The following Fedora 24 Security updates need testing: Age URL 171 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 69 https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24 38 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 31 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-19b0fe001d runc-1.0.0-3.rc2.gitc91b5be.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-08207fe48b python-crypto-2.6.1-13.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f8094477ee mapserver-6.2.4-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d2e7217e2a irssi-0.8.21-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5a823376be percona-xtrabackup-2.3.6-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0d7ef286d1 drupal7-title-1.0-0.7.alpha9.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-294c23bb1d phpMyAdmin-4.6.6-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6681f94e10 moodle-3.1.4-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5136456ce3 ghostscript-9.20-6.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6d6e2bfd1a libXpm-3.5.12-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6cc158c193 kernel-4.9.6-100.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7585703fbe selinux-policy-3.13.1-191.24.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6d6e2bfd1a libXpm-3.5.12-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6cc158c193 kernel-4.9.6-100.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-61698d771f perl-5.22.3-368.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2b2696b823 vim-8.0.238-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bfe67455ae libtiff-4.0.7-2.fc24 The following builds have been pushed to Fedora 24 updates-testing amanda-3.4.1-3.fc24 beakerlib-1.15-1.fc24 carbon-c-relay-2.6-1.fc24 configsnap-0.11-2.fc24 fedfind-3.4.0-1.fc24 ganglia-3.7.2-13.fc24 gofed-1.0.0-0.7.rc1.fc24 ibus-typing-booster-1.5.20-1.fc24 iguanaIR-1.1.0-19.fc24 kernel-4.9.6-100.fc24 libmicrohttpd-0.9.52-2.fc24 libtiff-4.0.7-2.fc24 pax-utils-1.2.2-1.fc24 perl-5.22.3-368.fc24 perl-Data-GUID-0.049-1.fc24 python-BTrees-4.4.1-1.fc24 python-backports-shutil_which-3.5.1-2.fc24 python-streamlink-0.3.0-1.fc24 systemtap-3.1-0.20170125gite81970274b46.fc24 texstudio-2.12.2-1.fc24 vim-8.0.238-1.fc24 wine-2.0-1.fc24 yad-0.38.2-1.fc24 Details about builds: ================================================================================ amanda-3.4.1-3.fc24 (FEDORA-2017-49ee10ce2c) A network-capable tape backup solution -------------------------------------------------------------------------------- Update Information: Add small patches to enable the Amanda server to continue to back up RHEL5-era clients. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1413165 - amanda 3.4.1 cannot back up old (RHEL5) clients https://bugzilla.redhat.com/show_bug.cgi?id=1413165 -------------------------------------------------------------------------------- ================================================================================ beakerlib-1.15-1.fc24 (FEDORA-2017-41c37fc56e) A shell-level integration testing library -------------------------------------------------------------------------------- Update Information: added rlIsCentOS similar to rlIsRHEL, bz1214190; added missing dependencies, bz1391969; make rlRun use internal variables with more unique name, bz1285804; fix rlRun exitcodes while using various switches, bz1303900; rlFileRestore now better distinquish betwwen various errorneous situations, bz1370453; rlService* won't be blocked be less(1) while systemctl redirection is in place, bz1383303; variable <libPrefix\>LibraryDir variable is created for all imported libraries, holding the path to the library source, bz1074487; all logging messages are now printed to stderr, bz1171881; wildcard %doc inclusion in spec, bz1206173; prevent unbound variables, bz1228264; new functions rlServiceEnabled/rlServiceDisable for enabling/disabling services, bz1234804; updated documentation for rlImport -all, bz1246061; rlAssertNotEquals now accept empty argument, bz1303618; rlRun now uses better filename for output log, bz1314700; fixed cosmetic discrepancy in log output, bz1374256; added documentation reference for bkrdoc, bz843823; added documentation of the testwatcher feature, bz1218169; rlServiceRestore can restore all saved services in no parameter provided, bz494318; rlCheckMount take mount options (ro/rw) into consideration, bz1191627; added documentation for LOG_LEVEL variable, bz581816 -------------------------------------------------------------------------------- ================================================================================ carbon-c-relay-2.6-1.fc24 (FEDORA-2017-5e45f98471) Enhanced C implementation of Carbon relay, aggregator and rewriter -------------------------------------------------------------------------------- Update Information: Update to 2.