The following Fedora 24 Security updates need testing: Age URL 127 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 110 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f chicken-4.11.0-3.fc24 61 https://bodhi.fedoraproject.org/updates/FEDORA-2016-990e2012ea compat-guile18-1.8.8-14.fc24 24 https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b465090499 ipsilon-2.0.2-2.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e45a7e7b13 gd-2.2.3-5.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f4e992b0ac gstreamer-plugins-good-0.10.31-17.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a3bc78de2b gstreamer-plugins-bad-free-0.10.23-34.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-240fe757f8 mingw-openjpeg2-2.1.2-2.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bb22a24d3d dovecot-2.2.27-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4871c26b3c libgsf-1.14.33-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cb03b6b70f mapserver-6.2.3-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7de64a450f botan-1.10.14-3.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 26 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cddf0ec383 nss-3.27.0-1.3.fc24 20 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b0006447a5 colord-1.3.4-1.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e9b731e067 libimobiledevice-1.2.0-8.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-77e191e610 evolution-data-server-3.20.6-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-90bd4d7d33 selinux-policy-3.13.1-191.23.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4be615424 libfm-1.2.5-1.fc24 lxsession-0.5.3-2.fc24 pcmanfm-1.2.5-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-535670d69f hwdata-0.295-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d6f054c8fa baloo-widgets-16.08.3-1.fc24 dolphin-16.08.3-1.fc24 dolphin-plugins-16.08.3-1.fc24 kate-16.08.3-1.fc24 kdelibs-4.14.26-2.fc24 kde-baseapps-16.08.3-1.fc24 kde-runtime-16.08.3-3.fc24 konsole5-16.08.3-1.fc24 khelpcenter-16.08.3-1.fc24 kde-l10n-16.08.3-1.fc24 The following builds have been pushed to Fedora 24 updates-testing botan-1.10.14-3.fc24 criu-2.9-1.fc24 dpm-dsi-1.9.11-1.fc24 fedpkg-1.26-3.fc24 future-0.16.0-2.fc24 gst-transcoder-1.8.2-2.fc24 hwdata-0.295-1.fc24 libsodium-1.0.11-2.fc24 libvisio-0.1.5-5.fc24 meson-0.36.0-3.fc24 opendmarc-1.3.2-0.8.fc24 php-horde-Horde-Service-Weather-2.5.3-1.fc24 python-ansible-tower-cli-3.0.2-1.fc24 python-geoip2-2.4.2-1.fc24 python-pyvmomi-6.5-1.fc24 python-wcwidth-0.1.7-1.fc24 realmd-0.16.2-6.fc24 rpkg-1.47-5.fc24 xlockmore-5.49-2.fc24 Details about builds: ================================================================================ botan-1.10.14-3.fc24 (FEDORA-2016-7de64a450f) Crypto library written in C++ -------------------------------------------------------------------------------- Update Information: ### Botan 1.10.14 ### * NOTE WELL: Botan 1.10.x is supported for security patches only until 2017-12-31 * Fix integer overflow during BER decoding, found by Falko Strenzke. This bug is not thought to be directly exploitable but upgrading ASAP is advised. (CVE-2016-9132) * Fix two cases where (in error situations) an exception would be thrown from a destructor, causing a call to std::terminate. * When RC4 is disabled in the build, also prevent it from being included in the OpenSSL provider. (GH #638) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400894 - CVE-2016-9132 botan: Integer overflow in BER decoder https://bugzilla.redhat.com/show_bug.cgi?id=1400894 -------------------------------------------------------------------------------- ================================================================================ criu-2.9-1.fc24 (FEDORA-2016-009bdd0259) Tool for Checkpoint/Restore in User-space -------------------------------------------------------------------------------- Update Information: Update to 2.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403807 - criu-2.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=1403807 -------------------------------------------------------------------------------- ================================================================================ dpm-dsi-1.9.11-1.fc24 (FEDORA-2016-fd59d57370) Disk Pool Manager (DPM) plugin for the Globus GridFTP server -------------------------------------------------------------------------------- Update Information: * new upstream release -------------------------------------------------------------------------------- ================================================================================ fedpkg-1.26-3.fc24 (FEDORA-2016-a383ccbf57) Fedora utility for working with dist-git -------------------------------------------------------------------------------- Update Information: This build contains changes needed for flag day on December 12. - Once you use this version to upload new sources, older versions of `fedpkg` will not be able to work with the