The following Fedora 24 Security updates need testing: Age URL 53 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 36 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f chicken-4.11.0-3.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89060100d7 mongodb-3.2.8-2.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ea3b7e6556 links-2.13-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a64716084e irssi-0.8.20-2.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7f193a0c59 php-ZendFramework-1.12.20-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5706eeb875 python-django-1.9.10-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-861b8c46b7 nodejs-4.6.0-5.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c23a8ce9e5 mingw-openjpeg2-2.1.2-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cca77daf70 bind99-9.9.9-2.P3.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a3054bda14 systemd-229-14.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c75bdc394a zathura-pdf-mupdf-0.3.0-2.fc24 mujs-0-5.20160921git5c337af.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-328754be1c libdwarf-20160929-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1cc00cde2d c-ares-1.12.0-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a7f9e86df7 mingw-c-ares-1.12.0-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c942ed0424 systemd-229-15.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a54fb4784 bash-4.3.42-7.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2d90928b5b openssh-7.2p2-13.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f022f61d98 selinux-policy-3.13.1-191.17.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-229e5b4143 lorax-24.21-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2bf9743359 pungi-4.1.9-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a3054bda14 systemd-229-14.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cf7725e102 koji-1.10.1-13.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eb3ca41e5d gdb-7.11.1-86.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3c0351c4c6 krb5-1.14.4-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e3f7b813c9 nss-3.27.0-1.0.fc24 nss-softokn-3.27.0-1.0.fc24 nss-util-3.27.0-1.0.fc24 nspr-4.13.0-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a300f36043 perl-Scalar-List-Utils-1.46-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2d90928b5b openssh-7.2p2-13.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a54fb4784 bash-4.3.42-7.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c942ed0424 systemd-229-15.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-30619f42ce python-2.7.12-6.fc24 The following builds have been pushed to Fedora 24 updates-testing ansible-2.1.2.0-1.fc24 ansible-lint-3.3.3-1.fc24 bash-4.3.42-7.fc24 bitstream-1.1-2.fc24 bwrap-oci-0.1.2-6.fc24 c-ares-1.12.0-1.fc24 cura-lulzbot-21.00-1.fc24 findbugs-contrib-6.6.3-2.fc24 foo2zjs-0.20160904-3.fc24 gscan2pdf-1.3.9-2.fc24 kompose-0.1.0-0.1.git8227684.fc24 krb5-1.14.4-4.fc24 libdwarf-20160929-1.fc24 lighttpd-1.4.41-2.fc24 lulzbot-marlin-firmware-21.00-1.fc24 meld-3.16.3-1.fc24 mingw-c-ares-1.12.0-1.fc24 nspr-4.13.0-1.fc24 nss-3.27.0-1.0.fc24 nss-softokn-3.27.0-1.0.fc24 nss-util-3.27.0-1.0.fc24 openfortivpn-1.2.0-1.fc24 openssh-7.2p2-13.fc24 pcmanx-gtk2-1.3-1.fc24 perl-Encode-2.84-11.fc24 perl-Params-Validate-1.25-1.fc24 perl-Scalar-List-Utils-1.46-1.fc24 pintail-0.3-1.20160805git6f2daf7.fc24 python-2.7.12-6.fc24 qemu-2.6.2-1.fc24 qmc2-0.68-1.fc24 root-6.06.08-2.fc24 systemd-229-15.fc24 Details about builds: ================================================================================ ansible-2.1.2.0-1.fc24 (FEDORA-2016-8adffef502) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: See https://github.com/ansible/ansible/blob/stable-2.1/CHANGELOG.md for a full list of changes and bugfixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1372018 - None https://bugzilla.redhat.com/show_bug.cgi?id=1372018 -------------------------------------------------------------------------------- ================================================================================ ansible-lint-3.3.3-1.fc24 (FEDORA-2016-f89908638e) Best practices checker for Ansible -------------------------------------------------------------------------------- Update Information: Update to 3.3.3 -------------------------------------------------------------------------------- ================================================================================ bash-4.3.42-7.fc24 (FEDORA-2016-5a54fb4784) The GNU Bourne Again shell -------------------------------------------------------------------------------- Update Information: Specially crafted SHELLOPTS and PS4 variables can cause arbitrary code execution. It is a security bug described in CVE-2016-7543 and this update fixes it. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379634 - CVE-2016-7543 bash: Specially crafted SHELLOPTS+PS4 variables allows command substitution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1379634 -------------------------------------------------------------------------------- ================================================================================ bitstream-1.1-2.fc24 (FEDORA-2016-2541cc7df1) Simpler access to binary structures such as specified by MPEG, DVB, IETF -------------------------------------------------------------------------------- Update Information: libdvbpsi converts binary structures to C structures. Lists are implemented with chained lists of C structures. biTStream is lower level, and more efficient: fewer memory allocations, fewer memory copies. It also features a better separation between layers and specifications. -------------------------------------------------------------------------------- ================================================================================ bwrap-oci-0.1.2-6.fc24 (FEDORA-2016-4e19f1c030) Run OCI containers with bubblewrap -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ================================================================================ c-ares-1.12.0-1.fc24 (FEDORA-2016-1cc00cde2d) A library that performs asynchronous DNS operations -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-5180 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380463 - CVE-2016-5180 c-ares: Single byte out of buffer write https://bugzilla.redhat.com/show_bug.cgi?id=1380463 -------------------------------------------------------------------------------- ================================================================================ cura-lulzbot-21.00-1.fc24 (FEDORA-2016-e79cb0e704) Cura LulzBot Edition, 3D printer control software -------------------------------------------------------------------------------- Update Information: Update to 21.00. -------------------------------------------------------------------------------- ================================================================================ findbugs-contrib-6.6.3-2.fc24 (FEDORA-2016-74f29a7bc8) Extra findbugs detectors -------------------------------------------------------------------------------- Update Information: Update to new version 6.6.