The following Fedora 24 Security updates need testing: Age URL 83 https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24 52 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 46 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ba9c6a3634 quagga-0.99.24.1-5.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6938ef7591 epiphany-3.20.7-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-22828d4bdb redis-3.2.7-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-18d3fc2ec1 python-peewee-2.8.5-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9a5b89363f libwmf-0.2.8.4-50.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d5fb74cd2e zoneminder-1.28.1-8.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fa4e441e03 netpbm-10.77.00-3.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-404f1a29fc mingw-gtk-vnc-0.7.0-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a9e6a5c249 gtk-vnc-0.7.0-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-27099c270a bind-9.10.4-3.P6.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-92d84f68cf kernel-4.9.9-100.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-abbfa3f1a9 python-cjson-1.1.0-9.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-85415b3949 lua-5.3.4-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-176122b6c4 ntfs-3g-2016.2.22-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-92d84f68cf kernel-4.9.9-100.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9b2cf468d5 vim-8.0.324-1.fc24 The following builds have been pushed to Fedora 24 updates-testing cabal-rpm-0.11-1.fc24 fedfind-3.4.3-1.fc24 firewalld-0.4.4.3-1.fc24 gimagereader-3.2.1-1.fc24 kernel-4.9.9-100.fc24 mozjs31-31.5.0-1.fc24 perl-Return-Type-0.005-1.fc24 perl-Sub-Infix-0.004-1.fc24 php-deepend-Mockery-0.9.8-1.fc24 php-nikic-fast-route-1.2.0-1.fc24 python-anyjson-0.3.3-14.fc24 python-cjson-1.1.0-9.fc24 python-defusedxml-0.5.0-1.fc24 python-diff-match-patch-20121119-1.fc24 qcad-3.16.5.0-1.fc24 system-config-firewall-1.2.29-15.fc24 tiptop-2.3-3.fc24 vim-8.0.324-1.fc24 xrootd-4.6.0-2.fc24 Details about builds: ================================================================================ cabal-rpm-0.11-1.fc24 (FEDORA-2017-c716c167a9) RPM packaging tool for Haskell Cabal-based packages -------------------------------------------------------------------------------- Update Information: - diff and update now follow package-version args - update from Hackage now follows "Default available version" - update tries to use juhp/stackage-query if installed to check latest Stackage version before falling back to latest Hackage - refresh command now reads the cabal-rpm version header in the spec file and installs that version of cabal-rpm under ~/.cblrpm/ and uses it to make patch -------------------------------------------------------------------------------- ================================================================================ fedfind-3.4.3-1.fc24 (FEDORA-2017-600fab683b) Fedora compose and image finder -------------------------------------------------------------------------------- Update Information: This update provides a new version of fedfind. The main change is that the synthesized metadata for non-Pungi 4 composes has been enhanced to include a `composeinfo` dict, and `disc_number` items in the image dicts. These changes are necessary for `resultsdb_conventions` to work with the synthesized metadata. Another change is that `fedfind.release.get_release(url='someurl')` will no longer return generic `Pungi4Compose` instances for URLs in unknown domains, as Patrick van Uiterwijk suggested it may constitute a potential security problem in some use cases. -------------------------------------------------------------------------------- ================================================================================ firewalld-0.4.4.3-1.fc24 (FEDORA-2017-5835043111) A firewall daemon with D-Bus interface providing a dynamic firewall -------------------------------------------------------------------------------- Update Information: - Rebase to firewalld-0.4.4.3 http://www.firewalld.org/2017/02/firewalld-0-4-4-3-release - Speed up of large file loading - Support for more ipset types - Speed up of adding or removing entries for ipsets from files - Support icmp-type usage in rich rules - Support for more icmp types - Support for h323 conntrack helper - New services - Code cleanup and several other bug fixes - Translation updates -------------------------------------------------------------------------------- ================================================================================ gimagereader-3.2.1-1.fc24 (FEDORA-2017-fc4df7929e) A front-end to tesseract-ocr -------------------------------------------------------------------------------- Update Information: Update to 3.2.1, see https://github.com/manisandro/gImageReader/releases/tag/v3.2.1 for details. -------------------------------------------------------------------------------- ================================================================================ kernel-4.9.9-100.fc24 (FEDORA-2017-92d84f68cf) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.9.9. update contains a number of important fixes across the tree -------------------------------------------------------------------------------- References: [ 1 ] Bug #1419848 - CVE-2017-5897 kernel: ip6_gre: Invalid reads in ip6gre_err https://bugzilla.redhat.com/show_bug.cgi?id=1419848 [ 2 ] Bug #1420276 - kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf https://bugzilla.redhat.com/show_bug.cgi?id=1420276 -------------------------------------------------------------------------------- ================================================================================ mozjs31-31.5.0-1.fc24 (FEDORA-2017-2900ec9751) JavaScript interpreter and libraries -------------------------------------------------------------------------------- Update Information: mozjs 31.5.0 release, including backported patches for gjs support. -------------------------------------------------------------------------------- ================================================================================ perl-Return-Type-0.005-1.fc24 (FEDORA-2017-edf1ce6598) Specify a return type for a function -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ perl-Sub-Infix-0.004-1.fc24 (FEDORA-2017-5a6a8404d9) Create a fake infix operator -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ php-deepend-Mockery-0.9.8-1.fc24 (FEDORA-2017-4d70b07e43) Mockery is a simple but flexible PHP mock object framework -------------------------------------------------------------------------------- Update Information: Update to upstream version **0.9.8**. As [changelog is missing](https://github.com/padraic/mockery/issues/644), see the [commit history](https://github.com/padraic/mockery/commits/0.9). -------------------------------------------------------------------------------- ================================================================================ php-nikic-fast-route-1.2.0-1.fc24 (FEDORA-2017-adf3262a90) Fast implementation of a regular expression based router -------------------------------------------------------------------------------- Update Information: Last upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1419369 - php-nikic-fast-route-v1.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1419369 -------------------------------------------------------------------------------- ================================================================================ python-anyjson-0.3.3-14.fc24 (FEDORA-2017-fdbfc46c14) Wraps the best available JSON implementation -------------------------------------------------------------------------------- Update Information: This update removes some parsers which have been dead for many years (and were never packaged for Fedora) from the anyjson list, and increases the priority of `cjson`. Note that `ujson` has been added to the top of the list in Fedora Rawhide (for Fedora 26+), but this cannot be done for Fedora 24 or 25 because the behaviour of `ujson` < 2.0 is unlike that of other parsers (it will make a strange attempt to serialize fundamentally non-serializable objects, like arbitrary classes), and backporting `ujson` 2.0 to those releases would be inappropriate (as things may be relying on its sloppy behaviour). -------------------------------------------------------------------------------- ================================================================================ python-cjson-1.1.0-9.fc24 (FEDORA-2017-abbfa3f1a9) Fast JSON encoder/decoder for Python -------------------------------------------------------------------------------- Update Information: This update prevents `python-cjson` from crashing when attempting to parse heavily nested JSON structures (which could be exploited for denial of service purposes, against any application that uses `python-cjson` to parse arbitrary input). -------------------------------------------------------------------------------- ================================================================================ python-defusedxml-0.5.0-1.fc24 (FEDORA-2017-6ff1da8a2b) XML bomb protection for Python stdlib modules -------------------------------------------------------------------------------- Update Information: This update provides version 0.5.0 of `python-defusedxml`. The main feature of this release is Python 3.6 compatibility, which affects only Fedora Rawhide, but it includes various other minor cleanups that are worth having for all distributions. This update is not provided for EPEL 6 as 0.5.0 drops compatibility with Python 2.6, which is the system Python version on EL 6. This update also enables the Python 3 subpackage on EPEL 7. -------------------------------------------------------------------------------- ================================================================================ python-diff-match-patch-20121119-1.fc24 (FEDORA-2017-33ab2cbca7) Algorithms for synchronzing plain text -------------------------------------------------------------------------------- Update Information: Python diff-match-patch needed for translate-toolkit-2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1379778 - Review Request: python-diff-match-patch - Algorithms for synchronizing plain text https://bugzilla.redhat.com/show_bug.cgi?id=1379778 -------------------------------------------------------------------------------- ================================================================================ qcad-3.16.5.0-1.fc24 (FEDORA-2017-a700d71cb8) Powerful 2D CAD system -------------------------------------------------------------------------------- Update Information: - Update to 3.16.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1417393 - Unexpected dependencies pulled in https://bugzilla.redhat.com/show_bug.cgi?id=1417393 -------------------------------------------------------------------------------- ================================================================================ system-config-firewall-1.2.29-15.fc24 (FEDORA-2017-1ee0fa600e) A graphical interface for basic firewall setup -------------------------------------------------------------------------------- Update Information: - Do not require iptables-ipv6, but iptables >= 1.4.16.2-4 - Fix build for F-26: autoreconf, add __pycache__ for some files -------------------------------------------------------------------------------- ================================================================================ tiptop-2.3-3.fc24 (FEDORA-2017-09da18e152) Performance monitoring tool based on hardware counters -------------------------------------------------------------------------------- Update Information: Fixes a crash when displaying the errors panel and none exist. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1141338 - [abrt] tiptop: show_error_win(): tiptop killed by SIGFPE https://bugzilla.redhat.com/show_bug.cgi?id=1141338 -------------------------------------------------------------------------------- ================================================================================ vim-8.0.324-1.fc24 (FEDORA-2017-9b2cf468d5) The VIM editor -------------------------------------------------------------------------------- Update Information: The newest upstream commit. -------------------------------------------------------------------------------- ================================================================================ xrootd-4.6.0-2.fc24 (FEDORA-2017-e12389b771) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: New version 4.6.0, release notes are here: https://github.com/xrootd/xrootd/blob/v4.6.0/docs/ReleaseNotes.txt -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
