The following Fedora 24 Security updates need testing: Age URL 138 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 121 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f chicken-4.11.0-3.fc24 73 https://bodhi.fedoraproject.org/updates/FEDORA-2016-990e2012ea compat-guile18-1.8.8-14.fc24 35 https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24 19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b465090499 ipsilon-2.0.2-2.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a1f774c3d7 FlightGear-2016.1.2-5.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-04383482b4 game-music-emu-0.6.1-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-608be17784 python-wikitcms-2.1.10-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-631737a49a tracker-1.8.2-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d337166907 freeipa-4.3.2-4.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8586235698 nagios-plugins-2.1.4-2.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c7e60a9fd4 community-mysql-5.7.17-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b7f39a8c1 openjpeg2-2.1.2-3.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-52a1b18397 mingw-openjpeg2-2.1.2-3.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-09dc3efcd2 samba-4.4.8-0.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-76b646637e tor-0.2.8.12-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-06e8a3f776 js-jquery1-1.12.4-2.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8516b7d6fb js-jquery-2.2.4-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1185de6aa6 php-zendframework-zend-mail-2.7.2-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-54a717d5d6 zookeeper-3.4.9-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bc02bff7f5 xen-4.6.4-5.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5c3d057783 libbsd-0.8.3-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-86d2b5aefb curl-7.47.1-10.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-55f912fcdc seamonkey-2.46-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 38 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cddf0ec383 nss-3.27.0-1.3.fc24 18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-90bd4d7d33 selinux-policy-3.13.1-191.23.fc24 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4be615424 libfm-1.2.5-1.fc24 lxsession-0.5.3-2.fc24 pcmanfm-1.2.5-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d2820fc67d libvorbis-1.3.5-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-700f16d3f3 gnome-online-accounts-3.20.5-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0281ab71ff vim-8.0.134-2.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab5b9ae96b audit-2.7-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8b3063d71c meson-0.36.0-4.fc24 redhat-rpm-config-42-2.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-09dc3efcd2 samba-4.4.8-0.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-85dffa754f perl-5.22.2-365.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5c57e05b6 openssl-1.0.2j-3.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b938403605 gcc-6.3.1-1.fc24 libtool-2.4.6-13.fc24 gcc-python-plugin-0.15-8.1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-86d2b5aefb curl-7.47.1-10.fc24 The following builds have been pushed to Fedora 24 updates-testing cinnamon-3.2.7-1.fc24 cinnamon-screensaver-3.2.12-1.fc24 composer-1.3.0-1.fc24 curl-7.47.1-10.fc24 frepple-3.1-1.fc24 java-1.8.0-openjdk-aarch32-1.8.0.112-1.161109.fc24 kf5-libktorrent-2.0.1-5.fc24 lirc-0.9.4c-6.fc24 mate-session-manager-1.16.0-2.fc24 nfs-ganesha-2.4.1-2.fc24 odb-2.4.0-16.fc24 perl-B-Debug-1.24-1.fc24 php-akamai-open-edgegrid-auth-0.6.1-1.fc24 php-akamai-open-edgegrid-client-0.6.2-2.fc24 php-deepend-Mockery-0.9.7-1.fc24 php-react-promise-2.5.0-1.fc24 php-zendframework-zend-expressive-helpers-2.2.0-1.fc24 seamonkey-2.46-1.fc24 tuxguitar-1.4-1.fc24 wine-2.0-0.1.rc2.fc24 wine-mono-4.6.4-1.fc24 Details about builds: ================================================================================ cinnamon-3.2.7-1.fc24 (FEDORA-2016-6bebfa24d5) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: - Update -------------------------------------------------------------------------------- ================================================================================ cinnamon-screensaver-3.2.12-1.fc24 (FEDORA-2016-6bebfa24d5) Cinnamon Screensaver -------------------------------------------------------------------------------- Update Information: - Update -------------------------------------------------------------------------------- ================================================================================ composer-1.3.0-1.fc24 (FEDORA-2016-83d812ade8) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.3.0** - 2016-12-24 * Fixed handling of annotated git tags vs lightweight tags leading to useless updates sometimes * Fixed ext-xdebug not being require-able anymore due to automatic xdebug disabling * Fixed case insensitivity of remove command **Version 1.3.0-RC** - 2016-12-11 * Added workaround for xdebug performance impact by restarting PHP without xdebug automatically in case it is enabled * Added `--minor-only` to the `outdated` command to only show updates to minor versions and ignore new major versions * Added `--apcu-autoloader` to the `update`/`install` commands and `--apcu` to `dump-autoload` to enable an APCu-caching autoloader, which can be more efficient than --classmap-authoritative if you attempt to autoload many classes that do not exist, or if you can not use authoritative classmaps for some reason * Added summary of operations to be executed before they run, and made execution output more compact * Added `php-debug` and `php-zts` virtual platform packages * Added `gitlab-token` auth config for GitLab private tokens * Added `--strict` to the `outdated` command to return a non-zero exit code when there are outdated packages * Added ability to call php scripts using the current php interpreter (instead of finding php in PATH by default) in script handlers via `@php ...