The following Fedora 24 Security updates need testing: Age URL 175 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 72 https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24 41 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 34 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 18 https://bodhi.fedoraproject.org/updates/FEDORA-2017-19b0fe001d runc-1.0.0-3.rc2.gitc91b5be.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5a823376be percona-xtrabackup-2.3.6-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0d7ef286d1 drupal7-title-1.0-0.7.alpha9.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-294c23bb1d phpMyAdmin-4.6.6-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6681f94e10 moodle-3.1.4-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-338a3f27e5 wordpress-4.7.2-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f44f2b8c8 mariadb-10.1.21-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d90fac5c8f jasper-1.900.13-2.fc24 jasper-1.900.13-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-efed73a87c calibre-2.78.0-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6694f5cd3a bitlbee-3.5.1-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 21 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7585703fbe selinux-policy-3.13.1-191.24.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2b2696b823 vim-8.0.238-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a18a784b84 wpa_supplicant-2.5-6.fc24 wpa_supplicant-2.5-6.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d90fac5c8f jasper-1.900.13-2.fc24 jasper-1.900.13-2.fc24 The following builds have been pushed to Fedora 24 updates-testing arc-theme-20161119-3.fc24 bitlbee-3.5.1-1.fc24 bluefish-2.2.10-1.fc24 calibre-2.78.0-1.fc24 cinnamon-3.2.8-4.fc24 copyq-2.8.3-1.fc24 darktable-2.2.2-1.fc24 embree-2.13.0-3.fc24 google-roboto-fonts-2.136-1.fc24 jasper-1.900.13-2.fc24 libdiscid-0.6.2-1.fc24 libmicrohttpd-0.9.52-3.fc24 libmwaw-0.3.10-1.fc24 mcabber-1.0.5-1.fc24 meson-0.38.0-1.fc24 mint-x-icons-1.4.0-2.fc24 nemo-3.2.2-3.fc24 osmo-0.2.14-9.fc24 perl-Inline-Filters-0.20-1.fc24 php-alcaeus-mongo-php-adapter-1.0.9-1.fc24 php-myclabs-deep-copy-1.6.0-1.fc24 php-phpunit-PHP-CodeCoverage-4.0.5-1.fc24 php-phpunit-PHPUnit-5.7.9-1.fc24 php-phpunit-comparator-1.2.4-1.fc24 php-react-0.4.2-2.fc24 php-zendframework-zend-math-2.7.0-2.fc24 python-boto-2.45.0-3.fc24 qt-virt-manager-0.39.60-2.fc24 stp-2.1.2-4.20151122git.3785148.fc24 zanshin-0.4.1-2.fc24 Details about builds: ================================================================================ arc-theme-20161119-3.fc24 (FEDORA-2017-7285b1e3e5) Flat theme with transparent elements -------------------------------------------------------------------------------- Update Information: * Add Patch0: fix missing gradient warning * Build a 'solid'-version of the theme, too (rhbz#1415364) * Symlink all duplicate files to save disk-space -------------------------------------------------------------------------------- References: [ 1 ] Bug #1415364 - Make a "solid" version that don't have transparency https://bugzilla.redhat.com/show_bug.cgi?id=1415364 -------------------------------------------------------------------------------- ================================================================================ bitlbee-3.5.1-1.fc24 (FEDORA-2017-6694f5cd3a) IRC to other chat networks gateway -------------------------------------------------------------------------------- Update Information: BitlBee 3.5.1 (30 Jan 2017) =========================== - purple: Fix crash on file transfer requests from unknown contacts. This was the result of an incomplete fix in the previous release and may result in remote DoS. Read the full security advisory at: https://bugs.bitlbee.org/ticket/1282 - After some investigation we decided to reclassify a crash fix from the previous release as a security issue. Read the full security advisory at: https://bugs.bitlbee.org/ticket/1281 - Included help.txt in the release tarball, which was missing in the previous release and resulted in adding python as a build dependency. The release tarball of 3.5.1 does not require python. -------------------------------------------------------------------------------- ================================================================================ bluefish-2.2.10-1.fc24 (FEDORA-2017-8533068b04) Web development application for experienced users -------------------------------------------------------------------------------- Update Information: This is a cumulative bug-fix release from upstream. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417498 - bluefish-2.2.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1417498 -------------------------------------------------------------------------------- ================================================================================ calibre-2.78.0-1.fc24 (FEDORA-2017-efed73a87c) E-book converter and library manager -------------------------------------------------------------------------------- Update Information: Update to 2.78.0. Fixes bug #1409216 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417556 - calibre: Javascript in the book can access files on the computer using XMLHttpRequest https://bugzilla.redhat.com/show_bug.cgi?id=1417556 -------------------------------------------------------------------------------- ================================================================================ cinnamon-3.2.8-4.fc24 (FEDORA-2017-f64191b1b0) Window management and application launching for GNOME -------------------------------------------------------------------------------- Update Information: * Add patch to use fedora-icon as default menu-icon * Make Cinnamon look more 'Minty' by default * Use dark arc-theme with mint-y-icons and google-noto- sans-fonts -------------------------------------------------------------------------------- References: [ 1 ] Bug #1268718 - Use fedora logo in menu applet https://bugzilla.redhat.com/show_bug.cgi?id=1268718 -------------------------------------------------------------------------------- ================================================================================ copyq-2.8.3-1.fc24 (FEDORA-2017-fc5a3de862) Advanced clipboard manager -------------------------------------------------------------------------------- Update Information: Upstream release rhbz#1417607 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417607 - copyq-v2.8.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1417607 -------------------------------------------------------------------------------- ================================================================================ darktable-2.2.2-1.fc24 (FEDORA-2017-d74708d9b5) Utility to organize and develop raw images -------------------------------------------------------------------------------- Update Information: 2.2.2 release -------------------------------------------------------------------------------- ================================================================================ embree-2.13.0-3.fc24 (FEDORA-2017-909967fb02) Collection of high-performance ray tracing kernels developed at Intel -------------------------------------------------------------------------------- Update Information: This update fixes a proper detection of CPU ISA up to AVX2. [See a detailed information](https://github.com/embree/embree/issues/112#issuecomment-275664971) about the issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1414611 - embree incorrectly enables avx2 instead of avx https://bugzilla.redhat.com/show_bug.cgi?id=1414611 -------------------------------------------------------------------------------- ================================================================================ google-roboto-fonts-2.136-1.fc24 (FEDORA-2017-ed7c66944f) Google Roboto fonts -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ================================================================================ jasper-1.900.13-2.fc24 (FEDORA-2017-d90fac5c8f) Implementation of the JPEG-2000 standard, Part 1 -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-9583 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1405148 - CVE-2016-9583 jasper: Out of bounds heap read in jpc_pi_nextpcrl() https://bugzilla.redhat.com/show_bug.cgi?id=1405148 -------------------------------------------------------------------------------- ================================================================================ libdiscid-0.6.2-1.fc24 (FEDORA-2017-b04f256b3b) C Library for creating MusicBrainz DiscIDs -------------------------------------------------------------------------------- Update Information: Update to 0.6.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417501 - libdiscid-0.6.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1417501 -------------------------------------------------------------------------------- ================================================================================ libmicrohttpd-0.9.52-3.fc24 (FEDORA-2017-530d097adf) Lightweight library for embedding a webserver in applications -------------------------------------------------------------------------------- Update Information: - Enable HTTPS with --enable-https=yes - Re-add gnutls-utilize-system-crypto- policy.patch - Add epoch to allow update of higher release version ---- roolback to release 0.9.46 again, because 0.9.52 does not work -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417407 - Enable HTTPS support in