Fedora 24 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 24 Security updates need testing:
 Age  URL
  94  https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08   squid-3.5.23-1.fc24
  87  https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08   exim-4.87.1-1.fc24
  49  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba   runc-1.0.0-5.rc2.gitc91b5be.fc24
  30  https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694   redis-3.2.8-1.fc24
   7  https://bodhi.fedoraproject.org/updates/FEDORA-2017-68cdc567e9   php-onelogin-php-saml-2.10.5-1.fc24
   7  https://bodhi.fedoraproject.org/updates/FEDORA-2017-05010f0b46   drupal8-8.2.7-1.fc24
   7  https://bodhi.fedoraproject.org/updates/FEDORA-2017-66593c367e   qbittorrent-3.3.11-2.fc24
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f38995622   webkitgtk4-2.16.0-1.fc24
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-712ffce24d   sscg-2.0.4-1.fc24
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2480c7f50   erlang-18.3.4.5-2.fc24
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-0fcaf52f1a   moodle-3.1.5-1.fc24
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-9e1ccfe586   firefox-52.0-6.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f5fe1913f   sane-backends-1.0.25-7.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab5fa91445   samba-4.4.12-0.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-7accc8010b   pcs-0.9.156-2.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-72323a442f   ntp-4.2.6p5-44.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-7980b5e846   tcpreplay-4.2.1-1.fc24


The following Fedora 24 Critical Path updates have yet to be approved:
 Age URL
   7  https://bodhi.fedoraproject.org/updates/FEDORA-2017-da0912d205   cryptsetup-1.7.4-1.fc24
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-b643ea40f4   nss-3.29.3-1.0.fc24 nss-softokn-3.29.3-1.0.fc24 nss-util-3.29.3-1.0.fc24
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-9850301127   kde-settings-24-8.fc24.1
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-9e1ccfe586   firefox-52.0-6.fc24
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-604155a301   vim-8.0.502-1.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ab5fa91445   samba-4.4.12-0.fc24


The following builds have been pushed to Fedora 24 updates-testing

    GeoIP-1.6.9-4.fc24
    armadillo-7.800.2-1.fc24
    jovie-16.12.3-1.fc24
    kaccessible-16.12.3-1.fc24
    kcron-16.12.3-1.fc24
    kf5-kross-interpreters-16.12.3-1.fc24
    kmag-16.12.3-1.fc24
    kmousetool-16.12.3-1.fc24
    kmouth-16.12.3-1.fc24
    ksystemlog-16.12.3-1.fc24
    nrpe-3.0.1-6.fc24
    ntp-4.2.6p5-44.fc24
    pcs-0.9.156-2.fc24
    perl-DateTime-Format-Flexible-0.28-1.fc24
    perl-HTML-Selector-XPath-0.23-1.fc24
    pkgconf-1.3.2-1.fc24
    plasma-workspace-5.8.6-5.fc24
    samba-4.4.12-0.fc24
    sane-backends-1.0.25-7.fc24
    speedtest-cli-1.0.2-1.fc24
    tcpreplay-4.2.1-1.fc24
    vdr-epg-daemon-1.1.114-1.fc24
    vdr-epg2vdr-1.1.55-1.fc24
    znc-1.6.5-1.fc24

Details about builds:


================================================================================
 GeoIP-1.6.9-4.fc24 (FEDORA-2017-d8033000d4)
 Library for country/city/organization to IP address or hostname mapping
--------------------------------------------------------------------------------
Update Information:

Fix GeoIP_database_info truncation issue:  * https://github.com/maxmind/geoip-
api-c/issues/79 * https://github.com/maxmind/geoip-api-c/pull/80
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1426853 - GeoIP_database_info is not returning full string from database
        https://bugzilla.redhat.com/show_bug.cgi?id=1426853
--------------------------------------------------------------------------------


================================================================================
 armadillo-7.800.2-1.fc24 (FEDORA-2017-d6c7a74d9e)
 Fast C++ matrix library with syntax similar to MATLAB and Octave
--------------------------------------------------------------------------------
Update Information:

Update to the latest stable release. This is a minor update that fixes some
small issues regarding:  * the display of complex or real number; * the
documentation.
--------------------------------------------------------------------------------