` * Added `COMPOSER_ALLOW_XDEBUG` env var to circumvent the xdebug-disabling behavior * Added `COMPOSER_MIRROR_PATH_REPOS` env var to force mirroring of path repositories vs symlinking * Added `COMPOSER_DEV_MODE` env var that is set by Composer to forward the dev mode to script handlers * Fixed support for git 2.11 * Fixed output from zip and rar leaking out when an error occured * Removed `hash` from composer.lock, only `content-hash` is now used which should reduce conflicts * Minor fixes and performance improvements -------------------------------------------------------------------------------- ================================================================================ curl-7.47.1-10.fc24 (FEDORA-2016-86d2b5aefb) A utility for getting files from remote servers (FTP, HTTP, and others) -------------------------------------------------------------------------------- Update Information: - fix floating point buffer overflow issues (CVE-2016-9586) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1406716 - CVE-2016-9586 curl: printf floating point buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1406716 -------------------------------------------------------------------------------- ================================================================================ frepple-3.1-1.fc24 (FEDORA-2016-bc46764d7d) Free Production PLanning -------------------------------------------------------------------------------- Update Information: New upstream release -------------------------------------------------------------------------------- ================================================================================ java-1.8.0-openjdk-aarch32-1.8.0.112-1.161109.fc24 (FEDORA-2016-c4b7b63beb) OpenJDK Runtime Environment in a preview of the OpenJDK AArch32 project -------------------------------------------------------------------------------- Update Information: 8u112 feature update, sync with mainline package -------------------------------------------------------------------------------- ================================================================================ kf5-libktorrent-2.0.1-5.fc24 (FEDORA-2016-1d2a0ef47f) Library providing torrent downloading code -------------------------------------------------------------------------------- Update Information: KDE Framework providing torrent downloading code. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1386774 - Review Request: kf5-libktorrent - Library providing torrent downloading code https://bugzilla.redhat.com/show_bug.cgi?id=1386774 -------------------------------------------------------------------------------- ================================================================================ lirc-0.9.4c-6.fc24 (FEDORA-2016-dc3f1b4a61) The Linux Infrared Remote Control package -------------------------------------------------------------------------------- Update Information: Fixes bug in parsing --listen option (#249) ---- Fix missing lircd- setup.service file -------------------------------------------------------------------------------- ================================================================================ mate-session-manager-1.16.0-2.fc24 (FEDORA-2016-0ed144b91a) MATE Desktop session manager -------------------------------------------------------------------------------- Update Information: fix resizing the startup applications preferences window -------------------------------------------------------------------------------- ================================================================================ nfs-ganesha-2.4.1-2.fc24 (FEDORA-2016-9b8e81133d) NFS-Ganesha is a NFS Server running in user space -------------------------------------------------------------------------------- Update Information: nfs-ganesha 2.4.1 w/ glusterfs-3.8.6 upcall fix -------------------------------------------------------------------------------- ================================================================================ odb-2.4.0-16.fc24 (FEDORA-2016-23fb7e6072) Object-relational mapping (ORM) system for C++ -------------------------------------------------------------------------------- Update Information: Fix for [gcc 6](http://codesynthesis.com/pipermail/odb- users/2016-December/003581.html) -------------------------------------------------------------------------------- ================================================================================ perl-B-Debug-1.24-1.fc24 (FEDORA-2016-02ca7e6d41) Walk Perl syntax tree, print debug information about op-codes -------------------------------------------------------------------------------- Update Information: This release adapts tests to Perl 5.25.6. We deliver only to provide newer version string. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1408456 - perl-B-Debug-1.24 is available https://bugzilla.redhat.com/show_bug.cgi?id=1408456 -------------------------------------------------------------------------------- ================================================================================ php-akamai-open-edgegrid-auth-0.6.1-1.fc24 (FEDORA-2016-09fde30d7a) Implements the Akamai {OPEN} EdgeGrid Authentication -------------------------------------------------------------------------------- Update Information: ### 0.6.1 [17 Dec, 2016] * Fix PHP 7.1 compatibility (@remicollet) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405779 - php-akamai-open-edgegrid-auth-0.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1405779 -------------------------------------------------------------------------------- ================================================================================ php-akamai-open-edgegrid-client-0.6.2-2.fc24 (FEDORA-2016-2dcbdd47db) Implements the Akamai {OPEN} EdgeGrid Authentication -------------------------------------------------------------------------------- Update Information: ### 0.6.2 [17 Dec, 2016] * Update to akamai-open/edgegrid-auth 0.6.1 (PHP 7.1 compatibility) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405781 - php-akamai-open-edgegrid-client-0.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1405781 -------------------------------------------------------------------------------- ================================================================================ php-deepend-Mockery-0.9.7-1.fc24 (FEDORA-2016-dd95eda64c) Mockery is a simple but flexible PHP mock object framework -------------------------------------------------------------------------------- Update Information: **Version 0.9.7** * Clear the _filesToCleanUp array after unlink. -------------------------------------------------------------------------------- ================================================================================ php-react-promise-2.5.0-1.fc24 (FEDORA-2016-ee02b6126a) A lightweight implementation of CommonJS Promises/A for PHP -------------------------------------------------------------------------------- Update Information: ### 2.5.0 (2016-12-22) * Revert automatic cancellation of pending collection promises once the output promise resolves. This was introduced in 42d86b7 (PR #36, released in [v2.3.0](https://github.com/reactphp/promise/releases/tag/v2.3.0)) and was both unintended and backward incompatible. If you need automatic cancellation, you can use something like: ``` function allAndCancel(array $promises) { return \React\Promise\all($promises) ->always(function() use ($promises) { foreach ($promises as $promise) { if ($promise instanceof \React\Promise\CancellablePromiseInterface) { $promise->cancel(); } } }); } ``` * `all()` and `map()` functions now preserve the order of the array (#77). * Fix circular references when resolving a promise with itself (#71). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1408344 - php-react-promise-2.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1408344 -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-expressive-helpers-2.2.0-1.fc24 (FEDORA-2016-abc5584b14) Helper/Utility classes for Expressive -------------------------------------------------------------------------------- Update Information: **Version 2.2.0** - 2016-12-23 - [#30](https://github.com/zendframework/zend- expressive-helpers/pull/30) Use new ZF coding standard - [#31](https://github.com/zendframework/zend-expressive-helpers/pull/32) Check to ensure 100% test coverage is retained **Version 2.1.1** - 2016-12-23 - [#29](https://github.com/zendframework/zend-expressive-helpers/pull/29) Don't throw exception on empty JSON body -------------------------------------------------------------------------------- ================================================================================ seamonkey-2.46-1.fc24 (FEDORA-2016-55f912fcdc) Web browser, e-mail, news, IRC client, HTML editor -------------------------------------------------------------------------------- Update Information: Update to 2.46 Fixes various security issues, see http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more info. No more includes Chatzilla and DOM Inspector in the package -- install them yourself now (as usual other addons) from https://addons.mozilla.org -------------------------------------------------------------------------------- ================================================================================ tuxguitar-1.4-1.fc24 (FEDORA-2016-f9dc76f6dc) A multitrack tablature editor and player written in Java-SWT -------------------------------------------------------------------------------- Update Information: * New edit Toolbar * Several bugs fixed -------------------------------------------------------------------------------- ================================================================================ wine-2.0-0.1.rc2.fc24 (FEDORA-2016-91267b0c0e) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: - Bug fix update of the Mono engine. - Support for IDN name resolution. - Many more Shader Model 5 operations. - Still more fixes in the regression tests. - Various bug fixes. https://www.winehq.org/announce/2.0-rc2 - Bug fixes only, we are in code freeze. https://wine- staging.com/news/2016-12-21-release-2.0-rc2.html - Implement basic AES support in bcrypt. - Remove GnuTLS / CommonCrypto dependency for hash calculations in bcrypt. - Improve TIFF support in windoscodecs. - Various improvements in user32, winhttp and other dlls. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398794 - wine-mono 4.6.3 is broken https://bugzilla.redhat.com/show_bug.cgi?id=1398794 -------------------------------------------------------------------------------- ================================================================================ wine-mono-4.6.4-1.fc24 (FEDORA-2016-91267b0c0e) Mono library required for Wine -------------------------------------------------------------------------------- Update Information: - Bug fix update of the Mono engine. - Support for IDN name resolution. - Many more Shader Model 5 operations. - Still more fixes in the regression tests. - Various bug fixes. https://www.winehq.org/announce/2.0-rc2 - Bug fixes only, we are in code freeze. https://wine- staging.com/news/2016-12-21-release-2.0-rc2.html - Implement basic AES support in bcrypt. - Remove GnuTLS / CommonCrypto dependency for hash calculations in bcrypt. - Improve TIFF support in windoscodecs. - Various improvements in user32, winhttp and other dlls. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1398794 - wine-mono 4.6.3 is broken https://bugzilla.redhat.com/show_bug.cgi?id=1398794 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
