The following Fedora 24 Security updates need testing: Age URL 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4373f7d32a pulp-2.8.6-1.fc24 pulp-docker-2.0.2-1.fc24 pulp-ostree-1.1.2-1.fc24 pulp-puppet-2.8.6-1.fc24 pulp-python-1.1.2-1.fc24 pulp-rpm-2.8.6-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8eb11666aa php-5.6.24-2.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3af39b1fcb php-pecl-zip-1.13.4-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bdb86fbc7d pbuilder-0.225.2-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b7e31a0b9a python-django-1.9.8-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3f93ead5b moin-1.9.8-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fa7e683c6e php-doctrine-common-2.5.3-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-683d0b257b perl-CGI-Emulate-PSGI-0.22-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a15d2be020 wireshark-2.1.1-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-acda4281c9 python-autobahn-0.10.9-1.gitcf10233.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-90cf07858b dietlibc-0.33-8.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4274c906e7 perl-DBD-MySQL-4.035-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e16a14ffc5 collectd-5.5.2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e720bc8451 v8-3.14.5.10-25.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-53f0c65f40 bind99-9.9.9-1.P2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d26a51a6a2 lighttpd-1.4.40-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9ad9582f7 flex-2.6.0-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c0fd203d6e nodejs-tough-cookie-2.3.1-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-01cc766201 xen-4.6.3-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dd20a4631a perl-Module-Load-Conditional-0.66-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-77ebd4fab1 gnome-online-accounts-3.20.3-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2f2d06de03 PackageKit-1.1.3-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-47d61b297b colord-1.3.3-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-99191c4aab openssh-7.2p2-11.fc24 selinux-policy-3.13.1-191.8.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-494a721a73 ModemManager-1.6.0-1.fc24 libmbim-1.14.0-1.fc24 libqmi-1.16.0-1.fc24 usb_modeswitch-2.4.0-4.fc24 usb_modeswitch-data-20160612-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6c475337ca lua-5.3.3-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-680189b17c cairo-1.14.6-2.fc24 The following builds have been pushed to Fedora 24 updates-testing COPASI-4.17-0.6.20160720git31a978.fc24 PackageKit-1.1.3-2.fc24 amanda-3.3.9-1.fc24 ansible-2.1.1.0-1.fc24 ansible-inventory-grapher-2.3.1-1.fc24 ansible-lint-3.2.5-1.fc24 arp-scan-1.9.2-1.fc24 bind-dyndb-ldap-10.0-2.fc24 chromium-52.0.2743.82-4.fc24 clufter-0.59.1-1.fc24 codeblocks-16.01-1.fc24 colord-1.3.3-1.fc24 flex-2.6.0-2.fc24 gnome-online-accounts-3.20.3-1.fc24 golang-github-gengo-grpc-gateway-0-0.1.gitdcb8443.fc24 golang-googlecode-goprotobuf-0-0.24.git8616e8e.fc24 idris-0.9.9.1-8.fc24 imagefactory-plugins-1.1.9-3.fc24 jboss-ejb-client-2.1.4-1.fc24 jboss-jaxrs-2.0-api-1.0.0-3.fc24 jboss-remoting-jmx-2.0.1-1.fc24 jgroups-3.6.10-1.fc24 libappstream-glib-0.5.17-1.fc24 libguestfs-1.33.46-1.fc24 libsolv-0.6.23-1.fc24 libtaskotron-0.4.15-1.fc24 lilypond-2.19.46-2.fc24 lilypond-doc-2.19.46-1.fc24 mame-0.176-1.fc24 mojarra-2.1.25-1.fc24 mozilla-requestpolicy-1.0-0.15.20160626git06f4c1.fc24 netpbm-10.75.99-1.fc24 nodejs-request-2.67.0-7.fc24 nodejs-tough-cookie-2.3.1-1.fc24 perl-DBICx-Sugar-0.0001-1.fc24 perl-DBIx-SearchBuilder-1.67-1.fc24 perl-Dancer2-Plugin-REST-0.27-2.fc24 perl-Module-Load-Conditional-0.66-1.fc24 perl-POSIX-strftime-Compiler-0.42-1.fc24 php-alcaeus-mongo-php-adapter-1.0.5-2.fc24 php-horde-Horde-Auth-2.2.0-1.fc24 php-horde-Horde-Core-2.25.0-1.fc24 php-horde-Horde-Mime-Viewer-2.2.0-1.fc24 php-mongodb-1.0.2-1.fc24 pluto-0-0.1gitc6cab36.fc24 qmc2-0.66-1.fc24 qutebrowser-0.8.1-1.fc24 resteasy-3.0.17-1.fc24 rt-4.2.13-1.fc24 scalapack-2.0.2-15.fc24 spatialite-tools-4.3.0-12.fc24 telegram-cli-1.3.3-0.6.20160323git443793.fc24 undertow-js-1.0.2-1.fc24 unicode-ucd-9.0.0-2.fc24 weld-parent-34-2.fc24 xen-4.6.3-4.fc24 Details about builds: ================================================================================ COPASI-4.17-0.6.20160720git31a978.fc24 (FEDORA-2016-3b94ef625b) Biochemical network simulator -------------------------------------------------------------------------------- Update Information: - Update to build-119 -------------------------------------------------------------------------------- ================================================================================ PackageKit-1.1.3-2.fc24 (FEDORA-2016-2f2d06de03) Package management service -------------------------------------------------------------------------------- Update Information: This update fixes a packagekitd crash that can occur under certain conditions when preparing system upgrades. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359479 - [abrt] PackageKit: _g_log_abort(): packagekitd killed by SIGTRAP https://bugzilla.redhat.com/show_bug.cgi?id=1359479 -------------------------------------------------------------------------------- ================================================================================ amanda-3.3.9-1.fc24 (FEDORA-2016-f84d6899a2) A network-capable tape backup solution -------------------------------------------------------------------------------- Update Information: New upstream release 3.3.9. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360703 - amanda-3.3.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1360703 -------------------------------------------------------------------------------- ================================================================================ ansible-2.1.1.0-1.fc24 (FEDORA-2016-d548b4fbad) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Update to ansible 2.1.1 with lots of bugfixes. See: https://github.com/ansible/ansible/blob/stable-2.1/CHANGELOG.md for a full list -------------------------------------------------------------------------------- References: [ 1 ] Bug #1346950 - Ansible fails on Amazon Linux https://bugzilla.redhat.com/show_bug.cgi?id=1346950 -------------------------------------------------------------------------------- ================================================================================ ansible-inventory-grapher-2.3.1-1.fc24 (FEDORA-2016-75466c898a) Creates graphs representing ansible inventory -------------------------------------------------------------------------------- Update Information: Update to 2.3.1 -------------------------------------------------------------------------------- ================================================================================ ansible-lint-3.2.5-1.fc24 (FEDORA-2016-00759807bd) Best practices checker for Ansible -------------------------------------------------------------------------------- Update Information: Update to 3.2.5 -------------------------------------------------------------------------------- ================================================================================ arp-scan-1.9.2-1.fc24 (FEDORA-2016-1f073bc754) Scanning and fingerprinting tool -------------------------------------------------------------------------------- Update Information: fix #1359953 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359953 - [abrt] arp-scan: get_hardware_address(): arp-scan killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1359953 -------------------------------------------------------------------------------- ================================================================================ bind-dyndb-ldap-10.0-2.fc24 (FEDORA-2016-23770e1424) LDAP back-end plug-in for BIND -------------------------------------------------------------------------------- Update Information: Backport fix for crash https://fedorahosted.org/bind-dyndb-ldap/ticket/166 ---- Update to 10.0 -------------------------------------------------------------------------------- ================================================================================ chromium-52.0.2743.82-4.fc24 (FEDORA-2016-74ad8771bd) A WebKit (Blink) powered web browser -------------------------------------------------------------------------------- Update Information: compile with -fno-delete-null-pointer-checks, resolves a number of v8 crashes (and gets nacl/pnacl working when chromium-native_client shows up) -------------------------------------------------------------------------------- ================================================================================ clufter-0.59.1-1.fc24 (FEDORA-2016-97d8fbee1f) Tool/library for transforming/analyzing cluster configuration formats -------------------------------------------------------------------------------- Update Information: - bump upstream package, see https://pagure.io/clufter/releases -------------------------------------------------------------------------------- ================================================================================ codeblocks-16.01-1.fc24 (FEDORA-2016-d63b2f5faf) An open source, cross platform, free C++ IDE -------------------------------------------------------------------------------- Update Information: New Code::Blocks release, that fixes several bugs. Backported fixes for license issues, unbundling and gcc6 build and optimization issues. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350094 - [abrt] codeblocks: wxStringBase::operator=(): codeblocks killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1350094 [ 2 ] Bug #1342076 - codeblocks segfault when start https://bugzilla.redhat.com/show_bug.cgi?id=1342076 [ 3 ] Bug #1324176 - [abrt] codeblocks: wxConvBrokenFileNames::GetMBNulLen(): codeblocks killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1324176 [ 4 ] Bug #1295328 - codeblocks contain problematic content https://bugzilla.redhat.com/show_bug.cgi?id=1295328 [ 5 ] Bug #1288615 - [abrt] codeblocks: main_arena(): codeblocks killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1288615 [ 6 ] Bug #1284644 - [abrt] codeblocks: wxAppBase::SendIdleEvents(): codeblocks killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1284644 [ 7 ] Bug #1301412 - codeblocks-16.01 is available https://bugzilla.redhat.com/show_bug.cgi?id=1301412 -------------------------------------------------------------------------------- ================================================================================ colord-1.3.3-1.fc24 (FEDORA-2016-47d61b297b) Color daemon -------------------------------------------------------------------------------- Update Information: New upstream version - Fix an assert failure when connecting to sensors - Increase timeout to 60s for argyll spotread sampling - Use the USB path to match the ArgyllCMS port -------------------------------------------------------------------------------- ================================================================================ flex-2.6.0-2.fc24 (FEDORA-2016-c9ad9582f7) A tool for creating scanners (text pattern recognizers) -------------------------------------------------------------------------------- Update Information: Change type for num_to_read from yy_size_t to int. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360743 - CVE-2016-6354 flex: buffer overflow in generated code (yy_get_next_buffer) https://bugzilla.redhat.com/show_bug.cgi?id=1360743 -------------------------------------------------------------------------------- ================================================================================ gnome-online-accounts-3.20.3-1.fc24 (FEDORA-2016-77ebd4fab1) Single sign-on framework for GNOME -------------------------------------------------------------------------------- Update Information: # Bugs fixed: * 756431 identity: Don't leak the invocation when handling SignIn * 762155 Skip EnsureCredentials if the account is disabled * 766733 kerberos, telepathy: Stopping goa-daemon removes account or expires credentials * 768808 identity: Clean up the credential cache and don't keep trying to sign in if we encounter a failure * 768845 kerberos: Don't leak the GSimpleAsyncResult and object_path when signing in # Updated translations: * German * Hungarian * Lithuanian * Polish * Portuguese * Portuguese (Brazilian) * Slovak * Swedish -------------------------------------------------------------------------------- ================================================================================ golang-github-gengo-grpc-gateway-0-0.1.gitdcb8443.fc24 (FEDORA-2016-65f7e0a705) GRPC to JSON proxy generator -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1354375 - Review Request: golang-github-gengo-grpc-gateway - GRPC to JSON proxy generator https://bugzilla.redhat.com/show_bug.cgi?id=1354375 -------------------------------------------------------------------------------- ================================================================================ golang-googlecode-goprotobuf-0-0.24.git8616e8e.fc24 (FEDORA-2016-afae9ecce0) Go support for Google protocol buffers -------------------------------------------------------------------------------- Update Information: Polish the spec file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246113 - Tracker for golang-googlecode-goprotobuf https://bugzilla.redhat.com/show_bug.cgi?id=1246113 -------------------------------------------------------------------------------- ================================================================================ idris-0.9.9.1-8.fc24 (FEDORA-2016-a132c62be1) Functional Programming Language with Dependent Types -------------------------------------------------------------------------------- Update Information: require gmp-devel -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360168 - Missing gmp-dev dependency https://bugzilla.redhat.com/show_bug.cgi?id=1360168 -------------------------------------------------------------------------------- ================================================================================ imagefactory-plugins-1.1.9-3.fc24 (FEDORA-2016-e33dae5b1d) Default plugins for the Image Factory system image generation tool -------------------------------------------------------------------------------- Update Information: Small fix to enable vSphere target images without a working psphere module -------------------------------------------------------------------------------- ================================================================================ jboss-ejb-client-2.1.4-1.fc24 (FEDORA-2016-4875556bf4) JBoss EJB client -------------------------------------------------------------------------------- Update Information: upstream release 2.1.4.Final -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357265 - Update to jboss-ejb-client-2.1.4.Final https://bugzilla.redhat.com/show_bug.cgi?id=1357265 -------------------------------------------------------------------------------- ================================================================================ jboss-jaxrs-2.0-api-1.0.0-3.fc24 (FEDORA-2016-3aee3bf66c) JAX-RS 2.0: The Java API for RESTful Web Services -------------------------------------------------------------------------------- Update Information: temporarily add org.jboss.resteasy:jaxrs-api alias -------------------------------------------------------------------------------- ================================================================================ jboss-remoting-jmx-2.0.1-1.fc24 (FEDORA-2016-c55248ba59) JMX via JBoss Remoting -------------------------------------------------------------------------------- Update Information: update to 2.0.1.Final -------------------------------------------------------------------------------- ================================================================================ jgroups-3.6.10-1.fc24 (FEDORA-2016-178a65ca48) Toolkit for reliable multicast communication -------------------------------------------------------------------------------- Update Information: update to 3.6.10.Final -------------------------------------------------------------------------------- References: [ 1 ] Bug #1354119 - jgroups-3.6.10.Final is available https://bugzilla.redhat.com/show_bug.cgi?id=1354119 -------------------------------------------------------------------------------- ================================================================================ libappstream-glib-0.5.17-1.fc24 (FEDORA-2016-72dc18188c) Library for AppStream metadata -------------------------------------------------------------------------------- Update Information: appstream-glib 0.5.17 release. - Add external (X-*) keys of an app's desktop file as metadata AsApp - Correct disabling of timestamps for gzip - Do not add multiple categories for apps with AudioVideo - Do not emit a warning when flatpak user directory doesn't exist - Fall back to the country code in as_app_get_language() -------------------------------------------------------------------------------- ================================================================================ libguestfs-1.33.46-1.fc24 (FEDORA-2016-14ed7c1a38) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information: New upstream version 1.33.46. ---- New upstream version 1.33.45. ---- New upstream version 1.33.44. Fixes virt-customize. -------------------------------------------------------------------------------- ================================================================================ libsolv-0.6.23-1.fc24 (FEDORA-2016-7ea4bf4663) Package dependency solver -------------------------------------------------------------------------------- Update Information: Update to 0.6.23 -------------------------------------------------------------------------------- ================================================================================ libtaskotron-0.4.15-1.fc24 (FEDORA-2016-c4d79fe879) Taskotron Support Library -------------------------------------------------------------------------------- Update Information: Update to new release 0.4.15 -------------------------------------------------------------------------------- ================================================================================ lilypond-2.19.46-2.fc24 (FEDORA-2016-7937127a2d) A typesetting system for music notation -------------------------------------------------------------------------------- Update Information: Latest upstream. ---- Fix for segfault. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359215 - Segfault when built with new gcc 6 optimizations https://bugzilla.redhat.com/show_bug.cgi?id=1359215 -------------------------------------------------------------------------------- ================================================================================ lilypond-doc-2.19.46-1.fc24 (FEDORA-2016-7937127a2d) HTML documentation for LilyPond -------------------------------------------------------------------------------- Update Information: Latest upstream. ---- Fix for segfault. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359215 - Segfault when built with new gcc 6 optimizations https://bugzilla.redhat.com/show_bug.cgi?id=1359215 -------------------------------------------------------------------------------- ================================================================================ mame-0.176-1.fc24 (FEDORA-2016-33feec3254) Multiple Arcade Machine Emulator -------------------------------------------------------------------------------- Update Information: This is an update to the latest mame release: * http://mamedev.org/?p=429 -------------------------------------------------------------------------------- ================================================================================ mojarra-2.1.25-1.fc24 (FEDORA-2016-b01ee427d3) JSF Reference Implementation -------------------------------------------------------------------------------- Update Information: update to 2.1.25 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357201 - Update to mojarra-2.1.25 https://bugzilla.redhat.com/show_bug.cgi?id=1357201 -------------------------------------------------------------------------------- ================================================================================ mozilla-requestpolicy-1.0-0.15.20160626git06f4c1.fc24 (FEDORA-2016-bb6195b5d0) Firefox and Seamonkey extension that gives you control over cross-site requests -------------------------------------------------------------------------------- Update Information: - Update to v1.0.beta12.2 - Drop old patch -------------------------------------------------------------------------------- ================================================================================ netpbm-10.75.99-1.fc24 (FEDORA-2016-c25a53506e) A library for handling different graphics file formats -------------------------------------------------------------------------------- Update Information: Update to the latest upstream release (#1361103) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1361103 - netpbm 10.75.99 is available https://bugzilla.redhat.com/show_bug.cgi?id=1361103 -------------------------------------------------------------------------------- ================================================================================ nodejs-request-2.67.0-7.fc24 (FEDORA-2016-c250815a4a) Simplified HTTP request client -------------------------------------------------------------------------------- Update Information: Update npm(tough-cookie) dependency -------------------------------------------------------------------------------- ================================================================================ nodejs-tough-cookie-2.3.1-1.fc24 (FEDORA-2016-c0fd203d6e) RFC6265 Cookies and Cookie Jar for Node.js -------------------------------------------------------------------------------- Update Information: Security fix for https://nodesecurity.io/advisories/130 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359818 - nodejs-tough-cookie: Denial of service via long string of semicolons https://bugzilla.redhat.com/show_bug.cgi?id=1359818 -------------------------------------------------------------------------------- ================================================================================ perl-DBICx-Sugar-0.0001-1.fc24 (FEDORA-2016-9ae07301c5) Just some syntax sugar for DBIx::Class -------------------------------------------------------------------------------- Update Information: This perl modules gives you syntax sugar for your DBIx::Class applications. This was originally created to remove code duplication between Dancer::Plugin::DBIC and Dancer2::Plugin::DBIC. -------------------------------------------------------------------------------- ================================================================================ perl-DBIx-SearchBuilder-1.67-1.fc24 (FEDORA-2016-55b9bdf180) Encapsulate SQL queries and rows in simple perl objects -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ perl-Dancer2-Plugin-REST-0.27-2.fc24 (FEDORA-2016-e79942b172) Plugin for writing RESTful apps with Dancer2 -------------------------------------------------------------------------------- Update Information: This package contains a plugin for the Dancer2 framework, helping you to write a RESTful web-service. -------------------------------------------------------------------------------- ================================================================================ perl-Module-Load-Conditional-0.66-1.fc24 (FEDORA-2016-dd20a4631a) Looking up module information and loading at run-time -------------------------------------------------------------------------------- Update Information: This update adds an option "FORCE_SAFE_INC", which, if set (it isn't by default), removes the current directory from the module load path so as to avoid loading code from a potentially unsafe place (CVE-2016-1238). -------------------------------------------------------------------------------- ================================================================================ perl-POSIX-strftime-Compiler-0.42-1.fc24 (FEDORA-2016-a04cca4526) GNU C library compatible strftime for loggers and servers -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ php-alcaeus-mongo-php-adapter-1.0.5-2.fc24 (FEDORA-2016-89e0ca1799) Mongo PHP Adapter -------------------------------------------------------------------------------- Update Information: The Mongo PHP Adapter is a userland library designed to act as an adapter between applications relying on ext-mongo and the new driver (ext-mongodb). It provides the API of ext-mongo built on top of mongo-php-library, thus being compatible with PHP 7. Autoloader: /usr/share/php/Alcaeus/MongoDbAdapter/autoload.