================================================================================
 jovie-16.12.3-1.fc24 (FEDORA-2017-73f6ee75ea)
 Text to speech support
--------------------------------------------------------------------------------
Update Information:

KDE Accessibility Applications 16.12.3, https://www.kde.org/announcements
/announce-applications-16.12.3.php
--------------------------------------------------------------------------------


================================================================================
 kaccessible-16.12.3-1.fc24 (FEDORA-2017-73f6ee75ea)
 An accessibility bridge plugin
--------------------------------------------------------------------------------
Update Information:

KDE Accessibility Applications 16.12.3, https://www.kde.org/announcements
/announce-applications-16.12.3.php
--------------------------------------------------------------------------------


================================================================================
 kcron-16.12.3-1.fc24 (FEDORA-2017-e211adbc17)
 Cron KDE configuration module
--------------------------------------------------------------------------------
Update Information:

KDE Admin Applications 16.12.3, https://www.kde.org/announcements/announce-
applications-16.12.3.php
--------------------------------------------------------------------------------


================================================================================
 kf5-kross-interpreters-16.12.3-1.fc24 (FEDORA-2017-ea0b07a869)
 Kross interpreters for KDE Frameworks 5
--------------------------------------------------------------------------------
Update Information:

KDE Bindings 16.12.3, https://www.kde.org/announcements/announce-
applications-16.12.3.php
--------------------------------------------------------------------------------


================================================================================
 kmag-16.12.3-1.fc24 (FEDORA-2017-73f6ee75ea)
 A screen magnifier
--------------------------------------------------------------------------------
Update Information:

KDE Accessibility Applications 16.12.3, https://www.kde.org/announcements
/announce-applications-16.12.3.php
--------------------------------------------------------------------------------


================================================================================
 kmousetool-16.12.3-1.fc24 (FEDORA-2017-73f6ee75ea)
 A program that clicks the mouse for you
--------------------------------------------------------------------------------
Update Information:

KDE Accessibility Applications 16.12.3, https://www.kde.org/announcements
/announce-applications-16.12.3.php
--------------------------------------------------------------------------------


================================================================================
 kmouth-16.12.3-1.fc24 (FEDORA-2017-73f6ee75ea)
 A program that speaks for you
--------------------------------------------------------------------------------
Update Information:

KDE Accessibility Applications 16.12.3, https://www.kde.org/announcements
/announce-applications-16.12.3.php
--------------------------------------------------------------------------------


================================================================================
 ksystemlog-16.12.3-1.fc24 (FEDORA-2017-e211adbc17)
 System Log Viewer for KDE
--------------------------------------------------------------------------------
Update Information:

KDE Admin Applications 16.12.3, https://www.kde.org/announcements/announce-
applications-16.12.3.php
--------------------------------------------------------------------------------


================================================================================
 nrpe-3.0.1-6.fc24 (FEDORA-2017-8f92515d27)
 Host/service/network monitoring agent for Nagios
--------------------------------------------------------------------------------
Update Information:

Bring up nrpe to fixes in upstream git to lower noise.  ----  update to 3.0.1
tree to deal with mismatch
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #970997 - Allow multiple packets to be received
        https://bugzilla.redhat.com/show_bug.cgi?id=970997
  [ 2 ] Bug #1236081 - nrpe: /var/run/nrpe owner mismatch
        https://bugzilla.redhat.com/show_bug.cgi?id=1236081
  [ 3 ] Bug #1318773 - nrpe.service sets User/Group, prevents normal .cfg user/group setting
        https://bugzilla.redhat.com/show_bug.cgi?id=1318773
  [ 4 ] Bug #1412214 - NRPE systemd service file does not support reload command
        https://bugzilla.redhat.com/show_bug.cgi?id=1412214
  [ 5 ] Bug #1428769 - NRPE uses nagios log dir for pid file
        https://bugzilla.redhat.com/show_bug.cgi?id=1428769
--------------------------------------------------------------------------------


