The following Fedora 24 Security updates need testing: Age URL 83 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 66 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f chicken-4.11.0-3.fc24 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-990e2012ea compat-guile18-1.8.8-14.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-59316cf667 tor-0.2.8.9-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e0f0d48142 jasper-1.900.13-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c1b01b9278 tomcat-8.0.38-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-73054cfeeb java-1.8.0-openjdk-aarch32-1.8.0.102-7.160812.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c9d15bbcbb kdepimlibs-4.14.10-15.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cae6456f63 quagga-0.99.24.1-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c671aae490 chromium-native_client-54.0.2840.59-1.20161013git090f907.fc24 chromium-54.0.2840.71-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-160ec6525e libwebp-0.5.1-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-00d2f5c19f mingw-libwebp-0.5.1-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0d1a8ee35b xen-4.6.3-7.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00a05d7b9 pungi-4.1.10-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3eaf049e56 libfm-1.2.4-8.D20161017git82b3a1a201.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3d5c976bf8 menu-cache-1.0.1-3.D20161021git441f0ca9a1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e0f0d48142 jasper-1.900.13-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-be63aafd32 libarchive-3.2.2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f4c0c9930 libraw1394-2.1.2-1.fc24 The following builds have been pushed to Fedora 24 updates-testing calamares-2.4.3-1.fc24 ghc-rpm-macros-1.4.17-1.fc24 perl-Devel-Timer-0.09-1.fc24 php-markdown-1.7.0-1.fc24 php-ocramius-code-generator-utils-0.3.2-4.fc24 php-ocramius-generated-hydrator-1.2.0-1.fc24 php-ocramius-proxy-manager-1.0.2-2.fc24 psad-2.4.3-3.fc24 python-wand-0.4.4-1.fc24 sigul-0.202-0.fc24 snap-confine-1.0.44-2.fc24 votca-csg-1.4-1.fc24 votca-tools-1.4-1.fc24 votca-xtp-1.4-1.fc24 xen-4.6.3-7.fc24 zsh-syntax-highlighting-0.5.0-1.fc24 Details about builds: ================================================================================ calamares-2.4.3-1.fc24 (FEDORA-2016-426a9a785c) Installer from a live CD/DVD/USB to disk -------------------------------------------------------------------------------- Update Information: An update of Calamares to the latest upstream release, version 2.4.3. What is new compared to the calamares-2.4.2-3 packages: * fixed user creation so it obeys the list of default groups for new users; * added Deepin support to the `displaymanager` module; * fixed an issue which could cause a failed install with LUKS if other LUKS partitions are already present. Note that the changes to support LUKS full disk encryption with `dracut` (including the added support for C++/Qt batch job plugins, used for the new `dracutlukscfg` module) are now included in the upstream release. (They have been backported from the master branch to the 2.4.x stable branch upstream.) These changes were already backported in the calamares-2.4.2-3 Fedora packages and are thus not listed above. -------------------------------------------------------------------------------- ================================================================================ ghc-rpm-macros-1.4.17-1.fc24 (FEDORA-2016-812064dd22) RPM macros for building Haskell packages for GHC -------------------------------------------------------------------------------- Update Information: Backports from F25 including: - support for subpackaging with ghc_libs_build and ghc_libs_install - %ghc_lib_subpackage now also accepts pkg-ver without hyphen - new ghc_fix_rpath macro - ghc_gen_filelists now handles license files automatically - set Cabal docdir to licensedir so licenses end up in right place - ghc_lib_subpackage now takes name-version -------------------------------------------------------------------------------- ================================================================================ perl-Devel-Timer-0.09-1.fc24 (FEDORA-2016-a7839eddaa) Track and report execution time for parts of code -------------------------------------------------------------------------------- Update Information: 0.09 2016.10.19 MANWAR --- - Tidied up pod document in general and documented method report(). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1386663 - perl-Devel-Timer-0.09 is available https://bugzilla.redhat.com/show_bug.cgi?id=1386663 -------------------------------------------------------------------------------- ================================================================================ php-markdown-1.7.0-1.fc24 (FEDORA-2016-c889de3d9d) Markdown implementation in PHP -------------------------------------------------------------------------------- Update Information: **PHP Markdown Lib 1.7.0** (29 Oct 2016) * Added a `hard_wrap` configuration variable to make all newline characters in the text become `<br>` tags in the HTML output. By default, according to the standard Markdown syntax these newlines are ignored unless they a preceded by two spaces. Thanks to Jonathan Cohlmeyer for the implementation. * Improved the parsing of list