The following Fedora 24 Security updates need testing: Age URL 124 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 107 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f chicken-4.11.0-3.fc24 59 https://bodhi.fedoraproject.org/updates/FEDORA-2016-990e2012ea compat-guile18-1.8.8-14.fc24 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-30f68ec06b mcabber-1.0.4-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fad6fc78dd golang-1.6.4-2.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-60753c3dcd roundcubemail-1.2.3-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a98c560116 tomcat-8.0.39-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a3618d9ef6 python-tornado-4.4.2-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b000091725 php-simplesamlphp-saml2-2.3.3-1.fc24 php-simplesamlphp-saml2_1-1.10.3-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b465090499 ipsilon-2.0.2-2.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4dd1db1e7 lxc-2.0.6-2.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e45a7e7b13 gd-2.2.3-5.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f4e992b0ac gstreamer-plugins-good-0.10.31-17.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a3bc78de2b gstreamer-plugins-bad-free-0.10.23-34.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-240fe757f8 mingw-openjpeg2-2.1.2-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b601141219 cracklib-2.9.6-4.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb22a24d3d dovecot-2.2.27-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4871c26b3c libgsf-1.14.33-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5cb5b4082d kernel-4.8.13-200.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d5fa626991 xen-4.6.4-3.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 24 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cddf0ec383 nss-3.27.0-1.3.fc24 17 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b0006447a5 colord-1.3.4-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e9b731e067 libimobiledevice-1.2.0-8.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-77e191e610 evolution-data-server-3.20.6-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-41ce1a19af libbluray-0.9.3-3.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-90bd4d7d33 selinux-policy-3.13.1-191.23.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0cfbb5a168 cairo-1.14.8-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f047fd7f08 libtiff-4.0.7-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b601141219 cracklib-2.9.6-4.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-975dfd5c27 poppler-data-0.4.7-6.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5d31f40608 koji-1.11.0-1.fc24 fedora-packager-0.6.0.0-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4be615424 pcmanfm-1.2.5-1.fc24 lxsession-0.5.3-1.D20161210gite284f41ad4.fc24 libfm-1.2.4-13.D20161209gitab583d7800.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5cb5b4082d kernel-4.8.13-200.fc24 The following builds have been pushed to Fedora 24 updates-testing byobu-5.113-1.fc24 cinnamon-3.2.3-2.fc24 cinnamon-desktop-3.2.2-1.fc24 cinnamon-screensaver-3.2.7-1.fc24 cinnamon-settings-daemon-3.2.1-1.fc24 dolphin-emu-5.0-7.fc24 fedora-packager-0.6.0.0-1.fc24 hexchat-2.12.4-1.fc24 kernel-4.8.13-200.fc24 koji-1.11.0-1.fc24 libfm-1.2.4-13.D20161209gitab583d7800.fc24 libprelude-3.1.0-26.fc24 lxsession-0.5.3-1.D20161210gite284f41ad4.fc24 lxterminal-0.2.0-8.D20161208git9e61321c.fc24 nemo-3.2.1-1.fc24 nitroshare-0.3.3-2.fc24 nodejs-figures-1.7.0-2.fc24.1 pcmanfm-1.2.5-1.fc24 perl-Devel-StackTrace-2.02-1.fc24 perl-HTML-Lint-2.24-1.fc24 seafile-client-5.1.1-4.fc24 xcompmgr-1.1.7-1.fc24 xen-4.6.4-3.fc24 xfce4-whiskermenu-plugin-1.6.2-1.fc24 xpra-1.0-2.fc24 Details about builds: ================================================================================ byobu-5.113-1.fc24 (FEDORA-2016-b0218bbca1) Light-weight, configurable window manager built upon GNU screen -------------------------------------------------------------------------------- Update Information: Rebuilt for new upstream release 5.113, fixes rhbz #1276014 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276014 - byobu-5.113 is available https://bugzilla.redhat.com/show_bug.cgi?id=1276014 -------------------------------------------------------------------------------- ================================================================================ cinnamon-3.2.3-2.fc24 (FEDORA-2016-17c4e9a42c) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: Release update ---- - Change default settings for two and three finger click, disabling them enables clickpad button areas to function (for libinput). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1402335 - [abrt] cinnamon: subprocess.py:1551:_execute_child:FileNotFoundError: [Errno 2] No such file or directory: 'wget' https://bugzilla.redhat.com/show_bug.cgi?id=1402335 [ 2 ] Bug #1284929 - cinnamon-settings uses wrong python https://bugzilla.redhat.com/show_bug.cgi?id=1284929 -------------------------------------------------------------------------------- ================================================================================ cinnamon-desktop-3.2.2-1.fc24 (FEDORA-2016-17c4e9a42c) Shared code among cinnamon-session, nemo, etc -------------------------------------------------------------------------------- Update Information: Release update ---- - Change default settings for two and three finger click, disabling them enables clickpad button areas to function (for libinput). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1402335 - [abrt] cinnamon: subprocess.py:1551:_execute_child:FileNotFoundError: [Errno 2] No such file or directory: 'wget' https://bugzilla.redhat.com/show_bug.cgi?id=1402335 [ 2 ] Bug #1284929 - cinnamon-settings uses wrong python https://bugzilla.redhat.com/show_bug.cgi?id=1284929 -------------------------------------------------------------------------------- ================================================================================ cinnamon-screensaver-3.2.7-1.fc24 (FEDORA-2016-17c4e9a42c) Cinnamon Screensaver -------------------------------------------------------------------------------- Update Information: Release update ---- - Change default settings for two and three finger click, disabling them enables clickpad button areas to function (for libinput). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1402335 - [abrt] cinnamon: subprocess.py:1551:_execute_child:FileNotFoundError: [Errno 2] No such file or directory: 'wget' https://bugzilla.redhat.com/show_bug.cgi?id=1402335 [ 2 ] Bug #1284929 - cinnamon-settings uses wrong python https://bugzilla.redhat.com/show_bug.cgi?id=1284929 -------------------------------------------------------------------------------- ================================================================================ cinnamon-settings-daemon-3.2.1-1.fc24 (FEDORA-2016-17c4e9a42c) The daemon sharing settings from CINNAMON to GTK+/KDE applications -------------------------------------------------------------------------------- Update Information: Release update ---- - Change default settings for two and three finger click, disabling them enables clickpad button areas to function (for libinput). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1402335 - [abrt] cinnamon: subprocess.py:1551:_execute_child:FileNotFoundError: [Errno 2] No such file or directory: 'wget' https://bugzilla.redhat.com/show_bug.cgi?id=1402335 [ 2 ] Bug #1284929 - cinnamon-settings uses wrong python https://bugzilla.redhat.com/show_bug.cgi?id=1284929 -------------------------------------------------------------------------------- ================================================================================ dolphin-emu-5.0-7.fc24 (FEDORA-2016-54c2c61f57) GameCube / Wii / Triforce Emulator -------------------------------------------------------------------------------- Update Information: New package, imported from RPMFusion. Updates from RPMFusion to Fedora: - License fixes and relocation - Split out common data into data subpackage - Fixed builds for f26+ - Appdata ---- New package, imported from RPMFusion. Updates from RPMFusion to Fedora: - License fixes and relocation - Split out common data into data subpackage - Add a patch for f26+ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379765 - Review Request: dolphin-emu - GameCube / Wii / Triforce Emulator https://bugzilla.redhat.com/show_bug.cgi?id=1379765 -------------------------------------------------------------------------------- ================================================================================ fedora-packager-0.6.0.0-1.fc24 (FEDORA-2016-5d31f40608) Tools for setting up a fedora maintainer environment -------------------------------------------------------------------------------- Update Information: Updates needed for the fedora infra flag day 2016 -------------------------------------------------------------------------------- ================================================================================ hexchat-2.12.4-1.fc24 (FEDORA-2016-1d2ffd8840) A popular and easy to use graphical IRC (chat) client -------------------------------------------------------------------------------- Update Information: New upstream bugfix release: - fix issue with timers causing ping timeouts - fix building against OpenSSL 1.1 - fix /exec output printing invalid utf8 - replace doat plugin with an internal command -------------------------------------------------------------------------------- ================================================================================ kernel-4.8.13-200.fc24 (FEDORA-2016-5cb5b4082d) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.8.13 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400019 - CVE-2016-8655 kernel: Race condition in packet_set_ring leads to use after free