package. - pkgs and lookaside site URL are changed. The new URL uses ``https``. You can see the new URls with ``-d`` and ``-v`` when ``clone`` and ``sources``. Changelog - rpkg, https://pagure.io/rpkg/blob/master/f/CHANGELOG.rst - fedpkg, https://pagure.io/fedpkg/blob/master/f/CHANGELOG.rst -------------------------------------------------------------------------------- References: [ 1 ] Bug #714726 - change --root option to --mock-config to fedpkg mockbuild https://bugzilla.redhat.com/show_bug.cgi?id=714726 [ 2 ] Bug #841516 - fedpkg scratch-build error message should be improved to tell you how to do a scratch build without pushing https://bugzilla.redhat.com/show_bug.cgi?id=841516 [ 3 ] Bug #1325775 - Working on branch without remote tracking branch fails due to unpushed changes https://bugzilla.redhat.com/show_bug.cgi?id=1325775 [ 4 ] Bug #1203757 - The description of fedpkg verify-files in the man page and help text is misleading https://bugzilla.redhat.com/show_bug.cgi?id=1203757 [ 5 ] Bug #1169663 - Build stops with "Could not execute scratch_build: There are unpushed changes in your repo" when there are no unpushed changes in the current branch https://bugzilla.redhat.com/show_bug.cgi?id=1169663 [ 6 ] Bug #1402882 - fedpkg local fails https://bugzilla.redhat.com/show_bug.cgi?id=1402882 -------------------------------------------------------------------------------- ================================================================================ future-0.16.0-2.fc24 (FEDORA-2016-887262a45a) Easy, clean, reliable Python 2/3 compatibility -------------------------------------------------------------------------------- Update Information: - Update to 0.16.0 -------------------------------------------------------------------------------- ================================================================================ gst-transcoder-1.8.2-2.fc24 (FEDORA-2016-1742ad8df7) GStreamer Transcoding API -------------------------------------------------------------------------------- Update Information: Fixes in packaging -------------------------------------------------------------------------------- ================================================================================ hwdata-0.295-1.fc24 (FEDORA-2016-535670d69f) Hardware identification and configuration data -------------------------------------------------------------------------------- Update Information: Updated pci, usb and vendor ids. -------------------------------------------------------------------------------- ================================================================================ libsodium-1.0.11-2.fc24 (FEDORA-2016-2d69230f19) The Sodium crypto library -------------------------------------------------------------------------------- Update Information: Add static library in new "static" sub package. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1404212 - Add static link library subpackage to libsodium https://bugzilla.redhat.com/show_bug.cgi?id=1404212 -------------------------------------------------------------------------------- ================================================================================ libvisio-0.1.5-5.fc24 (FEDORA-2016-074aed80fd) A library for import of Microsoft Visio diagrams -------------------------------------------------------------------------------- Update Information: fix char background color in some cases -------------------------------------------------------------------------------- ================================================================================ meson-0.36.0-3.fc24 (FEDORA-2016-220b873f7d) High productivity build system -------------------------------------------------------------------------------- Update Information: Fixes in RPM macro -------------------------------------------------------------------------------- References: [ 1 ] Bug #1401062 - %meson -Denable_gudev=true does not work https://bugzilla.redhat.com/show_bug.cgi?id=1401062 -------------------------------------------------------------------------------- ================================================================================ opendmarc-1.3.2-0.8.fc24 (FEDORA-2016-dfebe30cda) A Domain-based Message Authentication, Reporting & Conformance (DMARC) milter and library -------------------------------------------------------------------------------- Update Information: This update fixes a bug that would cause opendmarc to crash soon after starting up. See [RHBZ #1398444](https://bugzilla.redhat.com/show_bug.cgi?id=1398444) and upstream [#185](https://sourceforge.net/p/opendmarc/tickets/185/). It also includes many other bug fixes from Juri Haberland's [tracking page](http://batleth.sapienti-sat.org/projects/opendmarc/). ---- Fixed path in import-stats patch ---- Updating to 1.3.2.Beta0 release, in anticipation of full release. This version incorporates a number of patches since the 1.3.1 release. See: https://sourceforge.net/p/opendmarc/activity/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398444 - [abrt] opendmarc: mlfi_connect(): opendmarc killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1398444 [ 2 ] Bug #1293279 - opendkim miss LDAP support https://bugzilla.redhat.com/show_bug.cgi?id=1293279 [ 3 ] Bug #1287176 - OpenDMARC does not accept valid mail size limiting syntax in DMARC record https://bugzilla.redhat.com/show_bug.cgi?id=1287176 [ 4 ] Bug #1331971 - wrong result with self SPF check https://bugzilla.redhat.com/show_bug.cgi?id=1331971 [ 5 ] Bug #1332521 - opendmarc always adds spf=pass https://bugzilla.redhat.com/show_bug.cgi?id=1332521 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Service-Weather-2.5.3-1.fc24 (FEDORA-2016-e6d8012636) Horde Weather Provider -------------------------------------------------------------------------------- Update Information: **Horde_Service_Weather 2.5.3** * [mjr] Create standalone CLI script for generation of metar station data. * [mjr] Improve metar table creation performance. -------------------------------------------------------------------------------- ================================================================================ python-ansible-tower-cli-3.0.2-1.fc24 (FEDORA-2016-e52dafb49f) A CLI tool for Ansible Tower -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ python-geoip2-2.4.2-1.fc24 (FEDORA-2016-4d43c65647) MaxMind GeoIP2 API -------------------------------------------------------------------------------- Update Information: Update to 2.4.2 -------------------------------------------------------------------------------- ================================================================================ python-pyvmomi-6.5-1.fc24 (FEDORA-2016-1c6093f454) VMware vSphere Python SDK -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ python-wcwidth-0.1.7-1.fc24 (FEDORA-2016-78eec3ab02) Measures number of Terminal column cells of wide-character codes -------------------------------------------------------------------------------- Update Information: update -------------------------------------------------------------------------------- ================================================================================ realmd-0.16.2-6.fc24 (FEDORA-2016-43b75c5a14) Kerberos realm enrollment service -------------------------------------------------------------------------------- Update Information: Add a fallback to TCP when trying to find a KDC -------------------------------------------------------------------------------- References: [ 1 ] Bug #1401605 - Adding Kerberos user fails for non-domain accounts https://bugzilla.redhat.com/show_bug.cgi?id=1401605 -------------------------------------------------------------------------------- ================================================================================ rpkg-1.47-5.fc24 (FEDORA-2016-a383ccbf57) Utility for interacting with rpm+git packaging systems -------------------------------------------------------------------------------- Update Information: This build contains changes needed for flag day on December 12. - Once you use this version to upload new sources, older versions of `fedpkg` will not be able to work with the package. - pkgs and lookaside site URL are changed. The new URL uses ``https``. You can see the new URls with ``-d`` and ``-v`` when ``clone`` and ``sources``. Changelog - rpkg, https://pagure.io/rpkg/blob/master/f/CHANGELOG.rst - fedpkg, https://pagure.io/fedpkg/blob/master/f/CHANGELOG.rst -------------------------------------------------------------------------------- References: [ 1 ] Bug #714726 - change --root option to --mock-config to fedpkg mockbuild https://bugzilla.redhat.com/show_bug.cgi?id=714726 [ 2 ] Bug #841516 - fedpkg scratch-build error message should be improved to tell you how to do a scratch build without pushing https://bugzilla.redhat.com/show_bug.cgi?id=841516 [ 3 ] Bug #1325775 - Working on branch without remote tracking branch fails due to unpushed changes https://bugzilla.redhat.com/show_bug.cgi?id=1325775 [ 4 ] Bug #1203757 - The description of fedpkg verify-files in the man page and help text is misleading https://bugzilla.redhat.com/show_bug.cgi?id=1203757 [ 5 ] Bug #1169663 - Build stops with "Could not execute scratch_build: There are unpushed changes in your repo" when there are no unpushed changes in the current branch https://bugzilla.redhat.com/show_bug.cgi?id=1169663 [ 6 ] Bug #1402882 - fedpkg local fails https://bugzilla.redhat.com/show_bug.cgi?id=1402882 -------------------------------------------------------------------------------- ================================================================================ xlockmore-5.49-2.fc24 (FEDORA-2016-60c6085013) Screen lock and screen saver -------------------------------------------------------------------------------- Update Information: rebuilt -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403482 - update 5.49 https://bugzilla.redhat.com/show_bug.cgi?id=1403482 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