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416785 - carbon-c-relay-v2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1416785 -------------------------------------------------------------------------------- ================================================================================ configsnap-0.11-2.fc24 (FEDORA-2017-4e3b8f8b55) Record and compare system state -------------------------------------------------------------------------------- Update Information: Updated spec according to Fedora Guidelines -------------------------------------------------------------------------------- References: [ 1 ] Bug #1406786 - Review Request: configsnap - Record and compare system state https://bugzilla.redhat.com/show_bug.cgi?id=1406786 -------------------------------------------------------------------------------- ================================================================================ fedfind-3.4.0-1.fc24 (FEDORA-2017-eb562ccca1) Fedora Finder finds Fedora -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind with a new `get_current_stables` helper that returns a list of current stable Fedora release numbers, `url` and `direct_url` entries in the image dicts provided by `all_images`, and a couple of fixes for the live respin release handling. -------------------------------------------------------------------------------- ================================================================================ ganglia-3.7.2-13.fc24 (FEDORA-2017-fd7f92b12d) Distributed Monitoring System -------------------------------------------------------------------------------- Update Information: There was a mismatch between default config files and file locations. Files holding state of Ganglia Web are now located in /var/lib/ganglia-web -------------------------------------------------------------------------------- References: [ 1 ] Bug #1238325 - Overview default graphs do not show in cluster reports https://bugzilla.redhat.com/show_bug.cgi?id=1238325 -------------------------------------------------------------------------------- ================================================================================ gofed-1.0.0-0.7.rc1.fc24 (FEDORA-2017-d2e0328505) Tool for development of golang devel packages -------------------------------------------------------------------------------- Update Information: Bump to a7766e5587800fc3b49c46149605cd95a98eb31b -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416407 - Bump gofed to the latest commit https://bugzilla.redhat.com/show_bug.cgi?id=1416407 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.5.20-1.fc24 (FEDORA-2017-33dd06fb5b) A completion input method -------------------------------------------------------------------------------- Update Information: update to 1.5.20 -------------------------------------------------------------------------------- ================================================================================ iguanaIR-1.1.0-19.fc24 (FEDORA-2017-db9c1f3d91) Driver for Iguanaworks USB IR transceiver -------------------------------------------------------------------------------- Update Information: No upstream changes, just packaging. Builds the new lirc plugin, fixes some glitches -------------------------------------------------------------------------------- References: [ 1 ] Bug #1156648 - Library is packaged twice as libiguanaIR.so.0 and libiguanaIR.so.0.3 https://bugzilla.redhat.com/show_bug.cgi?id=1156648 [ 2 ] Bug #1409065 - File instead of symlink to .so file in iguanaIR https://bugzilla.redhat.com/show_bug.cgi?id=1409065 [ 3 ] Bug #1413263 - Move tmpfiles.d config to %{_tmpfilesdir}, install license files as %license https://bugzilla.redhat.com/show_bug.cgi?id=1413263 -------------------------------------------------------------------------------- ================================================================================ kernel-4.9.6-100.fc24 (FEDORA-2017-6cc158c193) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.9.6 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416437 - CVE-2017-5577 kernel: vc4: Heap-buffer overflow due to failing checks https://bugzilla.redhat.com/show_bug.cgi?id=1416437 [ 2 ] Bug #1416436 - CVE-2017-5576 kernel: vc4: Integer overflow in temporary allocation layout https://bugzilla.redhat.com/show_bug.cgi?id=1416436 [ 3 ] Bug #1416126 - CVE-2017-5551 kernel: S_ISGD is not cleared when setting posix ACLs in tmpfs (CVE-2016-7097 incomplete fix) https://bugzilla.redhat.com/show_bug.cgi?id=1416126 [ 4 ] Bug #1416110 - CVE-2017-5548 kernel: Using stack for buffers in ieee802154 https://bugzilla.redhat.com/show_bug.cgi?id=1416110 [ 5 ] Bug #1416101 - CVE-2016-10153 kernel: introduce ceph_crypt() for in-place en/decryption https://bugzilla.redhat.com/show_bug.cgi?id=1416101 [ 6 ] Bug #1416096 - CVE-2017-5547 kernel: DMA buffers on stack https://bugzilla.redhat.com/show_bug.cgi?id=1416096 -------------------------------------------------------------------------------- ================================================================================ libmicrohttpd-0.9.52-2.fc24 (FEDORA-2017-eb8164f53f) Lightweight library for embedding a webserver in applications -------------------------------------------------------------------------------- Update Information: Dropped gnutls-utilize-system-crypto-policy.patch -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416196 - MHD_start_daemon fails with errno=2. works with 0.9.46 fails with 0.9.52 https://bugzilla.redhat.com/show_bug.cgi?id=1416196 [ 2 ] Bug #1416034 - libmicrohttpd-0.9.52-1.fc24.x86_64 breaks openvas-gsa-6.0.11-3.fc24.x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1416034 -------------------------------------------------------------------------------- ================================================================================ libtiff-4.0.7-2.fc24 (FEDORA-2017-bfe67455ae) Library of functions for manipulating TIFF format image files -------------------------------------------------------------------------------- Update Information: Fix Hylafax breakage (#1416042) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1416042 - libtiff-4.0.7 breaks hylafax