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1347147 - Review Request: php-alcaeus-mongo-php-adapter - Mongo PHP Adapter https://bugzilla.redhat.com/show_bug.cgi?id=1347147 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Auth-2.2.0-1.fc24 (FEDORA-2016-09c0b2d073) Horde Authentication API -------------------------------------------------------------------------------- Update Information: **Horde_Auth 2.2.0** * [jan] Add searchUsers() method. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Core-2.25.0-1.fc24 (FEDORA-2016-b6d3b03722) Horde Core Framework libraries -------------------------------------------------------------------------------- Update Information: **Horde_Core 2.25.0** * [jan] Allow to use the pretty autocompleter without Ajax requests. * [mjr] Allow adding CSS files with Ajax response. * [mjr] Use syntaxhighlighter version 4. * [jan] Fix issue with prototype.js that keeps images in HTML messages from loading. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Mime-Viewer-2.2.0-1.fc24 (FEDORA-2016-aa427d06ed) Horde MIME Viewer Library -------------------------------------------------------------------------------- Update Information: **Horde_Mime_Viewer 2.2.0** * [mjr] Add SyntaxHighlighter version 4 support. -------------------------------------------------------------------------------- ================================================================================ php-mongodb-1.0.2-1.fc24 (FEDORA-2016-ab88fadf3d) MongoDB driver library -------------------------------------------------------------------------------- Update Information: This library provides a high-level abstraction around the lower-level drivers for PHP and HHVM (i.e. the mongodb extension). While the extension provides a limited API for executing commands, queries, and write operations, this library implements an API similar to that of the legacy PHP driver. It contains abstractions for client, database, and collection objects, and provides methods for CRUD operations and common commands (e.g. index and collection management). Autoloader: /usr/share/php/MongoDB/autoload.php -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276834 - Review Request: php-mongodb - MongoDB driver library https://bugzilla.redhat.com/show_bug.cgi?id=1276834 -------------------------------------------------------------------------------- ================================================================================ pluto-0-0.1gitc6cab36.fc24 (FEDORA-2016-54f03e4639) Small utility library for SHA1, Tiny Encryption Algorithm, and UUID4 -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360893 - Review Request: pluto - Small utility library for SHA1, Tiny Encryption Algorithm, and UUID4 https://bugzilla.redhat.com/show_bug.cgi?id=1360893 -------------------------------------------------------------------------------- ================================================================================ qmc2-0.66-1.fc24 (FEDORA-2016-641ed30bb8) M.A.M.E. Catalog / Launcher II -------------------------------------------------------------------------------- Update Information: This is an update to the latest qmc2 release: * http://qmc2.batcom- it.net/index.php/2016/07/27/qmc2-0-66-released/ -------------------------------------------------------------------------------- ================================================================================ qutebrowser-0.8.1-1.fc24 (FEDORA-2016-b84ab8a861) A keyboard-driven, vim-like browser based on PyQt5 and QtWebKit -------------------------------------------------------------------------------- Update Information: Update to 0.8.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360325 - qutebrowser-v0.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1360325 -------------------------------------------------------------------------------- ================================================================================ resteasy-3.0.17-1.fc24 (FEDORA-2016-d80872c309) Framework for RESTful Web services and Java applications -------------------------------------------------------------------------------- Update Information: update to 3.0.17.Final -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343045 - resteasy-3.0.17.Final is available https://bugzilla.redhat.com/show_bug.cgi?id=1343045 -------------------------------------------------------------------------------- ================================================================================ rt-4.2.13-1.fc24 (FEDORA-2016-7d1f804f0a) Request tracker -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ scalapack-2.0.2-15.fc24 (FEDORA-2016-8ebe2adca1) A subset of LAPACK routines redesigned for heterogeneous computing -------------------------------------------------------------------------------- Update Information: Fix issue with scalapack shared library where it didn't include blacs. Fix openmpi/mpich subpackages to explicitly require matching mpi implementation. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357018 - scalapack/blacs auto Require dependencies on openmpi and mpich are ambiguous https://bugzilla.redhat.com/show_bug.cgi?id=1357018 [ 2 ] Bug #1360997 - un-necessary shared objects causing DSO issues https://bugzilla.redhat.com/show_bug.cgi?id=1360997 -------------------------------------------------------------------------------- ================================================================================ spatialite-tools-4.3.0-12.fc24 (FEDORA-2016-a5fca8d0a6) A set of useful CLI tools for SpatiaLite -------------------------------------------------------------------------------- Update Information: Rebuild for sqlite 3.13.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350994 - update for sqlite-3.13.0 https://bugzilla.redhat.com/show_bug.cgi?id=1350994 -------------------------------------------------------------------------------- ================================================================================ telegram-cli-1.3.3-0.6.20160323git443793.fc24 (FEDORA-2016-65e66ef5d9) Linux Command-line interface for Telegram -------------------------------------------------------------------------------- Update Information: - Update to new commit #443793 - Python support is disabled (partially abandoned by upstream) -------------------------------------------------------------------------------- ================================================================================ undertow-js-1.0.2-1.fc24 (FEDORA-2016-dff622bd97) JavaScript based handlers for Undertow -------------------------------------------------------------------------------- Update Information: Initial import (#1343025). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1343025 - Review Request: undertow-js - JavaScript based handlers for Undertow https://bugzilla.redhat.com/show_bug.cgi?id=1343025 -------------------------------------------------------------------------------- ================================================================================ unicode-ucd-9.0.0-2.fc24 (FEDORA-2016-5b4143c431) Unicode Character Database -------------------------------------------------------------------------------- Update Information: Add Unihan.zip (CJK unified character data) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357769 - Unihan.zip is missing https://bugzilla.redhat.com/show_bug.cgi?id=1357769 -------------------------------------------------------------------------------- ================================================================================ weld-parent-34-2.fc24 (FEDORA-2016-598795dd2d) Parent POM for Weld -------------------------------------------------------------------------------- Update Information: update to 34 -------------------------------------------------------------------------------- ================================================================================ xen-4.6.3-4.fc24 (FEDORA-2016-01cc766201) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: x86: Privilege escalation in PV guests [XSA-182, CVE-2016-6258] x86: Missing SMAP whitelisting in 32-bit exception / event delivery [XSA-183, CVE-2016-6259] virtio: unbounded memory allocation issue [XSA-184, CVE-2016-5403] Qemu: scsi: esp: OOB write access in esp_do_dma [CVE-2016-6351] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1360599 - CVE-2016-6351 Qemu: scsi: esp: OOB write access in esp_do_dma https://bugzilla.redhat.com/show_bug.cgi?id=1360599 [ 2 ] Bug #1355987 - CVE-2016-6258 xsa182 xen: x86: Privilege escalation in PV guests (XSA-182) https://bugzilla.redhat.com/show_bug.cgi?id=1355987 [ 3 ] Bug #1355983 - CVE-2016-6259 xsa183 xen: x86: Missing SMAP whitelisting in 32-bit exception / event delivery (XSA-183) https://bugzilla.redhat.com/show_bug.cgi?id=1355983 [ 4 ] Bug #1358359 - CVE-2016-5403 Qemu: virtio: unbounded memory allocation on host via guest leading to DoS https://bugzilla.redhat.com/show_bug.cgi?id=1358359 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx