The following Fedora 24 Security updates need testing: Age URL 51 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f chicken-4.11.0-3.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89060100d7 mongodb-3.2.8-2.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b1b1ef703c php-adodb-5.20.6-2.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ea3b7e6556 links-2.13-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a64716084e irssi-0.8.20-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-328754be1c libdwarf-20160923-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7f193a0c59 php-ZendFramework-1.12.20-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5706eeb875 python-django-1.9.10-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-861b8c46b7 nodejs-4.6.0-5.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-58a8f32c86 openjpeg2-2.1.2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c23a8ce9e5 mingw-openjpeg2-2.1.2-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f022f61d98 selinux-policy-3.13.1-191.17.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-429a6242ef polkit-qt-0.112.0-8.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7179af3ac1 kernel-4.7.5-200.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-229e5b4143 lorax-24.21-1.fc24 The following builds have been pushed to Fedora 24 updates-testing avogadro-1.2.0-1.fc24 awscli-1.10.67-1.fc24 cdbs-0.4.148-1.fc24 dbxtool-7-2.fc24 efibootmgr-14-3.fc24 efivar-30-3.fc24 fwupdate-8-2.fc24 giac-1.2.2-10.85.fc24 graphite-web-0.10.0-0.1.rc1.fc24 gsmartcontrol-0.8.7-10.fc24 hub-2.2.5-3.fc24 icaro-1.0.6-1.fc24 imapsync-1.727-1.fc24 kdelibs3-3.5.10-76.fc24 konsole5-16.08.1-2.fc24 libass-0.13.3-1.fc24 mailgraph-1.14-26.fc24 mingw-openjpeg2-2.1.2-1.fc24 nodejs-4.6.0-5.fc24 obconf-qt-0.11.0-1.fc24 openjpeg2-2.1.2-1.fc24 pacmanager-4.5.5.7-4.fc24 perl-JSON-WebToken-0.10-1.fc24 perl-Test-Mock-Guard-0.10-2.fc24 pesign-0.112-4.fc24 php-composer-spdx-licenses-1.1.5-1.fc24 procServ-2.6.1-1.fc24 python-botocore-1.4.57-1.fc24 python-carbon-0.10.0-0.1.rc1.fc24 python-nss-1.0.0-2.fc24 python-s3transfer-0.1.4-1.fc24 python-tahrir-0.9.0-1.fc24 python-tahrir-api-0.8.0-3.fc24 python-whisper-0.10.0-0.1.rc1.fc24 qtpass-1.1.4-1.fc24 rubygem-asciidoctor-pdf-1.5.0-0.2.alpha.13.fc24 supertux-0.5.0-1.fc24 vulkan-1.0.26.0-3.fc24 wxGTK3-3.0.2-24.fc24 yubioath-desktop-3.0.1-2.fc24 Details about builds: ================================================================================ avogadro-1.2.0-1.fc24 (FEDORA-2016-3d485829d0) An advanced molecular editor for chemical purposes -------------------------------------------------------------------------------- Update Information: - Update to 1.2.0 (bz#1347064) (bz#1347416) - Make an i18n sub-package - Patches updated - Install an appdata file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1347443 - None https://bugzilla.redhat.com/show_bug.cgi?id=1347443 [ 2 ] Bug #1347416 - None https://bugzilla.redhat.com/show_bug.cgi?id=1347416 [ 3 ] Bug #1347064 - None https://bugzilla.redhat.com/show_bug.cgi?id=1347064 -------------------------------------------------------------------------------- ================================================================================ awscli-1.10.67-1.fc24 (FEDORA-2016-d8c080dc1b) Universal Command Line Environment for AWS -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1374532 - None https://bugzilla.redhat.com/show_bug.cgi?id=1374532 -------------------------------------------------------------------------------- ================================================================================ cdbs-0.4.148-1.fc24 (FEDORA-2016-aac5107d6e) Common build system for Debian packages -------------------------------------------------------------------------------- Update Information: Update to 0.4.148, see http://metadata.ftp- master.debian.org/changelogs//main/c/cdbs/cdbs_0.4.148_changelog for details. -------------------------------------------------------------------------------- ================================================================================ dbxtool-7-2.fc24 (FEDORA-2016-c6141386ba) Secure Boot DBX updater -------------------------------------------------------------------------------- Update Information: This update brings fwupdate to a signed version in F24, and also adds the newest version of the Secure Boot dbx. -------------------------------------------------------------------------------- ================================================================================ efibootmgr-14-3.fc24 (FEDORA-2016-c6141386ba) EFI Boot Manager -------------------------------------------------------------------------------- Update Information: This update brings fwupdate to a signed version in F24, and also adds the newest version of the Secure Boot dbx. -------------------------------------------------------------------------------- ================================================================================ efivar-30-3.fc24 (FEDORA-2016-c6141386ba) Tools to manage UEFI variables -------------------------------------------------------------------------------- Update Information: This update brings fwupdate to a signed version in F24, and also adds the newest version of the Secure Boot dbx. -------------------------------------------------------------------------------- ================================================================================ fwupdate-8-2.fc24 (FEDORA-2016-c6141386ba) Tools to manage UEFI firmware updates -------------------------------------------------------------------------------- Update Information: This update brings fwupdate to a signed version in F24, and also adds the newest version of the Secure Boot dbx. -------------------------------------------------------------------------------- ================================================================================ giac-1.2.2-10.85.fc24 (FEDORA-2016-e7e8ca74ba) Computer Algebra System, Symbolic calculus, Geometry -------------------------------------------------------------------------------- Update Information: - Update to subversion 85 -------------------------------------------------------------------------------- ================================================================================ graphite-web-0.10.0-0.1.rc1.fc24 (FEDORA-2016-ef3b002240) A Django web application for enterprise scalable realtime graphing -------------------------------------------------------------------------------- Update Information: Update to rc to support newer django version ---- Set correct interpreter for amqp listener and publiser -------------------------------------------------------------------------------- References: [ 1 ] Bug #1363861 - None https://bugzilla.redhat.com/show_bug.cgi?id=1363861 [ 2 ] Bug #1285727 - Files in /var/log/carbon are never deleted https://bugzilla.redhat.com/show_bug.cgi?id=1285727 [ 3 ] Bug #1285725 - Complaints in console.log about missing /etc/carbon/storage-aggregation.conf https://bugzilla.redhat.com/show_bug.cgi?id=1285725 [ 4 ] Bug #1360469 - Please switch to upstream init scripts https://bugzilla.redhat.com/show_bug.cgi?id=1360469 -------------------------------------------------------------------------------- ================================================================================ gsmartcontrol-0.8.7-10.fc24 (FEDORA-2016-17b9487ad3) Graphical user interface for smartctl -------------------------------------------------------------------------------- Update Information: Removed bundle lib pcrecpp and correct dependency of usermode-gtk. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1368430 - None https://bugzilla.redhat.com/show_bug.cgi?id=1368430 [ 2 ] Bug #1119134 - None https://bugzilla.redhat.com/show_bug.cgi?id=1119134 -------------------------------------------------------------------------------- ================================================================================ hub-2.2.5-3.fc24 (FEDORA-2016-f90e46a83a) A command-line wrapper for git with github shortcuts -------------------------------------------------------------------------------- Update Information: Properly install zsh completion script -------------------------------------------------------------------------------- References: [ 1 ] Bug #1359165 - Upstream zsh completion script not installed https://bugzilla.redhat.com/show_bug.cgi?id=1359165 -------------------------------------------------------------------------------- ================================================================================ icaro-1.0.6-1.fc24 (FEDORA-2016-fab12e89d4) Robotic Educational Project -------------------------------------------------------------------------------- Update Information: Bump to the new upstream version -------------------------------------------------------------------------------- ================================================================================ imapsync-1.727-1.fc24 (FEDORA-2016-4980b97ebd) Tool to migrate email between IMAP servers -------------------------------------------------------------------------------- Update Information: Update imapsync to 1.727 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377505 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377505 [ 2 ] Bug #1378999 - None https://bugzilla.redhat.com/show_bug.cgi?id=1378999 [ 3 ] Bug #1377444 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377444 -------------------------------------------------------------------------------- ================================================================================ kdelibs3-3.5.10-76.fc24 (FEDORA-2016-4fbd73a4d8) KDE 3 Libraries -------------------------------------------------------------------------------- Update Information: This kdelibs3 update fixes the KDE 3 compatibility version of KSVG to not crash in an infinite loop on current Breeze icons. This fixes startup of Quanta Plus. In addition, for security reasons, the `grantpty` and `kpac_dhcp_helper` SUID executables were split into an optional `kdelibs3-tools` subpackage that is not installed by default. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1376181 - None https://bugzilla.redhat.com/show_bug.cgi?id=1376181 -------------------------------------------------------------------------------- ================================================================================ konsole5-16.08.1-2.fc24 (FEDORA-2016-a62bcfeadf) KDE Terminal emulator -------------------------------------------------------------------------------- Update Information: Backport fix for Konsole title not updating. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379753 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379753 -------------------------------------------------------------------------------- ================================================================================ libass-0.13.3-1.fc24 (FEDORA-2016-d0c379eb18) Portable library for SSA/ASS subtitles rendering -------------------------------------------------------------------------------- Update Information: Update to 0.13.3. Contains various bugfixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1310363 - None https://bugzilla.redhat.com/show_bug.cgi?id=1310363 -------------------------------------------------------------------------------- ================================================================================ mailgraph-1.14-26.fc24 (FEDORA-2016-e4226bdd8d) A RRDtool frontend for Mail statistics -------------------------------------------------------------------------------- Update Information: Fix syntax error (rhbz#1227493) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1227493 - None https://bugzilla.redhat.com/show_bug.cgi?id=1227493 -------------------------------------------------------------------------------- ================================================================================ mingw-openjpeg2-2.1.2-1.fc24 (FEDORA-2016-c23a8ce9e5) MinGW Windows openjpeg2 library -------------------------------------------------------------------------------- Update Information: Update to version 2.1.2, see https://github.com/uclouvain/openjpeg/blob/v2.1.2/CHANGELOG.md for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377345 - CVE-2016-7445 openjpeg2: Null pointer dereference in convert.c https://bugzilla.redhat.com/show_bug.cgi?id=1377345 -------------------------------------------------------------------------------- ================================================================================ nodejs-4.6.0-5.fc24 (FEDORA-2016-861b8c46b7) JavaScript runtime -------------------------------------------------------------------------------- Update Information: https://nodejs.org/en/blog/release/v4.6.0/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379921 - CVE-2016-7099 nodejs: wildcard certificates not properly validated https://bugzilla.redhat.com/show_bug.cgi?id=1379921 -------------------------------------------------------------------------------- ================================================================================ obconf-qt-0.11.0-1.fc24 (FEDORA-2016-907c9f843e) A configuration editor for the OpenBox window manager -------------------------------------------------------------------------------- Update Information: New package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1357283 - None https://bugzilla.redhat.com/show_bug.cgi?id=1357283 -------------------------------------------------------------------------------- ================================================================================ openjpeg2-2.1.2-1.fc24 (FEDORA-2016-58a8f32c86) C-Library for JPEG 2000 -------------------------------------------------------------------------------- Update Information: Update to version 2.1.2, see https://github.com/uclouvain/openjpeg/blob/v2.1.2/CHANGELOG.md for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377345 - CVE-2016-7445 openjpeg2: Null pointer dereference in convert.c https://bugzilla.redhat.com/show_bug.cgi?id=1377345 -------------------------------------------------------------------------------- ================================================================================ pacmanager-4.5.5.7-4.fc24 (FEDORA-2016-14844a2a1d) Perl Auto Connector a multi-purpose SSH/terminal connection manager -------------------------------------------------------------------------------- Update Information: Post-acceptance SPEC updates -------------------------------------------------------------------------------- ================================================================================ perl-JSON-WebToken-0.10-1.fc24 (FEDORA-2016-4980b97ebd) JSON Web Token (JWT) implementation -------------------------------------------------------------------------------- Update Information: Update imapsync to 1.727 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377505 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377505 [ 2 ] Bug #1378999 - None https://bugzilla.redhat.com/show_bug.cgi?id=1378999 [ 3 ] Bug #1377444 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377444 -------------------------------------------------------------------------------- ================================================================================ perl-Test-Mock-Guard-0.10-2.fc24 (FEDORA-2016-4980b97ebd) Simple mock test library using RAII -------------------------------------------------------------------------------- Update Information: Update imapsync to 1.727 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377505 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377505 [ 2 ] Bug #1378999 - None https://bugzilla.redhat.com/show_bug.cgi?id=1378999 [ 3 ] Bug #1377444 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377444 -------------------------------------------------------------------------------- ================================================================================ pesign-0.112-4.fc24 (FEDORA-2016-c6141386ba) Signing utility for UEFI binaries -------------------------------------------------------------------------------- Update Information: This update brings fwupdate to a signed version in F24, and also adds the newest version of the Secure Boot dbx. -------------------------------------------------------------------------------- ================================================================================ php-composer-spdx-licenses-1.1.5-1.fc24 (FEDORA-2016-92eb98a0ed) SPDX licenses list and validation library -------------------------------------------------------------------------------- Update Information: **Version 1.1.5** * new licenses added. -------------------------------------------------------------------------------- ================================================================================ procServ-2.6.1-1.fc24 (FEDORA-2016-602631e7b2) Process server with telnet console and log access -------------------------------------------------------------------------------- Update Information: New upstream version, fixing minor bugs and vulnerabilities -------------------------------------------------------------------------------- ================================================================================ python-botocore-1.4.57-1.fc24 (FEDORA-2016-d8c080dc1b) Low-level, data-driven core of boto 3 -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1374532 - None https://bugzilla.redhat.com/show_bug.cgi?id=1374532 -------------------------------------------------------------------------------- ================================================================================ python-carbon-0.10.0-0.1.rc1.fc24 (FEDORA-2016-ef3b002240) Back-end data caching and persistence daemon for Graphite -------------------------------------------------------------------------------- Update Information: Update to rc to support newer django version ---- Set correct interpreter for amqp listener and publiser -------------------------------------------------------------------------------- References: [ 1 ] Bug #1363861 - None https://bugzilla.redhat.com/show_bug.cgi?id=1363861 [ 2 ] Bug #1285727 - Files in /var/log/carbon are never deleted https://bugzilla.redhat.com/show_bug.cgi?id=1285727 [ 3 ] Bug #1285725 - Complaints in console.log about missing /etc/carbon/storage-aggregation.conf https://bugzilla.redhat.com/show_bug.cgi?id=1285725 [ 4 ] Bug #1360469 - Please switch to upstream init scripts https://bugzilla.redhat.com/show_bug.cgi?id=1360469 -------------------------------------------------------------------------------- ================================================================================ python-nss-1.0.0-2.fc24 (FEDORA-2016-c93fd2726a) Python bindings for Network Security Services (NSS) -------------------------------------------------------------------------------- Update Information: - Offical 1.0.0 release, only minor tweaks from 1.0.0beta1 - Allow custom include root in setup.py as command line arg - Remove checks for whether a socket is open for reading. It's not possible for the binding to know in all cases, especially if the socket is created from an external socket passed in. * The following module functions were added: - nss.get_all_tokens ---- Offical 1.0.0 release, only minor tweaks from 1.0.0beta1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379863 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379863 [ 2 ] Bug #1367216 - None https://bugzilla.redhat.com/show_bug.cgi?id=1367216 -------------------------------------------------------------------------------- ================================================================================ python-s3transfer-0.1.4-1.fc24 (FEDORA-2016-d8c080dc1b) An Amazon S3 Transfer Manager -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1374532 - None https://bugzilla.redhat.com/show_bug.cgi?id=1374532 -------------------------------------------------------------------------------- ================================================================================ python-tahrir-0.9.0-1.fc24 (FEDORA-2016-b5ba3077c6) A pyramid app for issuing your own Open Badges -------------------------------------------------------------------------------- Update Information: Release 0.9.0 -------------------------------------------------------------------------------- ================================================================================ python-tahrir-api-0.8.0-3.fc24 (FEDORA-2016-592abd8c03) An API for interacting with the Tahrir database -------------------------------------------------------------------------------- Update Information: Release 0.8.0 -------------------------------------------------------------------------------- ================================================================================ python-whisper-0.10.0-0.1.rc1.fc24 (FEDORA-2016-ef3b002240) Whisper is a file-based time-series database format for Graphite -------------------------------------------------------------------------------- Update Information: Update to rc to support newer django version ---- Set correct interpreter for amqp listener and publiser -------------------------------------------------------------------------------- References: [ 1 ] Bug #1363861 - None https://bugzilla.redhat.com/show_bug.cgi?id=1363861 [ 2 ] Bug #1285727 - Files in /var/log/carbon are never deleted https://bugzilla.redhat.com/show_bug.cgi?id=1285727 [ 3 ] Bug #1285725 - Complaints in console.log about missing /etc/carbon/storage-aggregation.conf https://bugzilla.redhat.com/show_bug.cgi?id=1285725 [ 4 ] Bug #1360469 - Please switch to upstream init scripts https://bugzilla.redhat.com/show_bug.cgi?id=1360469 -------------------------------------------------------------------------------- ================================================================================ qtpass-1.1.4-1.fc24 (FEDORA-2016-c22fffe3da) Cross-platform GUI for pass -------------------------------------------------------------------------------- Update Information: Version Bump, changelog can be found [here](https://github.com/IJHack/qtpass/releases/tag/v1.1.4) -------------------------------------------------------------------------------- ================================================================================ rubygem-asciidoctor-pdf-1.5.0-0.2.alpha.13.fc24 (FEDORA-2016-295f79629f) Converts AsciiDoc documents to PDF using Prawn -------------------------------------------------------------------------------- Update Information: new alpha :) -------------------------------------------------------------------------------- ================================================================================ supertux-0.5.0-1.fc24 (FEDORA-2016-79448c1360) Jump'n run like game -------------------------------------------------------------------------------- Update Information: Update to 0.5.0 (#1380088) * In-game level editor * Improved levels in Antarctica and Forest Island * Language packs are fixed * Engine performance improvements * Extended the scripting API: gradients are now scriptable * Added a few more tiles and music * New console commands and command line options (related to the editor) * Various other bugfixes of issues reported since the v0.4.0 release * And more (minor) improvements and changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380088 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380088 -------------------------------------------------------------------------------- ================================================================================ vulkan-1.0.26.0-3.fc24 (FEDORA-2016-d52c05442d) Vulkan loader and validation layers -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379814 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379814 -------------------------------------------------------------------------------- ================================================================================ wxGTK3-3.0.2-24.fc24 (FEDORA-2016-891a14a600) GTK port of the wxWidgets GUI library -------------------------------------------------------------------------------- Update Information: Fixes crash in wxGCDC::DrawEllipticArc() -------------------------------------------------------------------------------- ================================================================================ yubioath-desktop-3.0.1-2.fc24 (FEDORA-2016-5392bd4fcc) Yubikey tool for generating OATH event-based HOTP and time-based TOTP codes -------------------------------------------------------------------------------- Update Information: Fix desktop application executable name -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