libmicrohttpd https://bugzilla.redhat.com/show_bug.cgi?id=1417407 [ 2 ] Bug #1416034 - libmicrohttpd-0.9.52-1.fc24.x86_64 breaks openvas-gsa-6.0.11-3.fc24.x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1416034 [ 3 ] Bug #1416196 - MHD_start_daemon fails with errno=2. works with 0.9.46 fails with 0.9.52 https://bugzilla.redhat.com/show_bug.cgi?id=1416196 -------------------------------------------------------------------------------- ================================================================================ libmwaw-0.3.10-1.fc24 (FEDORA-2017-c123bea731) A library for import of many old Mac document formats -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ================================================================================ mcabber-1.0.5-1.fc24 (FEDORA-2017-f9670aa378) Console Jabber instant messaging client -------------------------------------------------------------------------------- Update Information: updates -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417502 - mcabber-1.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1417502 -------------------------------------------------------------------------------- ================================================================================ meson-0.38.0-1.fc24 (FEDORA-2017-3a742e7570) High productivity build system -------------------------------------------------------------------------------- Update Information: Update to 0.38.0 -------------------------------------------------------------------------------- ================================================================================ mint-x-icons-1.4.0-2.fc24 (FEDORA-2017-ddb6648245) Icon theme for Linux Mint -------------------------------------------------------------------------------- Update Information: * Symlink files to save disk-space -------------------------------------------------------------------------------- ================================================================================ nemo-3.2.2-3.fc24 (FEDORA-2017-7a325d99d5) File manager for Cinnamon -------------------------------------------------------------------------------- Update Information: Update -------------------------------------------------------------------------------- ================================================================================ osmo-0.2.14-9.fc24 (FEDORA-2017-50d283f3ce) Personal organizer -------------------------------------------------------------------------------- Update Information: removed webkitgtk dependency, dropped aplay patch. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1375822 - osmo must not depend on webkitgtk https://bugzilla.redhat.com/show_bug.cgi?id=1375822 [ 2 ] Bug #1251653 - osmo-0.2.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=1251653 -------------------------------------------------------------------------------- ================================================================================ perl-Inline-Filters-0.20-1.fc24 (FEDORA-2017-a60fb97e22) Common source code filters for Inline modules -------------------------------------------------------------------------------- Update Information: This release decalares license in the metdata and improves tests. ---- This release introduces a CLEAN_AFTER_BUILD argument that allows to suppress cleaning generated C files. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417000 - perl-Inline-Filters-0.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1417000 [ 2 ] Bug #1416393 - perl-Inline-Filters-0.19 is available https://bugzilla.redhat.com/show_bug.cgi?id=1416393 -------------------------------------------------------------------------------- ================================================================================ php-alcaeus-mongo-php-adapter-1.0.9-1.fc24 (FEDORA-2017-e5cd50dcdc) Mongo PHP Adapter -------------------------------------------------------------------------------- Update Information: **Version 1.0.9** (2017-01-29) ------------------ All issues and pull requests under this release may be found under the [1.0.9](https://github.com/alcaeus /mongo-php-adapter/issues?q=milestone%3A1.0.9) milestone. * [#157](https://github.com/alcaeus/mongo-php-adapter/pull/157) fixes a regression introduced in 1.0.8 when using query projection with numeric field names. * [#155](https://github.com/alcaeus/mongo-php-adapter/pull/155) fixes the handling of BSON types when converting legacy types to BSON types. * [#154](https://github.com/alcaeus/mongo-php-adapter/pull/154) makes the `options` parameter in `MongoDB::createCollection` optional. -------------------------------------------------------------------------------- ================================================================================ php-myclabs-deep-copy-1.6.0-1.fc24 (FEDORA-2017-a375675295) Create deep copies (clones) of your objects -------------------------------------------------------------------------------- Update Information: **Version 1.6.0** * malc0mn implemented #18 in #59: new filter for handling Doctrine Proxies \o/ -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHP-CodeCoverage-4.0.5-1.fc24 (FEDORA-2017-997e0a66b4) PHP code coverage information -------------------------------------------------------------------------------- Update Information: See https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f365b1c4a -------------------------------------------------------------------------------- ================================================================================ php-phpunit-PHPUnit-5.7.9-1.fc24 (FEDORA-2017-8f365b1c4a) The PHP Unit Testing framework -------------------------------------------------------------------------------- Update Information: **Version 5.7.9** - 2017-01-28 * Fixed [#2447](https://github.com/sebastianbergmann/phpunit/issues/2447): Reverted backwards incompatible change to handling of boolean environment variable values specified in XML ---- **Version 5.7.8** - 2017-01-26 * Fixed [#2446](https://github.com/sebastianbergmann/phpunit/issues/2446): Reverted backwards incompatible change to exit code in case of warnings ---- **Version 5.7.7** - 2017-01-25 * Fixed [#1896](https://github.com/sebastianbergmann/phpunit/issues/1896): Wrong test location when `@depends` and `@dataProvider` are combined * Fixed [#1983](https://github.com/sebastianbergmann/phpunit/pull/1983): Tests with `@expectedException` annotation cannot be skipped * Fixed [#2137](https://github.com/sebastianbergmann/phpunit/issues/2137): Warnings for invalid data providers are suppressed when test execution is filtered * Fixed [#2275](https://github.com/sebastianbergmann/phpunit/pull/2275): Invalid UTF-8 characters can lead to missing output * Fixed [#2299](https://github.com/sebastianbergmann/phpunit/issues/2299): `expectExceptionMessage()` and `expectExceptionCode()` do not work without `expectException()` * Fixed [#2328](https://github.com/sebastianbergmann/phpunit/issues/2328): `TestListener` callbacks `startTest()` and `endTest()` are not called when test is skipped due to `@depends` * Fixed [#2331](https://github.com/sebastianbergmann/phpunit/issues/2331): Boolean environment variable values specified in XML get mangled * Fixed [#2333](https://github.com/sebastianbergmann/phpunit/issues/2333): `assertContains()` and `assertNotContains()` do not handle UTF-8 strings correctly * Fixed [#2340](https://github.com/sebastianbergmann/phpunit/pull/2340): Data providers that use `yield` or implement `Iterator` cannot be combined * Fixed [#2349](https://github.com/sebastianbergmann/phpunit/pull/2349): `PHPUnit_TextUI_Command` does not `exit()` when it should * Fixed [#2392](https://github.com/sebastianbergmann/phpunit/issues/2392): Empty (but valid) data provider should skip the test * Fixed [#2431](https://github.com/sebastianbergmann/phpunit/issues/2431): `assertArraySubset()` does not support `ArrayAccess` * Fixed [#2435](https://github.com/sebastianbergmann/phpunit/issues/2435): Empty `@group` annotation causes error on PHP 7.2+ ---- **Version 5.7.6** - 2017-01-22 * Fixed [#2424](https://github.com/sebastianbergmann/phpunit/issues/2424): `TestCase::getStatus()` returns `STATUS_PASSED` instead of `STATUS_RISKY` for risky test * Fixed [#2427](https://github.com/sebastianbergmann/phpunit/issues/2427): TestDox group configuration is not handled * Fixed [#2428](https://github.com/sebastianbergmann/phpunit/pull/2428): Nested arrays specificied in XML configuration file are not handled correctly -------------------------------------------------------------------------------- ================================================================================ php-phpunit-comparator-1.2.4-1.fc24 (FEDORA-2017-0b08337108) Compare PHP values for equality -------------------------------------------------------------------------------- Update Information: See https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f365b1c4a -------------------------------------------------------------------------------- ================================================================================ php-react-0.4.2-2.fc24 (FEDORA-2017-70b54af759) Event-driven, non-blocking I/O with PHP -------------------------------------------------------------------------------- Update Information: Initial `php-react` stack release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1414824 - Review Request: php-clue-stream-filter - A simple and modern approach to stream filtering in PHP https://bugzilla.redhat.com/show_bug.cgi?id=1414824 [ 2 ] Bug #1414831 - Review Request: php-clue-block-react - Integrate async React PHP components into your blocking environment https://bugzilla.redhat.com/show_bug.cgi?id=1414831 [ 3 ] Bug #1414825 - Review Request: php-react-cache - Async caching https://bugzilla.redhat.com/show_bug.cgi?id=1414825 [ 4 ] Bug #1414826 - Review Request: php-react-event-loop - Event loop abstraction layer that libraries can use for evented I/O https://bugzilla.redhat.com/show_bug.cgi?id=1414826 [ 5 ] Bug #1414827 - Review Request: php-react-promise-timer - Trivial timeout implementation for Promises https://bugzilla.redhat.com/show_bug.cgi?id=1414827 [ 6 ] Bug #1414839 - Review Request: php-react-dns - Async DNS resolver https://bugzilla.redhat.com/show_bug.cgi?id=1414839 [ 7 ] Bug #1414842 - Review Request: php-react-socket-client - Async connector to open TCP/IP and SSL/TLS based connections https://bugzilla.redhat.com/show_bug.cgi?id=1414842 [ 8 ] Bug #1414843 - Review Request: php-react-http-client - Asynchronous HTTP client library https://bugzilla.redhat.com/show_bug.cgi?id=1414843 [ 9 ] Bug #1414840 - Review Request: php-react-http - Library for building an evented http server https://bugzilla.redhat.com/show_bug.cgi?id=1414840 [ 10 ] Bug #1414833 - Review Request: php-react-child-process - Library for executing child processes https://bugzilla.redhat.com/show_bug.cgi?id=1414833 [ 11 ] Bug #1414838 - Review Request: php-react-socket - Async, streaming plaintext TCP/IP and secure TLS socket server https://bugzilla.redhat.com/show_bug.cgi?id=1414838 [ 12 ] Bug #1416802 - php-react-socket-0.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1416802 [ 13 ] Bug #1414828 - Review Request: php-react-stream - Basic readable and writable stream interfaces that support piping https://bugzilla.redhat.com/show_bug.cgi?id=1414828 [ 14 ] Bug #1416595 - php-react-stream-0.4.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1416595 [ 15 ] Bug #1414844 - Review Request: php-react - Event-driven, non-blocking I/O with PHP https://bugzilla.redhat.com/show_bug.cgi?id=1414844 -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-math-2.7.0-2.fc24 (FEDORA-2017-2a76afc669) Zend Framework Math component -------------------------------------------------------------------------------- Update Information: **Version 2.8.2** - 2017-01-29 - [#110](https://github.com/zendframework/zend- validator/pull/110) adds new Mastercard 2-series BINs - [#81](https://github.com/zendframework/zend-validator/pull/81) registers the Uuid validator into ValidatorPluginManager. -------------------------------------------------------------------------------- ================================================================================ python-boto-2.45.0-3.fc24 (FEDORA-2017-8fe6e26bbf) A simple, lightweight interface to Amazon Web Services -------------------------------------------------------------------------------- Update Information: This update adds support for EC2's ModifySubnetAttribute operation. -------------------------------------------------------------------------------- ================================================================================ qt-virt-manager-0.39.60-2.fc24 (FEDORA-2017-309dd66a1d) Qt Virtual Machine Manager -------------------------------------------------------------------------------- Update Information: some fixes and enhancements; -------------------------------------------------------------------------------- References: [ 1 ] Bug #1414105 - [abrt] qt-virt-manager: std::__atomic_base<void*>::load(): qt5-virt-manager killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1414105 -------------------------------------------------------------------------------- ================================================================================ stp-2.1.2-4.20151122git.3785148.fc24 (FEDORA-2017-043859a6e5) Constraint solver/decision procedure -------------------------------------------------------------------------------- Update Information: This update fixes a bug in the stp cmake files. Users of the command line tool only do not need this update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1414167 - cmake file resolves to `/usr/lib/libstp.so.2.1.2` instead of `/usr/lib64/libstp.so.2.1.2` https://bugzilla.redhat.com/show_bug.cgi?id=1414167 -------------------------------------------------------------------------------- ================================================================================ zanshin-0.4.1-2.fc24 (FEDORA-2017-36916207e6) Todo/action management software -------------------------------------------------------------------------------- Update Information: Tighten dependencies between subpackages. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