https://bugzilla.redhat.com/show_bug.cgi?id=1416042 -------------------------------------------------------------------------------- ================================================================================ pax-utils-1.2.2-1.fc24 (FEDORA-2017-ddd0d3deee) ELF utils that can check files for security relevant properties -------------------------------------------------------------------------------- Update Information: Selected changes from upstream changelog: * dumpelf: add support for prelink sections * dumpelf: add support for dumping notes * scanelf: fix offset checking when looking up symbols via hash * scanmacho: fix 126 byte limit on -E option -------------------------------------------------------------------------------- References: [ 1 ] Bug #1415526 - pax-utils-1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1415526 -------------------------------------------------------------------------------- ================================================================================ perl-5.22.3-368.fc24 (FEDORA-2017-61698d771f) Practical Extraction and Report Language -------------------------------------------------------------------------------- Update Information: This release fixes UTF-8 string handling in & operator, recreation of *:: glob, parsing goto statements in multicalled subroutines, and a heap overlow in parsing source code with $# variable. -------------------------------------------------------------------------------- ================================================================================ perl-Data-GUID-0.049-1.fc24 (FEDORA-2017-da9870432c) Globally unique identifiers -------------------------------------------------------------------------------- Update Information: Minor upstream bugfix update -------------------------------------------------------------------------------- ================================================================================ python-BTrees-4.4.1-1.fc24 (FEDORA-2017-b4d8e33d45) Scalable persistent object containers -------------------------------------------------------------------------------- Update Information: This update fixes some packaging problems with release 4.4.0. -------------------------------------------------------------------------------- ================================================================================ python-backports-shutil_which-3.5.1-2.fc24 (FEDORA-2017-3359f1d100) Backport of shutil.which from Python 3 -------------------------------------------------------------------------------- Update Information: Backport of shutil.which from Python 3 (https://docs.python.org/3/library/shutil.html#shutil.which). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1411028 - Review Request: python-backports-shutil_which - Backport of shutil.which from Python 3 https://bugzilla.redhat.com/show_bug.cgi?id=1411028 -------------------------------------------------------------------------------- ================================================================================ python-streamlink-0.3.0-1.fc24 (FEDORA-2017-01646bbbf7) Python library for extracting streams from various websites -------------------------------------------------------------------------------- Update Information: Release 0.3.0 of Streamlink. Main features are: * Lot's of maintaining / updates to plugins * General bug and doc fixes -------------------------------------------------------------------------------- ================================================================================ systemtap-3.1-0.20170125gite81970274b46.fc24 (FEDORA-2017-2ae6235dab) Programmable system-wide instrumentation system -------------------------------------------------------------------------------- Update Information: Automated weekly rawhide release -------------------------------------------------------------------------------- ================================================================================ texstudio-2.12.2-1.fc24 (FEDORA-2017-83a19918a1) A feature-rich editor for LaTeX documents -------------------------------------------------------------------------------- Update Information: - update to 2.12.2 - http://texstudio.sourceforge.net/manual/current/CHANGELOG.txt -------------------------------------------------------------------------------- ================================================================================ vim-8.0.238-1.fc24 (FEDORA-2017-2b2696b823) The VIM editor -------------------------------------------------------------------------------- Update Information: The newest upstream commit -------------------------------------------------------------------------------- ================================================================================ wine-2.0-1.fc24 (FEDORA-2017-76781d765d) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: https://www.winehq.org/news/2017012401 https://www.winehq.org/announce/2.0 https://wine-staging.com/news/2017-01-25-release-2.0.html -------------------------------------------------------------------------------- ================================================================================ yad-0.38.2-1.fc24 (FEDORA-2017-a41f0b2233) Display graphical dialogs from shell scripts or command line -------------------------------------------------------------------------------- Update Information: update to yad 0.38.2 ---- update to yad-0.38.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403631 - yad-0.38.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1403631 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