================================================================================
 ntp-4.2.6p5-44.fc24 (FEDORA-2017-72323a442f)
 The NTP daemon and utilities
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2017-6464 CVE-2017-6462 CVE-2017-6463 CVE-2017-6458
CVE-2017-6451.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1434011 - CVE-2017-6451 ntp: Improper use of snprintf() in mx4200_send()
        https://bugzilla.redhat.com/show_bug.cgi?id=1434011
  [ 2 ] Bug #1434005 - CVE-2017-6458 ntp: Potential Overflows in ctl_put() functions
        https://bugzilla.redhat.com/show_bug.cgi?id=1434005
  [ 3 ] Bug #1434002 - CVE-2017-6463 ntp: Authenticated DoS via Malicious Config Option
        https://bugzilla.redhat.com/show_bug.cgi?id=1434002
  [ 4 ] Bug #1433995 - CVE-2017-6462 ntp: Buffer Overflow in DPTS Clock
        https://bugzilla.redhat.com/show_bug.cgi?id=1433995
  [ 5 ] Bug #1433987 - CVE-2017-6464 ntp: Denial of Service via Malformed Config
        https://bugzilla.redhat.com/show_bug.cgi?id=1433987
--------------------------------------------------------------------------------


================================================================================
 pcs-0.9.156-2.fc24 (FEDORA-2017-7accc8010b)
 Pacemaker Configuration System
--------------------------------------------------------------------------------
Update Information:

- Security fix for CVE-2017-2661: Improper node name field validation when
creating clusters leads to XSS - Re-added support for clufter as it is now
available for Python 3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1428948 - CVE-2017-2661 pcs: Improper node name field validation when creating clusters leads to XSS
        https://bugzilla.redhat.com/show_bug.cgi?id=1428948
--------------------------------------------------------------------------------


================================================================================
 perl-DateTime-Format-Flexible-0.28-1.fc24 (FEDORA-2017-fcc7838c08)
 Flexibly parse strings and turn them into DateTime objects
--------------------------------------------------------------------------------
Update Information:

This release fixes tests to work on Perl without "." in @INC path. We deliver
this release to provide up-to-date version string.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1435489 - perl-DateTime-Format-Flexible-0.28 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1435489
--------------------------------------------------------------------------------


================================================================================
 perl-HTML-Selector-XPath-0.23-1.fc24 (FEDORA-2017-4a4389246a)
 CSS Selector to XPath compiler
--------------------------------------------------------------------------------
Update Information:

     ----
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1435194 - Upgrade perl-HTML-Selector-XPath to 0.22
        https://bugzilla.redhat.com/show_bug.cgi?id=1435194
--------------------------------------------------------------------------------


================================================================================
 pkgconf-1.3.2-1.fc24 (FEDORA-2017-5422ba5bce)
 Package compiler and linker metadata toolkit
--------------------------------------------------------------------------------
Update Information:

- **Features**:     - implement `--short-errors`  - **Bug fixes**:     - only
consider a single package at a time with `--print-requires`, `--print-requires-
private`, `--print-provides`, `--modversion`, `--print-variable` and `--print-
variables`     - rewrite handling of `--modversion`, `--print-variables` and
`--variable` to not require the dependency resolver  - Enhancements:     -
synchronized latest freedesktop.org changes to pkg.m4     - improve error
reporting with legacy `--atleast-version` and similar flags
--------------------------------------------------------------------------------


================================================================================
 plasma-workspace-5.8.6-5.fc24 (FEDORA-2017-598bc8a1c3)
 Plasma workspace, applications and applets
--------------------------------------------------------------------------------
Update Information:

Pull in some 5.8 fixes, including one for a potential crash-on-logout.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1434870 - plasma closed UNexpectedly during logout
        https://bugzilla.redhat.com/show_bug.cgi?id=1434870
--------------------------------------------------------------------------------


================================================================================
 samba-4.4.12-0.fc24 (FEDORA-2017-ab5fa91445)
 Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
Update Information:

Security fix for CVE-2017-2619
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1429472 - CVE-2017-2619 samba: symlink race permits opening files outside share directory
        https://bugzilla.redhat.com/show_bug.cgi?id=1429472
--------------------------------------------------------------------------------


================================================================================
 sane-backends-1.0.25-7.fc24 (FEDORA-2017-0f5fe1913f)
 Scanner access software
--------------------------------------------------------------------------------
Update Information:

CVE-2017-6318 sane-backends: SANE_NET_CONTROL_OPTION response packet may contain
memory contents of the server [fedora-all]   ----  This update adds the "skip-
adf" option to the avision driver. This let users work around problems on HP
ScanJet 82xx/83xx scanners with no automatic document feeder attached.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1428886 - CVE-2017-6318 sane-backends: SANE_NET_CONTROL_OPTION response packet may contain memory contents of the server [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1428886
  [ 2 ] Bug #1288712 - Fix for HP8200 scanners: ADF infinite loop [patch]
        https://bugzilla.redhat.com/show_bug.cgi?id=1288712
--------------------------------------------------------------------------------


================================================================================
 speedtest-cli-1.0.2-1.fc24 (FEDORA-2017-fa79b0c9f7)
 Command line interface for testing internet bandwidth
--------------------------------------------------------------------------------
Update Information:

Updated to 1.0.2
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1395369 - [abrt] speedtest-cli: ssl.py:575:read:socket.timeout: The read operation timed out
        https://bugzilla.redhat.com/show_bug.cgi?id=1395369
  [ 2 ] Bug #1387821 - [abrt] speedtest-cli: ssl.py:570:read:socket.timeout: The read operation timed out
        https://bugzilla.redhat.com/show_bug.cgi?id=1387821
  [ 3 ] Bug #1361822 - kpcli-3.1 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1361822
--------------------------------------------------------------------------------


================================================================================
 tcpreplay-4.2.1-1.fc24 (FEDORA-2017-7980b5e846)
 Replay captured network traffic
--------------------------------------------------------------------------------
Update Information:

Here is what is fixed in this release:  - Fix reporting of rates < 1Mbps (#348)
- Option --unique-ip not working properly (#346)  ----  Features and fixes
include:  - MAC rewriting capabilities by Pedro Arthur (#313) - Fix several
issues identified by Coverity (#305) - Packet distortion --fuzz-seed option by
Gabriel Ganne (#302) - Add --unique-ip-loops option to modify IPs every few
loops (#296) - Netmap startup delay increase (#290) - tcpcapinfo buffer overflow
vulnerablily (#278) - Update git-clone instructions by Kyle McDonald (#277) -
Allow fractions for --pps option (#270) - Print per-loop stats with --stats=0
(#269) - Add protection against packet drift by Guillaume Scott (#268) - Print
flow stats periodically with --stats output (#262) - Include Travis-CI build
support by Ilya Shipitsin (#264) (#285) - tcpreplay won't replay all packets in
a pcap file with --netmap  (#255) - First and last packet times in --stats
output (#239) - Switch to wire speed after 30 minutes at 6 Gbps (#210) -
tcprewrite fix checksum properly for fragmented packets (#190)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1429521 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [epel-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1429521
  [ 2 ] Bug #1429522 - CVE-2017-6429 tcpreplay: Buffer overflow in Tcpcapinfo utility [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1429522
--------------------------------------------------------------------------------


================================================================================
 vdr-epg-daemon-1.1.114-1.fc24 (FEDORA-2017-5ea1445c73)
 A daemon to download EPG data from internet and manage it in a mysql database
--------------------------------------------------------------------------------
Update Information:

Update to 1.1.114  ----  Update to 1.1.112  ----  Update to 1.1.110  ----
Update to 1.1.108  ----  Update to 1.1.107  ----  Update to 1.1.106  ----
Update to 1.1.103  ----  Update to 1.1.102  ----  Update to 1.1.101  ----
Update to 1.1.100  ----  Update to 1.1.99  ----  Changed INIT_AFTER to
mariadb.service in Make.config  ----  Update to 1.1.97  ----  Update to 1.1.95
----  Update to 1.94  ----  Update to 1.1.93  ----  Update to 1.1.91  ----
Update to 1.1.90  ----  Update to 1.1.89
--------------------------------------------------------------------------------


================================================================================
 vdr-epg2vdr-1.1.55-1.fc24 (FEDORA-2017-ef33faae02)
 A plugin to retrieve EPG data from a mysql database into VDR
--------------------------------------------------------------------------------
Update Information:

Update to 1.1.55  ----  Update to 1.1.52  ----  Update to 1.1.50  ----  Update
to 1.1.49  ----  Update to 1.1.48  ----  Update to 1.1.47  ----  Update to
1.1.46
--------------------------------------------------------------------------------


================================================================================
 znc-1.6.5-1.fc24 (FEDORA-2017-2e003ea693)
 An advanced IRC bouncer
--------------------------------------------------------------------------------
Update Information:

Update to 1.6.5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1429068 - znc-1.6.5 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1429068
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux