------------------------------------------------------- Update Information: Update to the latest upstream (among other things fixes problems with bad hinting). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1273554 - Too high mono font; please, upgrade to the latest upstream https://bugzilla.redhat.com/show_bug.cgi?id=1273554 -------------------------------------------------------------------------------- ================================================================================ muffin-3.0.4-2.fc24 (FEDORA-2016-c71a7012c5) Window and compositing manager based on Clutter -------------------------------------------------------------------------------- Update Information: Fix window size issue -------------------------------------------------------------------------------- ================================================================================ perl-5.22.2-360.fc24 (FEDORA-2016-3bbae10376) Practical Extraction and Report Language -------------------------------------------------------------------------------- Update Information: This release prevents from crashing when when a thread is spawn after using a PerlIO encoding pragma. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1345788 - perl segmentation fault when using PerlIO Layer :locale and threads https://bugzilla.redhat.com/show_bug.cgi?id=1345788 -------------------------------------------------------------------------------- ================================================================================ perl-Image-ExifTool-10.20-1.fc24 (FEDORA-2016-d49df80c98) Utility for reading and writing image meta info -------------------------------------------------------------------------------- Update Information: Update to 10.20 (latest stable from upstream). For changes, see: http://owl.phy.queensu.ca/~phil/exiftool/history.html -------------------------------------------------------------------------------- ================================================================================ php-goutte-2.0.4-1.fc24 (FEDORA-2016-768662c4ea) A simple PHP web scraper -------------------------------------------------------------------------------- Update Information: Updated to version 2. https://github.com/FriendsOfPHP/Goutte/compare/v1.0.7...v2.0.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1100719 - php-goutte-v3.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1100719 [ 2 ] Bug #1289798 - php-goutte-3.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1289798 -------------------------------------------------------------------------------- ================================================================================ php-nrk-Predis-1.1.0-1.fc24 (FEDORA-2016-8d1e0ab408) PHP client library for Redis -------------------------------------------------------------------------------- Update Information: **Predis v1.1.0** (2016-06-02) - The default server profile for the client now targets Redis 3.2. - Responses to the following commands are not casted into booleans anymore, the original integer value is returned: `SETNX`, `MSETNX`, `SMOVE`, `SISMEMBER`, `HSET`, `HSETNX`, `HEXISTS`, `PFADD`, `EXISTS`, `MOVE`, `PERSIST`, `EXPIRE`, `EXPIREAT`, `RENAMENX`. This change does not have a significant impact unless when using strict comparisons (=== and !==) the returned value. - Non-boolean string values passed to the `persistent` connection parameter can be used to create different persistent connections. Note that this feature was already present in Predis but required both `persistent` and `path` to be set as illustrated by [#139](https://github.com/nrk/predis/pull/139). This change is needed to prevent confusion with how `path` is used to select a database when using the `redis` scheme. - The client throws exceptions when Redis returns any kind of error response to initialization commands (the ones being automatically sent when a connection is established, such as `SELECT` and `AUTH` when database and password are set in connection parameters) regardless of the value of the exception option. - Using `unix:///path/to/socket` in URI strings to specify a UNIX domain socket file is now deprecated in favor of the format `unix:/path/to/socket` (note the lack of the double slash after the scheme) and will not be supported starting with the next major release. - Implemented full support for redis-sentinel. - Implemented the ability to specify default connection parameters for aggregate connections with the new `parameters` client option. These parameters augment the usual user-supplied connection parameters (but do not take the precedence over them) when creating new connections and they are mostly useful when the client is using aggregate connections such as redis-cluster and redis-sentinel as these backends can create new connections on the fly based on responses and redirections from Redis. - Redis servers protected by SSL-encrypted connections can be accessed by using the `tls` or `rediss` scheme in connection parameters along with SSL- specific options in the `ssl` parameter (see http://php.net/manual/context.ssl.php). - `Predis\Client` implements `IteratorAggregate` making it possible to iterate over traversable aggregate connections and get a new client instance for each Redis node. - Iterating over an instance of `Predis\Connection\Aggregate\RedisCluster` will return all the connections mapped in the slots map instead of just the ones in the pool. This change makes it possible, when the slots map is retrieved from Redis, to iterate over all of the master nodes in the cluster. When the use of `CLUSTER SLOTS` is disabled via the `useClusterSlots()` method, the iteration returns only the connections with slots ranges associated in their parameters or the ones initialized by `-MOVED` responses in order to make the behaviour of the iteration consistent between the two modes of operation. - Various improvements to `Predis\Connection\Aggregate\MasterSlaveReplication` (the "basic" replication backend, not the new one based on redis-sentinel): - When the client is not able to send a read-only command to a slave because the current connection fails or the slave is resyncing (`-LOADING` response returned by Redis), the backend discards the failed connection and performs a new attempt on the next slave. When no other slave is available the master server is used for read-only commands as last resort. - It is possible to discover the current replication configuration on the fly by invoking the `discover()` method which internally relies on the output of the command `INFO REPLICATION` executed against the master server or one of the slaves. The backend can also be configured to do this automatically when it fails to reach one of the servers. - Implemented the `switchToMaster()` and `switchToSlave()` methods to make it easier to force a switch to the master server or a random slave when needed. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-form-2.9.0-1.fc24 (FEDORA-2016-6088dd70cc) Zend Framework Form component -------------------------------------------------------------------------------- Update Information: **zend-form 2.9.0** - 2016-06-07 - [#57](https://github.com/zendframework/zend- form/pull/57) adds new elements, `FormSearch` and `FormTel`, which map to the `FormSearch` and `FormTel` view helpers. - Updates the composer suggestions list to remove those that were redundant, and to add explicit constraints and reasons for each listed (e.g., zend-code is required for annotations support). -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-i18n-2.7.3-1.fc24 (FEDORA-2016-31100d5a69) Zend Framework I18n component -------------------------------------------------------------------------------- Update Information: **zend-i18n 2.7.3** - 2016-06-07 - [#42](https://github.com/zendframework/zend- i18n/pull/42) fixes the behavior of the `PhoneNumber` validator to store the country using the casing provided, but validate based on the uppercased country value. This ensures the same validation behavior, and prevents the value from being transformed, potentially breaking later retrieval. - [#47](https://github.com/zendframework/zend-i18n/pull/47) provides a performance improvement to the `Zend\I18n\View\HelperConfig` implementation when operating under zend-servicemanager v3. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-inputfilter-2.7.2-1.fc24 (FEDORA-2016-b552cedca6) Zend Framework InputFilter component -------------------------------------------------------------------------------- Update Information: **zend-inputfilter 2.7.2** - 2016-06-11 - [#105](https://github.com/zendframework/zend-inputfilter/pull/105) adds and publishes the documentation to https://zendframework.github.io/zend-inputfilter - [#110](https://github.com/zendframework/zend-inputfilter/pull/110) fixes an issue with `InputFilterAbstractServiceFactory` whereby it was not working when the provided container is not a plugin manager, but rather the application container. -------------------------------------------------------------------------------- ================================================================================ pki-core-10.3.2-4.fc24 (FEDORA-2016-e8c5c05281) Certificate System - PKI Core Components -------------------------------------------------------------------------------- Update Information: Updated tomcatjss versions ---- Updated 'java', 'java-headless', and 'java- devel' dependencies to 1:1.8.0. ---- PKI TRAC Ticket #2330 - Release Dogtag 10.3.2 ---- PKI TRAC Ticket #2330 - Release Dogtag 10.3.2 -------------------------------------------------------------------------------- ================================================================================ python-2.7.11-5.fc24 (FEDORA-2016-d5917e939e) An interpreted, interactive, object-oriented programming language -------------------------------------------------------------------------------- Update Information: Added patch for fixing possible integer overflow and heap corruption in zipimporter.get_data() -------------------------------------------------------------------------------- References: [ 1 ] Bug #1345858 - python: Heap overflow in zipimporter module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1345858 -------------------------------------------------------------------------------- ================================================================================ thunderbird-45.1.1-2.fc24 (FEDORA-2016-ab6fa06b1c) Mozilla Thunderbird mail/newsgroup client -------------------------------------------------------------------------------- Update Information: Fixed problems with wrong version of thunderbird-lightning-gdata subpackage. -------------------------------------------------------------------------------- ================================================================================ util-linux-2.28-3.fc24 (FEDORA-2016-4c80727621) A collection of basic system utilities -------------------------------------------------------------------------------- Update Information: libblkid update to fix filesystems detection on CDROMs -------------------------------------------------------------------------------- References: [ 1 ] Bug #1234317 - CD / DVD are rarely automounted https://bugzilla.redhat.com/show_bug.cgi?id=1234317 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
