The following Fedora 24 Security updates need testing: Age URL 28 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3f93ead5b moin-1.9.8-1.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-40d5f1d3c2 pagure-2.3.4-1.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-53cc023dd6 uClibc-0.9.33.2-10.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2b0c16fd82 tomcat-8.0.36-2.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-30b01bdedd postgresql-9.5.4-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-24c2453d6c mingw-lcms2-2.8-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0d9890f7b5 rubygem-actionview-4.2.5.2-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5e24d8c350 kernel-4.6.7-300.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1ebd9e116b lcms2-2.8-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c07d18b2a5 java-1.8.0-openjdk-aarch32-1.8.0.102-1.160812.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-92a3655b70 freeipa-4.3.2-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4919ffe56 rubygem-activerecord-4.2.5.2-2.fc24 rubygem-actionpack-4.2.5.2-3.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 22 https://bodhi.fedoraproject.org/updates/FEDORA-2016-494a721a73 ModemManager-1.6.0-1.fc24 libmbim-1.14.0-1.fc24 libqmi-1.16.0-1.fc24 usb_modeswitch-2.4.0-4.fc24 usb_modeswitch-data-20160612-3.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ddadfe403c pungi-4.1.8-1.fc24 python-productmd-1.2-2.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ced841e94b menu-cache-1.0.1-2.D20160506git2932d67f30.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-74811dcebf linux-firmware-20160816-67.git7c3dfc0b.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-032491bfa5 redhat-rpm-config-41-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1ebd9e116b lcms2-2.8-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5e24d8c350 kernel-4.6.7-300.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-589d237992 util-linux-2.28.1-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa32e6e85b libfm-1.2.4-6.D20160627git2a537414de.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6b549b0e4c gtk3-3.20.9-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6f929357d6 glib2-2.48.2-1.fc24 The following builds have been pushed to Fedora 24 updates-testing Lmod-6.5.1-2.fc24 appstream-0.9.8-3.fc24 beets-1.3.19-3.fc24 cmake-fedora-2.7.1-1.fc24 davix-0.6.4-1.fc24 freeipa-4.3.2-2.fc24 gnome-sudoku-3.20.5-1.fc24 greybird-3.20.0-2.fc24 gst-editing-services-1.8.3-1.fc24 gstreamer1-1.8.3-1.fc24 gstreamer1-plugins-bad-free-1.8.3-1.fc24 gstreamer1-plugins-base-1.8.3-1.fc24 gstreamer1-plugins-good-1.8.3-1.fc24 gstreamer1-rtsp-server-1.8.3-1.fc24 gstreamer1-vaapi-1.8.3-1.fc24 guayadeque-0.4.1-0.14.beta1git6a66f9b.fc24 hyperv-daemons-0-0.15.20160728git.fc24 ipxripd-0.8-20.fc24 mail-notification-5.4-87.git.9ae8768.fc24 narayana-5.2.12-1.fc24 network-manager-applet-1.2.4-1.fc24 pdns-recursor-4.0.1-1.fc24 plank-0.11.2-1.fc24 pulp-2.8.7-1.fc24 pulp-docker-2.0.3-1.fc24 pulp-puppet-2.8.7-1.fc24 pulp-rpm-2.8.7-1.fc24 python-attrs-16.0.0-5.fc24 python-crane-2.0.2-1.fc24 python-gstreamer1-1.8.3-1.fc24 python-jwcrypto-0.3.1-1.fc24 python-sqlalchemy-1.0.14-1.fc24 redhat-rpm-config-41-2.fc24 rubygem-actionpack-4.2.5.2-3.fc24 rubygem-activerecord-4.2.5.2-2.fc24 shared-color-targets-0.1.7-1.fc24 Details about builds: ================================================================================ Lmod-6.5.1-2.fc24 (FEDORA-2016-e11e6b3338) Environmental Modules System in Lua -------------------------------------------------------------------------------- Update Information: Update to 6.5.1 Do not add Tcl environment-modules specific path to MODULEPATH (bug #1243030) -------------------------------------------------------------------------------- ================================================================================ appstream-0.9.8-3.fc24 (FEDORA-2016-d3de5c7e1e) Utilities to generate, maintain and access the AppStream Xapian database -------------------------------------------------------------------------------- Update Information: Latest upstream release, enable -vala bindings -------------------------------------------------------------------------------- References: [ 1 ] Bug #1367892 - appstream vala / vapi bindings not packaged https://bugzilla.redhat.com/show_bug.cgi?id=1367892 -------------------------------------------------------------------------------- ================================================================================ beets-1.3.19-3.fc24 (FEDORA-2016-079e146bae) Music library manager and MusicBrainz tagger -------------------------------------------------------------------------------- Update Information: New upstream release and activation of the web plugin -------------------------------------------------------------------------------- References: [ 1 ] Bug #1323718 - beets web plugin not provided or not working https://bugzilla.redhat.com/show_bug.cgi?id=1323718 [ 2 ] Bug #1341359 - beets-v1.3.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=1341359 -------------------------------------------------------------------------------- ================================================================================ cmake-fedora-2.7.1-1.fc24 (FEDORA-2016-55393e945b) CMake helper modules for fedora developers -------------------------------------------------------------------------------- Update Information: - Bugs: + cmake-fedora-fedpkg: fix when git change is at staging, but not committed yet. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1367656 - cmake-fedora-fedpkg: failed when commit is clean https://bugzilla.redhat.com/show_bug.cgi?id=1367656 -------------------------------------------------------------------------------- ================================================================================ davix-0.6.4-1.fc24 (FEDORA-2016-2c87af1da2) Toolkit for Http-based file management -------------------------------------------------------------------------------- Update Information: Davix new release 0.6.4 -------------------------------------------------------------------------------- ================================================================================ freeipa-4.3.2-2.fc24 (FEDORA-2016-92a3655b70) The Identity, Policy and Audit system -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-5404 Along with second revision of 4.3.2 update. ---- Update to FreeIPA 4.3.2 http://www.freeipa.org/page/Releases/4.3.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1351593 - CVE-2016-5404 ipa: Insufficient privileges check in certificate revocation https://bugzilla.redhat.com/show_bug.cgi?id=1351593 -------------------------------------------------------------------------------- ================================================================================ gnome-sudoku-3.20.5-1.fc24 (FEDORA-2016-2058bbda63) GNOME Sudoku game -------------------------------------------------------------------------------- Update Information: Update to 3.20.5. Hide game field on pause. -------------------------------------------------------------------------------- ================================================================================ greybird-3.20.0-2.fc24 (FEDORA-2016-1d7dc6b015) A clean minimalistic theme for Xfce, GTK+ 2 and 3 -------------------------------------------------------------------------------- Update Information: Update to version 3.20.0 supports gtk-3.20+ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1282511 - GTK+ 3.20 port https://bugzilla.redhat.com/show_bug.cgi?id=1282511 [ 2 ] Bug #1359913 - Greybird theme does not render fonts, sliders etc well in XFCE https://bugzilla.redhat.com/show_bug.cgi?id=1359913 -------------------------------------------------------------------------------- ================================================================================ gst-editing-services-1.8.3-1.fc24 (FEDORA-2016-bb9d7d8eee) Gstreamer editing services -------------------------------------------------------------------------------- Update Information: update to 1.8.3 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-1.8.3-1.fc24 (FEDORA-2016-1e838aa879) GStreamer streaming media framework runtime -------------------------------------------------------------------------------- Update Information: Update to 1.8.3 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-plugins-bad-free-1.8.3-1.fc24 (FEDORA-2016-7ec8b9a700) GStreamer streaming media framework "bad" plugins -------------------------------------------------------------------------------- Update Information: Update to 1.8.3 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-plugins-base-1.8.3-1.fc24 (FEDORA-2016-7b843cc58c) GStreamer streaming media framework base plugins -------------------------------------------------------------------------------- Update Information: Update to 1.8.3 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-plugins-good-1.8.3-1.fc24 (FEDORA-2016-38ea2405c6) GStreamer plugins with good code and licensing -------------------------------------------------------------------------------- Update Information: Update to 1.8.3 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-rtsp-server-1.8.3-1.fc24 (FEDORA-2016-511e218a2a) GStreamer RTSP server library -------------------------------------------------------------------------------- Update Information: update to 1.8.3 -------------------------------------------------------------------------------- ================================================================================ gstreamer1-vaapi-1.8.3-1.fc24 (FEDORA-2016-3fe58baa65) GStreamer plugins to use VA API video acceleration -------------------------------------------------------------------------------- Update Information: Update to 1.8.3 -------------------------------------------------------------------------------- ================================================================================ guayadeque-0.4.1-0.14.beta1git6a66f9b.fc24 (FEDORA-2016-33c01ee6f6) Music player -------------------------------------------------------------------------------- Update Information: Update to 0.4.1-0.14.beta1git6a66f9b -------------------------------------------------------------------------------- ================================================================================ hyperv-daemons-0-0.15.20160728git.fc24 (FEDORA-2016-90c7f9018e) HyperV daemons suite -------------------------------------------------------------------------------- Update Information: Rebase to 4.8-rc0 (20160728 git snapshot) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1331577 - hypervvssd, hypervfcopyd, hypervkvpd cause a timeout and notice when started on non-microsoft systems https://bugzilla.redhat.com/show_bug.cgi?id=1331577 -------------------------------------------------------------------------------- ================================================================================ ipxripd-0.8-20.fc24 (FEDORA-2016-68d76c67ea) IPX RIP/SAP daemon - routing for IPX networks -------------------------------------------------------------------------------- Update Information: Fix to work on 64-bit platforms -------------------------------------------------------------------------------- References: [ 1 ] Bug #1367852 - Incorrect data field definition for 64-bit platforms https://bugzilla.redhat.com/show_bug.cgi?id=1367852 -------------------------------------------------------------------------------- ================================================================================ mail-notification-5.4-87.git.9ae8768.fc24 (FEDORA-2016-6f56aa4844) Status icon that informs you if you have new mail -------------------------------------------------------------------------------- Update Information: Update to the latest upstream source -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288891 - mail-notification tray icon has black background in XFCE4 https://bugzilla.redhat.com/show_bug.cgi?id=1288891 -------------------------------------------------------------------------------- ================================================================================ narayana-5.2.12-1.fc24 (FEDORA-2016-5e87b489fa) Distributed Transaction Manager -------------------------------------------------------------------------------- Update Information: Upstream release 5.2.12.Final -------------------------------------------------------------------------------- References: [ 1 ] Bug #1348297 - narayana: Update to 5.2.12.Final https://bugzilla.redhat.com/show_bug.cgi?id=1348297 -------------------------------------------------------------------------------- ================================================================================ network-manager-applet-1.2.4-1.fc24 (FEDORA-2016-f739ece3cf) A network control and status applet for NetworkManager -------------------------------------------------------------------------------- Update Information: Update to network-manager-applet 1.2.4 Upstream release notes: https://git.gnome.org/browse/network-manager-applet/tree/NEWS?h=nma-1-2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359492 - Occasionally crashes with applet_get_first_active_vpn_connection: assertion failed: (s_con) error https://bugzilla.redhat.com/show_bug.cgi?id=1359492 -------------------------------------------------------------------------------- ================================================================================ pdns-recursor-4.0.1-1.fc24 (FEDORA-2016-4a726d695c) Modern, advanced and high performance recursing/non authoritative name server -------------------------------------------------------------------------------- Update Information: Upstream released new version. -------------------------------------------------------------------------------- ================================================================================ plank-0.11.2-1.fc24 (FEDORA-2016-8f52ca4cde) A port of docky to Vala -------------------------------------------------------------------------------- Update Information: Updated to 0.11.2 -------------------------------------------------------------------------------- ================================================================================ pulp-2.8.7-1.fc24 (FEDORA-2016-9e4f918f10) An application for managing software repositories -------------------------------------------------------------------------------- Update Information: Crane * 1893 pulp_docker does not support Docker < 1.10 with manifests that were published from Docker >= 1.10 Docker Support * 1925 v1 sync errors Pulp * 2144 unbound method send() * 2124 Pulp status check leaves open Pipes * 2065 Error doing an ostree pull from pulp with an entitlement certificate. * 2038 The nectar config pulp_streamer gets doesn't seem to include plugin-level settings * 1788 The pulp_streamer is subject to requests issue #2863 * 963 Invalid Content-Encoding HTTP header in REST API -------------------------------------------------------------------------------- ================================================================================ pulp-docker-2.0.3-1.fc24 (FEDORA-2016-9e4f918f10) Support for Docker content in the Pulp platform -------------------------------------------------------------------------------- Update Information: Crane * 1893 pulp_docker does not support Docker < 1.10 with manifests that were published from Docker >= 1.10 Docker Support * 1925 v1 sync errors Pulp * 2144 unbound method send() * 2124 Pulp status check leaves open Pipes * 2065 Error doing an ostree pull from pulp with an entitlement certificate. * 2038 The nectar config pulp_streamer gets doesn't seem to include plugin-level settings * 1788 The pulp_streamer is subject to requests issue #2863 * 963 Invalid Content-Encoding HTTP header in REST API -------------------------------------------------------------------------------- ================================================================================ pulp-puppet-2.8.7-1.fc24 (FEDORA-2016-9e4f918f10) Support for Puppet content in the Pulp Platform -------------------------------------------------------------------------------- Update Information: Crane * 1893 pulp_docker does not support Docker < 1.10 with manifests that were published from Docker >= 1.10 Docker Support * 1925 v1 sync errors Pulp * 2144 unbound method send() * 2124 Pulp status check leaves open Pipes * 2065 Error doing an ostree pull from pulp with an entitlement certificate. * 2038 The nectar config pulp_streamer gets doesn't seem to include plugin-level settings * 1788 The pulp_streamer is subject to requests issue #2863 * 963 Invalid Content-Encoding HTTP header in REST API -------------------------------------------------------------------------------- ================================================================================ pulp-rpm-2.8.7-1.fc24 (FEDORA-2016-9e4f918f10) Support for RPM content in the Pulp platform -------------------------------------------------------------------------------- Update Information: Crane * 1893 pulp_docker does not support Docker < 1.10 with manifests that were published from Docker >= 1.10 Docker Support * 1925 v1 sync errors Pulp * 2144 unbound method send() * 2124 Pulp status check leaves open Pipes * 2065 Error doing an ostree pull from pulp with an entitlement certificate. * 2038 The nectar config pulp_streamer gets doesn't seem to include plugin-level settings * 1788 The pulp_streamer is subject to requests issue #2863 * 963 Invalid Content-Encoding HTTP header in REST API -------------------------------------------------------------------------------- ================================================================================ python-attrs-16.0.0-5.fc24 (FEDORA-2016-94a198c866) Python attributes without boilerplate -------------------------------------------------------------------------------- Update Information: New package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1366878 - Review Request: python-attrs - Python attributes without boilerplate https://bugzilla.redhat.com/show_bug.cgi?id=1366878 -------------------------------------------------------------------------------- ================================================================================ python-crane-2.0.2-1.fc24 (FEDORA-2016-9e4f918f10) A WSGI app providing a docker-registry-like API with redirection -------------------------------------------------------------------------------- Update Information: Crane * 1893 pulp_docker does not support Docker < 1.10 with manifests that were published from Docker >= 1.10 Docker Support * 1925 v1 sync errors Pulp * 2144 unbound method send() * 2124 Pulp status check leaves open Pipes * 2065 Error doing an ostree pull from pulp with an entitlement certificate. * 2038 The nectar config pulp_streamer gets doesn't seem to include plugin-level settings * 1788 The pulp_streamer is subject to requests issue #2863 * 963 Invalid Content-Encoding HTTP header in REST API -------------------------------------------------------------------------------- ================================================================================ python-gstreamer1-1.8.3-1.fc24 (FEDORA-2016-8f0d5b53a9) Python bindings for GStreamer -------------------------------------------------------------------------------- Update Information: Update to 1.8.3 -------------------------------------------------------------------------------- ================================================================================ python-jwcrypto-0.3.1-1.fc24 (FEDORA-2016-52ae39ba63) Implements JWK,JWS,JWE specifications using python-cryptography -------------------------------------------------------------------------------- Update Information: Fixed update for 0.3.x series -------------------------------------------------------------------------------- ================================================================================ python-sqlalchemy-1.0.14-1.fc24 (FEDORA-2016-c4a5a15669) Modular and flexible ORM library for python -------------------------------------------------------------------------------- Update Information: This update contains a new upstream bugfix release. The upstream [changelog](http://www.sqlalchemy.org/changelog/CHANGES_1_0_14) contains a list of all changes in version 1.0.14. -------------------------------------------------------------------------------- ================================================================================ redhat-rpm-config-41-2.fc24 (FEDORA-2016-032491bfa5) Red Hat specific rpm configuration files -------------------------------------------------------------------------------- Update Information: Adds a dependency on fpc-srpm-macros so that packages building with the Free Pascal Compiler can make use of its macros. -------------------------------------------------------------------------------- ================================================================================ rubygem-actionpack-4.2.5.2-3.fc24 (FEDORA-2016-b4919ffe56) Web-flow and rendering framework putting the VC in MVC -------------------------------------------------------------------------------- Update Information: - Fix for CVE-2016-6317 (rhbz#1366479) - Fix argument error for instance_exec for Ruby 2.3 compatibility (Only rubygem-activerecord f24) - Improve tests not to accept the failures (Only rubygem-activerecord) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1366479 - CVE-2016-6317 rubygem-activerecord: unsafe query generation in Active Record [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1366479 -------------------------------------------------------------------------------- ================================================================================ rubygem-activerecord-4.2.5.2-2.fc24 (FEDORA-2016-b4919ffe56) Implements the ActiveRecord pattern for ORM -------------------------------------------------------------------------------- Update Information: - Fix for CVE-2016-6317 (rhbz#1366479) - Fix argument error for instance_exec for Ruby 2.3 compatibility (Only rubygem-activerecord f24) - Improve tests not to accept the failures (Only rubygem-activerecord) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1366479 - CVE-2016-6317 rubygem-activerecord: unsafe query generation in Active Record [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1366479 -------------------------------------------------------------------------------- ================================================================================ shared-color-targets-0.1.7-1.fc24 (FEDORA-2016-3abf492a0f) Shared color targets for creating color profiles -------------------------------------------------------------------------------- Update Information: New upstream release with several new targets from Wolf Faust. -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