https://bugzilla.redhat.com/show_bug.cgi?id=1400019 [ 2 ] Bug #1402013 - CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE https://bugzilla.redhat.com/show_bug.cgi?id=1402013 [ 3 ] Bug #1403145 - CVE-2016-9576 kernel: Use after free in SCSI generic device interface https://bugzilla.redhat.com/show_bug.cgi?id=1403145 -------------------------------------------------------------------------------- ================================================================================ koji-1.11.0-1.fc24 (FEDORA-2016-5d31f40608) Build system tools -------------------------------------------------------------------------------- Update Information: Updates needed for the fedora infra flag day 2016 -------------------------------------------------------------------------------- ================================================================================ libfm-1.2.4-13.D20161209gitab583d7800.fc24 (FEDORA-2016-d4be615424) GIO-based library for file manager-like programs -------------------------------------------------------------------------------- Update Information: LXDE core packages update: * libfm: update to the git head containing some file manager related fix * pcmanfm: 1.2.5 released. * lxsession 0.5.3 is released. -------------------------------------------------------------------------------- ================================================================================ libprelude-3.1.0-26.fc24 (FEDORA-2016-3fe04fb903) Secure Connections between all Sensors and the Prelude Manager -------------------------------------------------------------------------------- Update Information: Bump version to 3.1.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1386938 - Review Request: libprelude - Prelude Library https://bugzilla.redhat.com/show_bug.cgi?id=1386938 -------------------------------------------------------------------------------- ================================================================================ lxsession-0.5.3-1.D20161210gite284f41ad4.fc24 (FEDORA-2016-d4be615424) Lightweight X11 session manager -------------------------------------------------------------------------------- Update Information: LXDE core packages update: * libfm: update to the git head containing some file manager related fix * pcmanfm: 1.2.5 released. * lxsession 0.5.3 is released. -------------------------------------------------------------------------------- ================================================================================ lxterminal-0.2.0-8.D20161208git9e61321c.fc24 (FEDORA-2016-10674536fd) Desktop-independent VTE-based terminal emulator -------------------------------------------------------------------------------- Update Information: Update to the latest git, many bug fixes included. -------------------------------------------------------------------------------- ================================================================================ nemo-3.2.1-1.fc24 (FEDORA-2016-17c4e9a42c) File manager for Cinnamon -------------------------------------------------------------------------------- Update Information: Release update ---- - Change default settings for two and three finger click, disabling them enables clickpad button areas to function (for libinput). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1402335 - [abrt] cinnamon: subprocess.py:1551:_execute_child:FileNotFoundError: [Errno 2] No such file or directory: 'wget' https://bugzilla.redhat.com/show_bug.cgi?id=1402335 [ 2 ] Bug #1284929 - cinnamon-settings uses wrong python https://bugzilla.redhat.com/show_bug.cgi?id=1284929 -------------------------------------------------------------------------------- ================================================================================ nitroshare-0.3.3-2.fc24 (FEDORA-2016-b59a829075) Transfer files from one device to another made extremely simple -------------------------------------------------------------------------------- Update Information: NitroShare v0.3.3 Features included in this release: - Extension for Caja & Nemo - French, Korean, & Spanish translations added - Fixed bug that broke progress and status display - Fixed a number of DPI issues -------------------------------------------------------------------------------- References: [ 1 ] Bug #1356332 - nitroshare-0.3.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1356332 -------------------------------------------------------------------------------- ================================================================================ nodejs-figures-1.7.0-2.fc24.1 (FEDORA-2016-c2029d59f3) Unicode symbols with Windows CMD fallbacks -------------------------------------------------------------------------------- Update Information: fixdep object-assign (F24 branch only) ---- Update to address items from package review -------------------------------------------------------------------------------- References: [ 1 ] Bug #1295295 - uglify task fails: An error occurred while processing a template: <template function> has no method 'indexOf' https://bugzilla.redhat.com/show_bug.cgi?id=1295295 -------------------------------------------------------------------------------- ================================================================================ pcmanfm-1.2.5-1.fc24 (FEDORA-2016-d4be615424) Extremly fast and lightweight file manager -------------------------------------------------------------------------------- Update Information: LXDE core packages update: * libfm: update to the git head containing some file manager related fix * pcmanfm: 1.2.5 released. * lxsession 0.5.3 is released. -------------------------------------------------------------------------------- ================================================================================ perl-Devel-StackTrace-2.02-1.fc24 (FEDORA-2016-c52c6c13a1) Perl module implementing stack trace and stack trace frame objects -------------------------------------------------------------------------------- Update Information: Upstream update -------------------------------------------------------------------------------- ================================================================================ perl-HTML-Lint-2.24-1.fc24 (FEDORA-2016-cf4022b51d) HTML::Lint Perl module -------------------------------------------------------------------------------- Update Information: Upstream update -------------------------------------------------------------------------------- ================================================================================ seafile-client-5.1.1-4.fc24 (FEDORA-2016-2965c6aa75) Seafile cloud storage desktop client -------------------------------------------------------------------------------- Update Information: Enable Shibboleth sign on -------------------------------------------------------------------------------- References: [ 1 ] Bug #1395809 - Seafile Client does not support Shibboleth SSO https://bugzilla.redhat.com/show_bug.cgi?id=1395809 -------------------------------------------------------------------------------- ================================================================================ xcompmgr-1.1.7-1.fc24 (FEDORA-2016-1cee8ae21c) X11 composite manager -------------------------------------------------------------------------------- Update Information: - Rebuilt for new upstream release 1.1.7, fixes rhbz #1213038 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1213038 - xcompmgr-1.1.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1213038 -------------------------------------------------------------------------------- ================================================================================ xen-4.6.4-3.fc24 (FEDORA-2016-d5fa626991) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: ARM guests may induce host asynchronous abort [XSA-201, CVE-2016-9815, CVE-2016-9816, CVE-2016-9817, CVE-2016-9818] (#1399747) qemu: Divide by zero vulnerability in cirrus_do_copy (#1399055) [CVE-2016-9921, CVE-2016-9922] Qemu: 9pfs: memory leakage via proxy/handle callbacks (#1402278) qemu ioport array overflow [XSA-199, CVE-2016-9637] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1399746 - CVE-2016-9815 CVE-2016-9816 CVE-2016-9817 CVE-2016-9818 xsa201 xen: ARM guests may induce host asynchronous abort (XSA-201) https://bugzilla.redhat.com/show_bug.cgi?id=1399746 [ 2 ] Bug #1334398 - CVE-2016-9921 CVE-2016-9922 Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy https://bugzilla.redhat.com/show_bug.cgi?id=1334398 [ 3 ] Bug #1402276 - CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 Qemu: 9pfs: memory leakage via proxy/handle callbacks https://bugzilla.redhat.com/show_bug.cgi?id=1402276 -------------------------------------------------------------------------------- ================================================================================ xfce4-whiskermenu-plugin-1.6.2-1.fc24 (FEDORA-2016-34a11a6dd2) An alternate application launcher for Xfce -------------------------------------------------------------------------------- Update Information: - Rebuilt for new upstream release 1.6.2 -------------------------------------------------------------------------------- ================================================================================ xpra-1.0-2.fc24 (FEDORA-2016-a06f2e6e03) Remote display server for applications and desktops -------------------------------------------------------------------------------- Update Information: Update to 1.0, which includes an enhanced html5 client. This update also disables WebP support, since it is disabled by default upstream. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1309872 - Use XDG_RUNTIME_DIR https://bugzilla.redhat.com/show_bug.cgi?id=1309872 [ 2 ] Bug #1389923 - xpra-0.17.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1389923 [ 3 ] Bug #1401929 - xpra-1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1401929 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
