The following Fedora 24 Security updates need testing: Age URL 101 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 94 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 57 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 37 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694 redis-3.2.8-1.fc24 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-68cdc567e9 php-onelogin-php-saml-2.10.5-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f5fe1913f sane-backends-1.0.25-7.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7accc8010b pcs-0.9.156-2.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-72323a442f ntp-4.2.6p5-44.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-97e65f13bb python-sleekxmpp-1.3.2-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-97d7758431 firebird-2.5.7.27050.0-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e6419b416d xen-4.6.5-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-712a186f5f icecat-52.0.1-5.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8eac23007d xorgxrdp-0.2.1-1.fc24 xrdp-0.9.2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-461ce095b5 samba-4.4.13-0.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec01954fe9 chromium-57.0.2987.133-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3d7c3f66ae pcre-8.40-6.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-47eb254e1c vim-8.0.514-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-58d5521965 linux-firmware-20170313-72.git695f2d6d.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6189eb6f22 gvfs-1.28.4-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e50ea71b16 audit-2.7.4-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2b5b9751fd firefox-52.0-7.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-461ce095b5 samba-4.4.13-0.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-af9f3f0102 cups-2.1.4-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-470e502a7d libdrm-2.4.76-1.fc24 The following builds have been pushed to Fedora 24 updates-testing chromium-57.0.2987.133-1.fc24 groonga-7.0.1-1.fc24 groonga-normalizer-mysql-1.1.1-1.fc24 mame-0.184-1.fc24 os-autoinst-4.4-17.20170329gitd8f75d2.fc24 php-aws-sdk3-3.25.0-1.fc24 pluma-1.16.1-1.fc24 python-bugzilla-2.1.0-1.fc24 qcad-3.16.7.0-1.fc24 rpkg-1.49-2.fc24 samba-4.4.13-0.fc24 starcal-3.0.6-1.fc24 tomcat-8.0.42-1.fc24 xorgxrdp-0.2.1-1.fc24 xrdp-0.9.2-1.fc24 Details about builds: ================================================================================ chromium-57.0.2987.133-1.fc24 (FEDORA-2017-ec01954fe9) A WebKit (Blink) powered web browser -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1437353 - CVE-2017-5053 chromium-browser: out of bounds memory access in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1437353 [ 2 ] Bug #1437352 - CVE-2017-5056 chromium-browser: use after free in blink https://bugzilla.redhat.com/show_bug.cgi?id=1437352 [ 3 ] Bug #1437351 - CVE-2017-5052 chromium-browser: bad cast in blink https://bugzilla.redhat.com/show_bug.cgi?id=1437351 [ 4 ] Bug #1437350 - CVE-2017-5054 chromium-browser: heap buffer overflow in v8 https://bugzilla.redhat.com/show_bug.cgi?id=1437350 [ 5 ] Bug #1437348 - CVE-2017-5055 chromium-browser: use after free in printing https://bugzilla.redhat.com/show_bug.cgi?id=1437348 -------------------------------------------------------------------------------- ================================================================================ groonga-7.0.1-1.fc24 (FEDORA-2017-7e68693ffb) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information: See http://groonga.org/en/blog/2017/03/29/groonga-7.0.1.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1420563 - groonga-7.0.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1420563 [ 2 ] Bug #1415675 - groonga-6.1.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1415675 -------------------------------------------------------------------------------- ================================================================================ groonga-normalizer-mysql-1.1.1-1.fc24 (FEDORA-2017-46feadb261) MySQL compatible normalizer plugin for Groonga -------------------------------------------------------------------------------- Update Information: new upstream release. -------------------------------------------------------------------------------- ================================================================================ mame-0.184-1.fc24 (FEDORA-2017-f5d2a4a48a) Multiple Arcade Machine Emulator -------------------------------------------------------------------------------- Update Information: An update to the latest mame release: * http://mamedev.org/?p=441 -------------------------------------------------------------------------------- ================================================================================ os-autoinst-4.4-17.20170329gitd8f75d2.fc24 (FEDORA-2017-c14bc258ff) OS-level test automation -------------------------------------------------------------------------------- Update Information: This update provides an updated git snapshot of os-autoinst, containing several fixes that are useful for Fedora deployments. The openQA update fixes some problems with tagging builds as 'important', one of which was preventing us doing this for Fedora builds. -------------------------------------------------------------------------------- ================================================================================ php-aws-sdk3-3.25.0-1.fc24 (FEDORA-2017-cf986e793e) Amazon Web Services framework for PHP -------------------------------------------------------------------------------- Update Information: ## 3.25.0 - 2017-03-31 * `Aws\CloudFormation` - Adding paginators for ListExports and ListImports * `Aws\CloudFront` - Amazon CloudFront now supports user configurable HTTP Read and Keep-Alive Idle Timeouts for your Custom Origin Servers * `Aws\ResourceGroupsTaggingAPI` - Resource Groups Tagging APIs can help you organize your resources and enable you to simplify resource management, access management, and cost allocation. * `Aws\StorageGateway` - File gateway mode in AWS Storage gateway provides access to objects in S3 as files on a Network File System (NFS) mount point. Once a file share is created, any changes made externally to the S3 bucket will not be reflected by the gateway. Using the cache refresh feature in this update, the customer can trigger an on-demand scan of the keys in their S3 bucket and refresh the file namespace cached on the gateway. It takes as an input the fileShare ARN and refreshes the cache for only that file share. Additionally there is new functionality on file gateway that allows you configure what squash options they would like on their file share, this allows a customer to configure their gateway to not squash root permissions. This can be done by setting options in NfsOptions for CreateNfsFileShare and UpdateNfsFileShare APIs. ## 3.24.9 - 2017-03-28 * `Aws\Batch` - Customers can now provide a retryStrategy as part of the RegisterJobDefinition and SubmitJob API calls. The retryStrategy object has a number value for attempts. This is the number of non successful executions before a job is considered FAILED. In addition, the JobDetail object now has an attempts field and shows all execution attempts. * `Aws\EC2` - Customers can now tag their Amazon EC2 Instances and Amazon EBS Volumes at the time of their creation. You can do this from the EC2 Instance launch wizard or through the RunInstances or CreateVolume APIs. By tagging resources at the time of creation, you can eliminate the need to run custom tagging scripts after resource creation. In addition, you can now set resource-level permissions on the CreateVolume, CreateTags, DeleteTags, and the RunInstances APIs. This allows you to implement stronger security policies by giving you more granular control over which users and groups have access to these APIs. You can also enforce the use of tagging and control what tag keys and values are set on your resources. When you combine tag usage and resource-level IAM policies together, you can ensure your instances and volumes are properly secured upon creation and achieve more accurate cost allocation reporting. These new features are provided at no additional cost. ## 3.24.8 - 2017-03-27 * `Aws\SSM` - Updated validation rules for SendCommand and RegisterTaskWithMaintenanceWindow APIs ## 3.24.7 - 2017-03-23 * `Aws\ApplicationAutoScaling` - Application AutoScaling is launching support for a new target resource (AppStream 2.0 Fleets) as a scalable target. ## 3.24.6 - 2017-03-22 * `Aws\ApplicationDiscoveryService` - Adds export configuration options to the AWS Discovery Service API. * `Aws\ElasticLoadBalancingv2` - Adding waiters for Elastic Load Balancing V2 * `Aws\Lambda` - Adds support for new runtime Node.js v6.10 for AWS Lambda service ## 3.24.5 - 2017-03-21 * `Aws\DirectConnect` - Deprecated DescribeConnectionLoa, DescribeInterconnectLoa, AllocateConnectionOnInterconnect and DescribeConnectionsOnInterconnect operations in favor of DescribeLoa, DescribeLoa, AllocateHostedConnection and DescribeHostedConnections respectively. * `Aws\MarketplaceCommerceAnalytics` - This update adds a new data set, us_sales_and_use_tax_records, which enables AWS Marketplace sellers to programmatically access to their U.S. Sales and Use Tax report data. * `Aws\Pinpoint` - Added support for segment endpoints by user attributes in addition to endpoint attributes, publishing raw app analytics and campaign events as events streams to Kinesis and Kinesis Firehose ## 3.24.4 - 2017-03-14 * `Aws\CloudWatchEvents` - Update documentation ## 3.24.3 - 2017-03-13 * `Aws\CloudWatchEvents` - This update extends Target Data Type for configuring Target behavior during invocation. * `Aws\DeviceFarm` - Network shaping allows users to simulate network connections and conditions while testing their Android, iOS, and web apps with AWS Device Farm. ## 3.24.2 - 2017-03-10 * `Aws\CodeDeploy` - Add paginators for Codedeploy * `Aws\EMR` - This release includes support for instance fleets in Amazon EMR. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431302 - php-aws-sdk3-3.25.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1431302 -------------------------------------------------------------------------------- ================================================================================ pluma-1.16.1-1.fc24 (FEDORA-2017-8554734b1e) Text editor for the MATE desktop -------------------------------------------------------------------------------- Update Information: - update to 1.16.1 -------------------------------------------------------------------------------- ================================================================================ python-bugzilla-2.1.0-1.fc24 (FEDORA-2017-6c31addab4) python2 library for interacting with Bugzilla -------------------------------------------------------------------------------- Update Information: * Rebased to version 2.1.0 * Support for bugzilla 5 API Keys (Dustin J. Mitchell) * bugzillarc can be used to set default URL for the cli tool * Revive update_flags wrapper * Bug fixes and minor improvements ---- * Rebased to version 2.0.0 * Several fixes for use with bugzilla 5 * This release contains several smallish API breaks: * Bugzilla.bug_autorefresh now defaults to False * Credentials are now cached in ~/.cache/python-bugzilla/ * bin/bugzilla was converted to argparse * bugzilla query --boolean_chart option is removed * Unify command line flags across sub commands -------------------------------------------------------------------------------- ================================================================================ qcad-3.16.7.0-1.fc24 (FEDORA-2017-15d8599020) Powerful 2D CAD system -------------------------------------------------------------------------------- Update Information: - Update to 3.16.7.0 - Fix detection of QCAD modules -------------------------------------------------------------------------------- ================================================================================ rpkg-1.49-2.fc24 (FEDORA-2017-266738a3db) Python library for interacting with rpm+git -------------------------------------------------------------------------------- Update Information: Rename pyrpkg to python2-rpkg. Currently, only Python 2 package is available. Test cases: - installing ``python2-rpkg`` will replace ``pyrpkg`` with ``python2-rpkg`` - installing ``fedpkg`` should select ``python2-rpkg`` - original package ``rpkg``, which contains example CLI, is moved to ``%{_datadir}/rpkg/examples/cli`` -------------------------------------------------------------------------------- References: [ 1 ] Bug #1400592 - Rename subpackage pyrpkg to python2-rpkg https://bugzilla.redhat.com/show_bug.cgi?id=1400592 -------------------------------------------------------------------------------- ================================================================================ samba-4.4.13-0.fc24 (FEDORA-2017-461ce095b5) Server and Client software to interoperate with Windows machines -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-2619 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1429472 - CVE-2017-2619 samba: symlink race permits opening files outside share directory https://bugzilla.redhat.com/show_bug.cgi?id=1429472 -------------------------------------------------------------------------------- ================================================================================ starcal-3.0.6-1.fc24 (FEDORA-2017-90350253fd) A full-featured international calendar written in Python -------------------------------------------------------------------------------- Update Information: Upstream bugfix release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1431416 - starcal-3.0.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1431416 -------------------------------------------------------------------------------- ================================================================================ tomcat-8.0.42-1.fc24 (FEDORA-2017-0d463794cb) Apache Servlet/JSP Engine, RI for Servlet 3.1/JSP 2.3 API -------------------------------------------------------------------------------- Update Information: This updates includes a rebase from tomcat 8.0.41 up to 8.0.42. -------------------------------------------------------------------------------- ================================================================================ xorgxrdp-0.2.1-1.fc24 (FEDORA-2017-8eac23007d) Implementation of xrdp backend as Xorg modules -------------------------------------------------------------------------------- Update Information: New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. - Miscellaneous RemoteFX codec mode improvements. - Socket directory is configurable at the compile time. Bugfixes in xrdp: - Parallels client for MacOS / iOS can now connect (audio redirection must be disabled on client or xrdp server though). - MS RDP client for iOS can now connect using TLS security layer. - MS RDP client for Android can now connect to xrdp. - Large resolutions (4K) can be used with RemoteFX graphics. - Multiple RemoteApps can be opened throguh NeutrinoRDP proxy. - tls_ciphers in xrdp.ini is not limited to 63 chars anymore, it's variable-length. - Fixed an issue where tls_ciphers were ignored and rdp security layer could be used instead. - Kill disconnected sessions feature is working with Xorg (xorgxrdp) backend. - Miscellaneous code cleanup and memory issues fixes. Rebuild of xrdp requiring both xorgxrdp and tigervnc- minimal. VNC is still the default. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1433959 - CVE-2017-6967 xrdp: Incorrect placement of auth_start_session() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1433959 -------------------------------------------------------------------------------- ================================================================================ xrdp-0.9.2-1.fc24 (FEDORA-2017-8eac23007d) Open source remote desktop protocol (RDP) server -------------------------------------------------------------------------------- Update Information: New upstream version of xorgxrdp and xrdp: New features in xrdp: - RemoteFX codec support is now enabled by default. - Bitmap updates support is now enabled by default. - TLS ciphers suites and version is now logged. - Connected computer name is now logged. - Switched to Xorg (xorgxrdp) as the default backend now. - Miscellaneous RemoteFX codec mode improvements. - Socket directory is configurable at the compile time. Bugfixes in xrdp: - Parallels client for MacOS / iOS can now connect (audio redirection must be disabled on client or xrdp server though). - MS RDP client for iOS can now connect using TLS security layer. - MS RDP client for Android can now connect to xrdp. - Large resolutions (4K) can be used with RemoteFX graphics. - Multiple RemoteApps can be opened throguh NeutrinoRDP proxy. - tls_ciphers in xrdp.ini is not limited to 63 chars anymore, it's variable-length. - Fixed an issue where tls_ciphers were ignored and rdp security layer could be used instead. - Kill disconnected sessions feature is working with Xorg (xorgxrdp) backend. - Miscellaneous code cleanup and memory issues fixes. Rebuild of xrdp requiring both xorgxrdp and tigervnc- minimal. VNC is still the default. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1433959 - CVE-2017-6967 xrdp: Incorrect placement of auth_start_session() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1433959 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
