The following Fedora 24 Security updates need testing: Age URL 78 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 72 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 34 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9a5b89363f libwmf-0.2.8.4-50.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694 redis-3.2.8-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-25df1dbd02 munin-2.0.30-5.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-aaf92c483c php-pear-PHP-CodeSniffer-2.8.1-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d2bab54ac9 GraphicsMagick-1.3.25-6.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3b97b275da mupdf-1.10a-4.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b011e8c922 kdelibs-4.14.29-2.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01eed6fe8c kdelibs3-3.5.10-84.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-783e8fa63e w3m-0.5.3-30.git20170102.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5b32a5782b tor-0.2.9.10-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ce66f11df1 deluge-1.3.14-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2258cfb450 ettercap-0.8.2-4.1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-788129b61c rpm-ostree-2017.3-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9298770ff8 qbittorrent-3.3.11-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-936a79ee30 tcpreplay-4.1.2-3.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e0b84ffad wordpress-4.7.3-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e8460ebed6 icoutils-0.31.2-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f3484d64d2 firefox-52.0-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3bd0b2e2c0 libupnp-1.6.21-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2e1f3694b2 kernel-4.9.13-101.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6558bc25bc sscg-2.0.3-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e63f2f0d11 thunderbird-45.8.0-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a6183d9d27 lorax-24.22-1.fc24 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-efd3683a66 audit-2.7.3-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8a48514287 pcre-8.40-5.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b011e8c922 kdelibs-4.14.29-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f3484d64d2 firefox-52.0-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ca1228d688 hwdata-0.298-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7776280745 vim-8.0.425-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6f5549170b perl-5.22.3-370.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e63f2f0d11 thunderbird-45.8.0-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e59e8d202e libgdata-0.17.7-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2e1f3694b2 kernel-4.9.13-101.fc24 The following builds have been pushed to Fedora 24 updates-testing bionetgen-2.2.6-7.fc24 cinnamon-screensaver-3.2.14-0.3.20170308git55a26c2.fc24 composer-1.4.0-1.fc24 flashrom-0.9.9-2.fc24 gnome-software-3.22.6-1.fc24 kernel-4.9.13-101.fc24 ksh-20120801-31.fc24 libappstream-glib-0.6.10-1.fc24 libgdata-0.17.7-1.fc24 libguestfs-1.34.6-1.fc24 nodejs-emojione-2.2.7-1.fc24 perl-5.22.3-370.fc24 perl-Apache-LogFormat-Compiler-0.35-1.fc24 perl-Test-Script-1.16-1.fc24 php-rmccue-requests-1.7.0-2.fc24 python-aexpect-1.3.1-1.fc24 python-assimulo-2.9-12.fc24 python-idstools-0.5.6-5.fc24 python-openpyxl-2.4.5-1.fc24 python-persistent-4.2.3-1.fc24 python-pyroute2-0.4.13-1.fc24 sscg-2.0.3-1.fc24 sundials-2.7.0-10.fc24 terminator-1.91-2.fc24 thunderbird-45.8.0-1.fc24 xen-4.6.5-1.fc24 Details about builds: ================================================================================ bionetgen-2.2.6-7.fc24 (FEDORA-2017-5e9002ffed) Software for rule-based modeling of biochemical systems -------------------------------------------------------------------------------- Update Information: - Add KLU support to sundials - Build Sundials OpenMPI libraries on EPEL - Bionetgen rebuilds - python-assimulo rebuilds -------------------------------------------------------------------------------- References: [ 1 ] Bug #1428644 - sundials is not compled to support KLU https://bugzilla.redhat.com/show_bug.cgi?id=1428644 -------------------------------------------------------------------------------- ================================================================================ cinnamon-screensaver-3.2.14-0.3.20170308git55a26c2.fc24 (FEDORA-2017-14ce655a4f) Cinnamon Screensaver -------------------------------------------------------------------------------- Update Information: Update to latest git -------------------------------------------------------------------------------- References: [ 1 ] Bug #1429559 - [abrt] cinnamon-screensaver: passwordEntry.py:217:restore_original_layout:AttributeError: 'PasswordEntry' object has no attribute 'original_group' https://bugzilla.redhat.com/show_bug.cgi?id=1429559 -------------------------------------------------------------------------------- ================================================================================ composer-1.4.0-1.fc24 (FEDORA-2017-b7001eff09) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.4.0** - 2017-03-08 * Improved memory usage of dependency solver * Added `--format json` option to the `outdated` and `show` command to get machine readable package listings * Added `--ignore-filters` flag to `archive` command to bypass the .gitignore and co * Added support for `outdated` output without ansi colors * Added support for Bitbucket API v2 * Changed the require command to follow minimum-stability / prefer-stable values when picking a version * Fixed regression when using composer in a Mercurial repository ---- **Version 1.3.3** * Improved baseline psr-4 autoloader performance for projects with many nested namespaces configured * Fixed issues with gitlab API access when the token had insufficient permissions * Fixed some HHVM strict type issues * Fixed version guessing of headless git checkouts in some conditions * Fixed compatibility with subversion 1.8 * Fixed version guessing not working with svn/hg * Fixed script/exec errors not being output correctly * Fixed PEAR repository bug with pear.php.net -------------------------------------------------------------------------------- ================================================================================ flashrom-0.9.9-2.fc24 (FEDORA-2017-e0e0301560) Simple program for reading/writing flash chips content -------------------------------------------------------------------------------- Update Information: * Fixed udev rule ---- * Ver. 0.9.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1330205 - Wrong udev rules (stilll uses plugdev instead of uaccess) https://bugzilla.redhat.com/show_bug.cgi?id=1330205 [ 2 ] Bug #1322046 - update to flashrom-0.9.9 https://bugzilla.redhat.com/show_bug.cgi?id=1322046 [ 3 ] Bug #1423567 - flashrom: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1423567 [ 4 ] Bug #1276518 - It would be nice if "flashrom" is built w/ ft2232_spi https://bugzilla.redhat.com/show_bug.cgi?id=1276518 [ 5 ] Bug #1228855 - flashrom does not support FT2232 232H https://bugzilla.redhat.com/show_bug.cgi?id=1228855 -------------------------------------------------------------------------------- ================================================================================ gnome-software-3.22.6-1.fc24 (FEDORA-2017-1f0ab4b5f8) A software center for GNOME -------------------------------------------------------------------------------- Update Information: gnome-software 3.22.6 release. * Add support for RuntimeRepo in flatpakref files * Avoid requesting elevated privileges just for viewing flatpakref details * Fix launching flatpak apps after updating * Install needed Flatpak runtimes when updating an app * Do not show related flatpak runtimes as separate entries * Improve internal locking, hopefully fixing a few hard-to- debug crashes * Fix a large memory leak in the steam plugin * Add keywords to match web apps and input methods * Fix a few user interface papercuts This release also updates translations. -------------------------------------------------------------------------------- ================================================================================ kernel-4.9.13-101.fc24 (FEDORA-2017-2e1f3694b2) The Linux kernel -------------------------------------------------------------------------------- Update Information: This is an update containing several CVE and other misc fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1428907 - CVE-2017-6353 kernel: Possible double free in stcp_sendmsg() (incorrect fix for CVE-2017-5986) https://bugzilla.redhat.com/show_bug.cgi?id=1428907 [ 2 ] Bug #1427239 - CVE-2017-5669 kernel: Shmat allows mmap null page protection bypass https://bugzilla.redhat.com/show_bug.cgi?id=1427239 -------------------------------------------------------------------------------- ================================================================================ ksh-20120801-31.fc24 (FEDORA-2017-b0e56d12a8) The Original ATT Korn Shell -------------------------------------------------------------------------------- Update Information: update to latest patch set -------------------------------------------------------------------------------- ================================================================================ libappstream-glib-0.6.10-1.fc24 (FEDORA-2017-1f0ab4b5f8) Library for AppStream metadata -------------------------------------------------------------------------------- Update Information: gnome-software 3.22.6 release. * Add support for RuntimeRepo in flatpakref files * Avoid requesting elevated privileges just for viewing flatpakref details * Fix launching flatpak apps after updating * Install needed Flatpak runtimes when updating an app * Do not show related flatpak runtimes as separate entries * Improve internal locking, hopefully fixing a few hard-to- debug crashes * Fix a large memory leak in the steam plugin * Add keywords to match web apps and input methods * Fix a few user interface papercuts This release also updates translations. -------------------------------------------------------------------------------- ================================================================================ libgdata-0.17.7-1.fc24 (FEDORA-2017-e59e8d202e) Library for the GData protocol -------------------------------------------------------------------------------- Update Information: libgdata 0.17.7 release. For details, see https://mail.gnome.org/archives/ftp- release-list/2017-March/msg00022.html -------------------------------------------------------------------------------- ================================================================================ libguestfs-1.34.6-1.fc24 (FEDORA-2017-019dc7fe4d) Access and modify virtual machine disk images -------------------------------------------------------------------------------- Update Information: New stable branch version 1.34.6. -------------------------------------------------------------------------------- ================================================================================ nodejs-emojione-2.2.7-1.fc24 (FEDORA-2017-6968e58365) EmojiOne is a complete set of emojis designed for the web -------------------------------------------------------------------------------- Update Information: Bump to 2.2.7 -------------------------------------------------------------------------------- ================================================================================ perl-5.22.3-370.fc24 (FEDORA-2017-6f5549170b) Practical Extraction and Report Language -------------------------------------------------------------------------------- Update Information: This release fixes a null-pointer dereference on malformed code, a use-after- free in substr() that modifies a magic variable, a memory leak leak in Perl_reg_named_buff_fetch(), and a heap-use-after-free in four-arguments substr() call. -------------------------------------------------------------------------------- ================================================================================ perl-Apache-LogFormat-Compiler-0.35-1.fc24 (FEDORA-2017-a2bad75009) Compile a log format string to perl-code -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ perl-Test-Script-1.16-1.fc24 (FEDORA-2017-dfe61b4f54) Cross-platform basic tests for scripts -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- ================================================================================ php-rmccue-requests-1.7.0-2.fc24 (FEDORA-2017-39d19fc2a4) Requests for PHP is a humble HTTP request library -------------------------------------------------------------------------------- Update Information: New package needed as a dependency for [Ampache](https://fedoraproject.org/wiki/Ampache) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1424839 - Review Request: php-rmccue-requests - Requests for PHP is a humble HTTP request library https://bugzilla.redhat.com/show_bug.cgi?id=1424839 -------------------------------------------------------------------------------- ================================================================================ python-aexpect-1.3.1-1.fc24 (FEDORA-2017-94bb07357b) A python library to control interactive applications -------------------------------------------------------------------------------- Update Information: Sync python-aexpect with latest upstream release containing a bug fix. -------------------------------------------------------------------------------- ================================================================================ python-assimulo-2.9-12.fc24 (FEDORA-2017-5e9002ffed) Ordinary differential and differential algebraic equations solver -------------------------------------------------------------------------------- Update Information: - Add KLU support to sundials - Build Sundials OpenMPI libraries on EPEL - Bionetgen rebuilds - python-assimulo rebuilds -------------------------------------------------------------------------------- References: [ 1 ] Bug #1428644 - sundials is not compled to support KLU https://bugzilla.redhat.com/show_bug.cgi?id=1428644 -------------------------------------------------------------------------------- ================================================================================ python-idstools-0.5.6-5.fc24 (FEDORA-2017-56837cefd5) Snort and Suricata Rule and Event Utilities -------------------------------------------------------------------------------- Update Information: upstream update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1430020 - Update python-idstools to v0.5.6. https://bugzilla.redhat.com/show_bug.cgi?id=1430020 -------------------------------------------------------------------------------- ================================================================================ python-openpyxl-2.4.5-1.fc24 (FEDORA-2017-cb1564c9db) Python library to read/write Excel 2010 xlsx/xlsm files -------------------------------------------------------------------------------- Update Information: Update to 2.4.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1430161 - python-openpyxl-2.4.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1430161 -------------------------------------------------------------------------------- ================================================================================ python-persistent-4.2.3-1.fc24 (FEDORA-2017-deac35413e) Translucent persistent python objects -------------------------------------------------------------------------------- Update Information: Changes in version 4.2.3: - Fix the hashcode of Python ``TimeStamp`` objects on 64-bit Python on Windows. See https://github.com/zopefoundation/persistent/pull/55 - Stop calling ``gc.collect`` every time ``PickleCache.incrgc`` is called (every transaction boundary) in pure-Python mode (PyPy). This means that the reported size of the cache may be wrong (until the next GC), but it is much faster. This should not have any observable effects for user code. - Stop clearing the dict and slots of objects added to ``PickleCache.new_ghost`` (typically these values are passed to ``__new__`` from the pickle data) in pure-Python mode (PyPy). This matches the behaviour of the C code. - Add support for Python 3.6. - Fix ``__setstate__`` interning when ``state`` parameter is not a built-in dict -------------------------------------------------------------------------------- ================================================================================ python-pyroute2-0.4.13-1.fc24 (FEDORA-2017-9ce1c7d8ea) Pure Python netlink library -------------------------------------------------------------------------------- Update Information: upgrade to 0.4.13 -------------------------------------------------------------------------------- ================================================================================ sscg-2.0.3-1.fc24 (FEDORA-2017-6558bc25bc) Simple SSL certificate generator -------------------------------------------------------------------------------- Update Information: Update to the latest upstream release. This release reduces dependencies considerably and tightens security. It is recommended that everyone upgrade to this release. -------------------------------------------------------------------------------- ================================================================================ sundials-2.7.0-10.fc24 (FEDORA-2017-a523ff119c) Suite of nonlinear solvers -------------------------------------------------------------------------------- Update Information: - Add KLU support - Build OpenMPI libraries on EPEL -------------------------------------------------------------------------------- References: [ 1 ] Bug #1428644 - sundials is not compled to support KLU https://bugzilla.redhat.com/show_bug.cgi?id=1428644 -------------------------------------------------------------------------------- ================================================================================ terminator-1.91-2.fc24 (FEDORA-2017-d1e9194d81) Store and run multiple GNOME terminals in one window -------------------------------------------------------------------------------- Update Information: This brings the new Terminator 1.91 including a bugfix to a Fedora box near you. -------------------------------------------------------------------------------- ================================================================================ thunderbird-45.8.0-1.fc24 (FEDORA-2017-e63f2f0d11) Mozilla Thunderbird mail/newsgroup client -------------------------------------------------------------------------------- Update Information: For changes see: https://www.mozilla.org/en-US/thunderbird/45.8.0/releasenotes/ -------------------------------------------------------------------------------- ================================================================================ xen-4.6.5-1.fc24 (FEDORA-2017-4b987f6dd4) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: update to xen-4.6.5 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