items to fix problematic cases that came to light with the addition of `hard_wrap`. This should have no effect on the output except span-level list items that ended with two spaces (and thus ended with a line break). * Added a `code_span_content_func` configuration variable which takes a function that will convert the content of the code span to HTML. This can be useful to implement syntax highlighting. Although contrary to its code block equivalent, there is no syntax for specifying a language. Credits to styxit for the implementation. * Fixed a Markdwon Extra issue where two-space-at-end-of- line hard breaks wouldn't work inside of HTML block elements such as `<p markdown="1">` where the element expects only span-level content. * In the parser code, switched to PHPDoc comment format. Thanks to Robbie Averill for the help. Packaging change: * switch to fedora/autoloader -------------------------------------------------------------------------------- ================================================================================ php-ocramius-code-generator-utils-0.3.2-4.fc24 (FEDORA-2016-4cc636c1d4) A set of code generator utilities built on top of PHP-Parsers -------------------------------------------------------------------------------- Update Information: ## php-ocramius-proxy-manager ### 1.0.2 * 249: Weird problem with FileWriterGeneratorStrategy * 250: Hotfix - #249 file writer generator strategy rename failures * 254: Please check 1.0.1 tag ### 1.0.1 * 249: Weird problem with FileWriterGeneratorStrategy * 250: Hotfix - #249 file writer generator strategy rename failures --- ## php-ocramius-generated-hydrator RPM: Added autoloader ### 1.2.0 * 31: travis add php 7 + hhvm-nightly * 34: update manual's url to "current" instead of specified version at README * 41: Tag release allowing PHP 7 in Composer dependencies list --- ## php-ocramius-code- generator-utils RPM: Added autoloader -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350615 - php-ocramius-proxy-manager: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1350615 [ 2 ] Bug #1251784 - php-ocramius-proxy-manager-1.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1251784 -------------------------------------------------------------------------------- ================================================================================ php-ocramius-generated-hydrator-1.2.0-1.fc24 (FEDORA-2016-4cc636c1d4) An object hydrator -------------------------------------------------------------------------------- Update Information: ## php-ocramius-proxy-manager ### 1.0.2 * 249: Weird problem with FileWriterGeneratorStrategy * 250: Hotfix - #249 file writer generator strategy rename failures * 254: Please check 1.0.1 tag ### 1.0.1 * 249: Weird problem with FileWriterGeneratorStrategy * 250: Hotfix - #249 file writer generator strategy rename failures --- ## php-ocramius-generated-hydrator RPM: Added autoloader ### 1.2.0 * 31: travis add php 7 + hhvm-nightly * 34: update manual's url to "current" instead of specified version at README * 41: Tag release allowing PHP 7 in Composer dependencies list --- ## php-ocramius-code- generator-utils RPM: Added autoloader -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350615 - php-ocramius-proxy-manager: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1350615 [ 2 ] Bug #1251784 - php-ocramius-proxy-manager-1.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1251784 -------------------------------------------------------------------------------- ================================================================================ php-ocramius-proxy-manager-1.0.2-2.fc24 (FEDORA-2016-4cc636c1d4) OOP proxy wrappers utilities -------------------------------------------------------------------------------- Update Information: ## php-ocramius-proxy-manager ### 1.0.2 * 249: Weird problem with FileWriterGeneratorStrategy * 250: Hotfix - #249 file writer generator strategy rename failures * 254: Please check 1.0.1 tag ### 1.0.1 * 249: Weird problem with FileWriterGeneratorStrategy * 250: Hotfix - #249 file writer generator strategy rename failures --- ## php-ocramius-generated-hydrator RPM: Added autoloader ### 1.2.0 * 31: travis add php 7 + hhvm-nightly * 34: update manual's url to "current" instead of specified version at README * 41: Tag release allowing PHP 7 in Composer dependencies list --- ## php-ocramius-code- generator-utils RPM: Added autoloader -------------------------------------------------------------------------------- References: [ 1 ] Bug #1350615 - php-ocramius-proxy-manager: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1350615 [ 2 ] Bug #1251784 - php-ocramius-proxy-manager-1.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1251784 -------------------------------------------------------------------------------- ================================================================================ psad-2.4.3-3.fc24 (FEDORA-2016-d0c111aa20) Port Scan Attack Detector (psad) watches for suspect traffic -------------------------------------------------------------------------------- Update Information: Many changes since the last 2.2.1 release available in Fedora. The most important ones are: * Added support for reading syslog messages from journalctl * Added support for systems with 'firewalld' * Dropped the bundled whois client (system whois client will be used instead if available) * Added native systemd service unit * Added missing SELinux rules preventing psad from running Full upstream changelog: https://github.com/mrash/psad/blob/master/ChangeLog -------------------------------------------------------------------------------- References: [ 1 ] Bug #1040425 - None https://bugzilla.redhat.com/show_bug.cgi?id=1040425 [ 2 ] Bug #1354548 - None https://bugzilla.redhat.com/show_bug.cgi?id=1354548 -------------------------------------------------------------------------------- ================================================================================ python-wand-0.4.4-1.fc24 (FEDORA-2016-4b6cb71fb8) Ctypes-based simple MagickWand API binding for Python -------------------------------------------------------------------------------- Update Information: Updated to Wand Version 0.4.4. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1387848 - None https://bugzilla.redhat.com/show_bug.cgi?id=1387848 -------------------------------------------------------------------------------- ================================================================================ sigul-0.202-0.fc24 (FEDORA-2016-05345bee7d) A signing server and related software client -------------------------------------------------------------------------------- Update Information: Upstream update to fix some bugs and implement Docker signing with the Skopeo model. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1374535 - OSTree support should be optional https://bugzilla.redhat.com/show_bug.cgi?id=1374535 [ 2 ] Bug #991154 - Validate NSS passphrase on startup https://bugzilla.redhat.com/show_bug.cgi?id=991154 -------------------------------------------------------------------------------- ================================================================================ snap-confine-1.0.44-2.fc24 (FEDORA-2016-c579dae0b4) Confinement system for snap applications -------------------------------------------------------------------------------- Update Information: Configure for different /snap directory to match snapd -------------------------------------------------------------------------------- ================================================================================ votca-csg-1.4-1.fc24 (FEDORA-2016-7188d2847c) VOTCA coarse-graining engine -------------------------------------------------------------------------------- Update Information: Version bump to 1.4 -------------------------------------------------------------------------------- ================================================================================ votca-tools-1.4-1.fc24 (FEDORA-2016-7188d2847c) VOTCA tools library -------------------------------------------------------------------------------- Update Information: Version bump to 1.4 -------------------------------------------------------------------------------- ================================================================================ votca-xtp-1.4-1.fc24 (FEDORA-2016-7188d2847c) VOTCA excitation and charge properties module -------------------------------------------------------------------------------- Update Information: Version bump to 1.4 -------------------------------------------------------------------------------- ================================================================================ xen-4.6.3-7.fc24 (FEDORA-2016-0d1a8ee35b) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: several qemu security fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1333425 - CVE-2016-8576 Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch https://bugzilla.redhat.com/show_bug.cgi?id=1333425 [ 2 ] Bug #1383291 - CVE-2016-8578 Qemu: 9pfs: potential NULL dereferencein 9pfs routines https://bugzilla.redhat.com/show_bug.cgi?id=1383291 [ 3 ] Bug #1384909 - CVE-2016-8669 Qemu: char: divide by zero error in serial_update_parameters https://bugzilla.redhat.com/show_bug.cgi?id=1384909 [ 4 ] Bug #1388046 - CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in C+ mode https://bugzilla.redhat.com/show_bug.cgi?id=1388046 [ 5 ] Bug #1327626 - Qemu: timer: a9gtimer: Infinite loop unfolds when updating a9gtimer https://bugzilla.redhat.com/show_bug.cgi?id=1327626 [ 6 ] Bug #1389642 - Qemu: 9pfs: information leakage via xattr https://bugzilla.redhat.com/show_bug.cgi?id=1389642 [ 7 ] Bug #1389550 - Qemu: 9pfs: memory leakage when creating extended attribute https://bugzilla.redhat.com/show_bug.cgi?id=1389550 [ 8 ] Bug #1389702 - Qemu: 9pfs: memory leakage in v9fs_link https://bugzilla.redhat.com/show_bug.cgi?id=1389702 [ 9 ] Bug #1389712 - Qemu: 9pfs: memory leakage in v9fs_write https://bugzilla.redhat.com/show_bug.cgi?id=1389712 [ 10 ] Bug #1389686 - Qemu: 9pfs: integer overflow leading to OOB access https://bugzilla.redhat.com/show_bug.cgi?id=1389686 -------------------------------------------------------------------------------- ================================================================================ zsh-syntax-highlighting-0.5.0-1.fc24 (FEDORA-2016-75b0c56bc7) Fish shell like syntax highlighting for Zsh -------------------------------------------------------------------------------- Update Information: Update to 0.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1389583 - None https://bugzilla.redhat.com/show_bug.cgi?id=1389583 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