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379056 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379056 -------------------------------------------------------------------------------- ================================================================================ foo2zjs-0.20160904-3.fc24 (FEDORA-2016-c262272862) Linux printer driver for ZjStream protocol -------------------------------------------------------------------------------- Update Information: Add optflags to CFLAGS -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380520 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380520 -------------------------------------------------------------------------------- ================================================================================ gscan2pdf-1.3.9-2.fc24 (FEDORA-2016-6d7dcc529f) GUI for producing a multipage PDF from a scan -------------------------------------------------------------------------------- Update Information: This release corrects re-exporting 1-bpp images into PDF. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1369984 - None https://bugzilla.redhat.com/show_bug.cgi?id=1369984 -------------------------------------------------------------------------------- ================================================================================ kompose-0.1.0-0.1.git8227684.fc24 (FEDORA-2016-26445cfcfe) Tool to move from `docker-compose` to Kubernetes -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379460 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379460 -------------------------------------------------------------------------------- ================================================================================ krb5-1.14.4-4.fc24 (FEDORA-2016-3c0351c4c6) The Kerberos network authentication system -------------------------------------------------------------------------------- Update Information: Fix ACL file check in kprop.service -------------------------------------------------------------------------------- ================================================================================ libdwarf-20160929-1.fc24 (FEDORA-2016-328754be1c) Library to access the DWARF Debugging file format -------------------------------------------------------------------------------- Update Information: Update to 20160929 upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1378719 - CVE-2016-7510 libdwarf: Out-of-bounds read in read_line_table_program [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378719 [ 2 ] Bug #1377107 - libdwarf Integer Overflow https://bugzilla.redhat.com/show_bug.cgi?id=1377107 [ 3 ] Bug #1376362 - CVE-2016-7410 libdwarf: Heap buffer overflow in _dwarf_read_loc_section [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1376362 [ 4 ] Bug #1379019 - libdwarf-20160923 is available https://bugzilla.redhat.com/show_bug.cgi?id=1379019 [ 5 ] Bug #1380556 - libdwarf-20160929 is available https://bugzilla.redhat.com/show_bug.cgi?id=1380556 -------------------------------------------------------------------------------- ================================================================================ lighttpd-1.4.41-2.fc24 (FEDORA-2016-c53b6ee2b2) Lightning fast webserver with light system requirements -------------------------------------------------------------------------------- Update Information: Directory and permissions fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1201056 - None https://bugzilla.redhat.com/show_bug.cgi?id=1201056 -------------------------------------------------------------------------------- ================================================================================ lulzbot-marlin-firmware-21.00-1.fc24 (FEDORA-2016-e79cb0e704) Marlin firmware files for the Lulzbot family of 3D printers -------------------------------------------------------------------------------- Update Information: Update to 21.00. -------------------------------------------------------------------------------- ================================================================================ meld-3.16.3-1.fc24 (FEDORA-2016-d7427aba83) Visual diff and merge tool -------------------------------------------------------------------------------- Update Information: This brings the new meld release in version 3.16.3 to you. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380050 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380050 -------------------------------------------------------------------------------- ================================================================================ mingw-c-ares-1.12.0-1.fc24 (FEDORA-2016-a7f9e86df7) Library that performs asynchronous DNS operations -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-5180 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380463 - CVE-2016-5180 c-ares: Single byte out of buffer write https://bugzilla.redhat.com/show_bug.cgi?id=1380463 -------------------------------------------------------------------------------- ================================================================================ nspr-4.13.0-1.fc24 (FEDORA-2016-e3f7b813c9) Netscape Portable Runtime -------------------------------------------------------------------------------- Update Information: Updates the nss family of packages to upstream NSS 3.27. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.27_release_notes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380067 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380067 -------------------------------------------------------------------------------- ================================================================================ nss-3.27.0-1.0.fc24 (FEDORA-2016-e3f7b813c9) Network Security Services -------------------------------------------------------------------------------- Update Information: Updates the nss family of packages to upstream NSS 3.27. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.27_release_notes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380067 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380067 -------------------------------------------------------------------------------- ================================================================================ nss-softokn-3.27.0-1.0.fc24 (FEDORA-2016-e3f7b813c9) Network Security Services Softoken Module -------------------------------------------------------------------------------- Update Information: Updates the nss family of packages to upstream NSS 3.27. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.27_release_notes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380067 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380067 -------------------------------------------------------------------------------- ================================================================================ nss-util-3.27.0-1.0.fc24 (FEDORA-2016-e3f7b813c9) Network Security Services Utilities Library -------------------------------------------------------------------------------- Update Information: Updates the nss family of packages to upstream NSS 3.27. For details about new functionality and a list of bugs fixed in this release please see the upstream release notes https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.27_release_notes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380067 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380067 -------------------------------------------------------------------------------- ================================================================================ openfortivpn-1.2.0-1.fc24 (FEDORA-2016-35f4a05af3) Client for PPP+SSL VPN tunnel services -------------------------------------------------------------------------------- Update Information: Update to latest upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380062 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380062 -------------------------------------------------------------------------------- ================================================================================ openssh-7.2p2-13.fc24 (FEDORA-2016-2d90928b5b) An open source implementation of SSH protocol versions 1 and 2 -------------------------------------------------------------------------------- Update Information: Fix NULL dereference (#1380297) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380296 - openssh: Null pointer dereference due to early NEWKEYS https://bugzilla.redhat.com/show_bug.cgi?id=1380296 -------------------------------------------------------------------------------- ================================================================================ pcmanx-gtk2-1.3-1.fc24 (FEDORA-2016-19b75873d6) Telnet client designed for BBS browsing -------------------------------------------------------------------------------- Update Information: Feature: Add ANSI color editor Feature: Enhance OpenPCMan style mouse compatibility Feature: Add mouse browsing support Feature: Add hotkey settings Feature: Add gnome-terminal style keyboard shortcuts Feature: Option to startup in simple mode Feature: Close tabs selected by middle clicks Bugfix: Fix build under Fedora Linux Bugfix: Some combinations for key settings do not work -------------------------------------------------------------------------------- ================================================================================ perl-Encode-2.84-11.fc24 (FEDORA-2016-9280233091) Character encodings in Perl -------------------------------------------------------------------------------- Update Information: This release fixes encoding an undefined value. -------------------------------------------------------------------------------- ================================================================================ perl-Params-Validate-1.25-1.fc24 (FEDORA-2016-b07878be9a) Params-Validate Perl module -------------------------------------------------------------------------------- Update Information: Upstream update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380057 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380057 -------------------------------------------------------------------------------- ================================================================================ perl-Scalar-List-Utils-1.46-1.fc24 (FEDORA-2016-a300f36043) A selection of general-utility scalar and list subroutines -------------------------------------------------------------------------------- Update Information: Rebase to upstream version 1.46. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380561 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380561 -------------------------------------------------------------------------------- ================================================================================ pintail-0.3-1.20160805git6f2daf7.fc24 (FEDORA-2016-249e1f83f6) Build web sites from Mallard sources -------------------------------------------------------------------------------- Update Information: Add time stamp in %release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1364194 - None https://bugzilla.redhat.com/show_bug.cgi?id=1364194 -------------------------------------------------------------------------------- ================================================================================ python-2.7.12-6.fc24 (FEDORA-2016-30619f42ce) An interpreted, interactive, object-oriented programming language -------------------------------------------------------------------------------- Update Information: Provide python27 -------------------------------------------------------------------------------- ================================================================================ qemu-2.6.2-1.fc24 (FEDORA-2016-4feaa66b35) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * Rebased to version 2.6.2 -------------------------------------------------------------------------------- ================================================================================ qmc2-0.68-1.fc24 (FEDORA-2016-ab7e4957e6) M.A.M.E. Catalog / Launcher II -------------------------------------------------------------------------------- Update Information: Update to the latest qmc2 release: * http://qmc2.batcom- it.net/index.php/2016/09/28/qmc2-0-68-released/ -------------------------------------------------------------------------------- ================================================================================ root-6.06.08-2.fc24 (FEDORA-2016-5ce365d3ca) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information: Rebuild for gcc 6.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379639 - None https://bugzilla.redhat.com/show_bug.cgi?id=1379639 -------------------------------------------------------------------------------- ================================================================================ systemd-229-15.fc24 (FEDORA-2016-c942ed0424) A System and Service Manager -------------------------------------------------------------------------------- Update Information: Fix for the empty notification message issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380286 - CVE-2016-7795 CVE-2016-7796 systemd: Assertion failure when PID 1 receives a zero-length message over notify socket https://bugzilla.redhat.com/show_bug.cgi?id=1380286 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
