Fedora 24 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 24 Security updates need testing:
 Age  URL
 113  https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08   squid-3.5.23-1.fc24
 106  https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08   exim-4.87.1-1.fc24
  69  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba   runc-1.0.0-5.rc2.gitc91b5be.fc24
  49  https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694   redis-3.2.8-1.fc24
  26  https://bodhi.fedoraproject.org/updates/FEDORA-2017-68cdc567e9   php-onelogin-php-saml-2.10.5-1.fc24
  19  https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f5fe1913f   sane-backends-1.0.25-7.fc24
  19  https://bodhi.fedoraproject.org/updates/FEDORA-2017-72323a442f   ntp-4.2.6p5-44.fc24
  11  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec01954fe9   chromium-57.0.2987.133-1.fc24
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-84bc8ac268   libpng12-1.2.57-1.fc24
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a66ca10c22   tigervnc-1.7.1-4.fc24
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-03dc811be6   xen-4.6.5-5.fc24
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-7de130a80d   tnef-1.4.14-1.fc24
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2017-97fb93e1d1   samba-4.4.13-1.fc24
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2017-9a13090378   ghostscript-9.20-7.fc24
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2   python-XStatic-jquery-ui-1.12.0.1-1.fc24
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-8eac23007d   xorgxrdp-0.2.1-1.fc24 xrdp-0.9.2-5.fc24
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ed6b6a1d7a   ming-0.4.8-1.fc24
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2017-e15e37b689   proftpd-1.3.5e-1.fc24
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-502cf68d68   kernel-4.10.9-100.fc24
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-d9d620366e   php-pear-CAS-1.3.5-1.fc24
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-be8574d593   libxml2-2.9.4-2.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f676ecb20d   libsndfile-1.0.28-1.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-5764721de5   xstream-1.4.9-5.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-db6864b797   jenkins-xstream-1.4.7-11.jenkins1.fc24


The following Fedora 24 Critical Path updates have yet to be approved:
 Age URL
  14  https://bodhi.fedoraproject.org/updates/FEDORA-2017-58d5521965   linux-firmware-20170313-72.git695f2d6d.fc24
  14  https://bodhi.fedoraproject.org/updates/FEDORA-2017-6189eb6f22   gvfs-1.28.4-1.fc24
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-579411a8a3   nss-3.29.3-1.1.fc24 nss-util-3.29.3-1.1.fc24
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-c372fa4dbc   sudo-1.8.19p2-1.fc24
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-3e90bdded7   p11-kit-0.23.2-3.fc24
   8  https://bodhi.fedoraproject.org/updates/FEDORA-2017-1739c0ed1b   hwdata-0.299-1.fc24
   7  https://bodhi.fedoraproject.org/updates/FEDORA-2017-3753e75f72   ca-certificates-2017.2.11-1.1.fc24
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a66ca10c22   tigervnc-1.7.1-4.fc24
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2017-a90e43dc1b   thunderbird-52.0-1.fc24
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2017-185a953346   libfm-1.2.5-3.fc24
   5  https://bodhi.fedoraproject.org/updates/FEDORA-2017-97fb93e1d1   samba-4.4.13-1.fc24
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2017-6ec305fa93   dbus-1.11.12-1.fc24
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-be8574d593   libxml2-2.9.4-2.fc24
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-ae0e285fc1   libdrm-2.4.79-1.fc24
   1  https://bodhi.fedoraproject.org/updates/FEDORA-2017-502cf68d68   kernel-4.10.9-100.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-5f06d0bad6   vim-8.0.562-1.fc24
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2017-f676ecb20d   libsndfile-1.0.28-1.fc24


The following builds have been pushed to Fedora 24 updates-testing

    asciinema-1.4.0-1.fc24
    dovecot-2.2.29-1.fc24
    glusterfs-3.8.11-1.fc24
    gnucash-2.6.16-1.fc24
    gnucash-docs-2.6.16-1.fc24
    jenkins-xstream-1.4.7-11.jenkins1.fc24
    js-jquery-2.2.4-3.fc24
    kde-cli-tools-5.8.6-2.fc24
    kf5-networkmanager-qt-5.33.0-2.fc24
    kup-0.3.6-1.fc24
    libmicrohttpd-0.9.53-1.fc24
    libsndfile-1.0.28-1.fc24
    libtaskotron-0.4.20-1.fc24
    python-pyvo-0.6.0-1.git20170411.3fa56a6.fc24
    shotwell-0.24.6-1.fc24
    snapd-2.24-1.fc24
    taskotron-trigger-0.4.8-1.fc24
    thermald-1.6-3.fc24
    vim-8.0.562-1.fc24
    webkitgtk4-2.16.1-2.fc24
    xstream-1.4.9-5.fc24

Details about builds:


================================================================================
 asciinema-1.4.0-1.fc24 (FEDORA-2017-ae46c20591)
 Command line client (terminal recorder) for asciinema.org service
--------------------------------------------------------------------------------
Update Information:

Update to version 1.4.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1441573 - asciinema-1.4.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1441573
--------------------------------------------------------------------------------


================================================================================
 dovecot-2.2.29-1.fc24 (FEDORA-2017-da4ed58fd5)
 Secure imap and pop3 server
--------------------------------------------------------------------------------
Update Information:

  + quota: Add plugin { quota_max_mail_size } setting to limit the    maximum
individual mail size that can be saved.  + imapc: Add imapc_features=delay-
login. If set, connecting to the    remote IMAP server isn't done until it's
necessary.  + imapc: Add imapc_connection_retry_count and
imapc_connection_retry_interval settings.  + imap, pop3, indexer-worker: Add
(deinit) to process title before    autoexpunging runs.  + Added %{encrypt} and
%{decrypt} variables  + imap/pop3 proxy: Log proxy state in errors as human-
readable string.  + imap/pop3-login: All forward_* extra fields returned by
passdb are    sent to the next hop when proxying using ID/XCLIENT commands. On
the    receiving side these fields are imported and sent to auth process
where they're accessible via %{passdb:forward_*}. This is done only    if the
sending IP address matches login_trusted_networks.  + imap-login: If
imap_id_retain=yes, send the IMAP ID string to    auth process. %{client_id}
expands to it in auth process. The ID    string is also sent to the next hop
when proxying.  + passdb imap: Use ssl_client_ca_* settings for CA validation.
- fts-tika: Fixed crash when parsing attachment without    Content-Disposition
header. Broken by 2.2.28.  - trash plugin was broken in 2.2.28  - auth: When
passdb/userdb lookups were done via auth-workers, too much    data was added to
auth cache. This could have resulted in wrong    replies when using multiple
passdbs/userdbs.  - auth: passdb { skip & mechanisms } were ignored for the
first passdb  - oauth2: Various fixes, including fixes to crashes  - dsync:
Large Sieve scripts (or other large metadata) weren't always    synced.  - Index
rebuild (e.g. doveadm force-resync) set all mails as \Recent  - imap-hibernate:
%{userdb:*} wasn't expanded in mail_log_prefix  - doveadm: Exit codes weren't
preserved when proxying commands via    doveadm-server. Almost all errors used
exit code 75 (tempfail).  - ACLs weren't applied to not-yet-existing autocreated
mailboxes.  - Fixed a potential crash when parsing a broken message header.  -
cassandra: Fallback consistency settings weren't working correctly.  - doveadm
director status <user>: "Initial config" was always empty  - imapc: Various
reconnection fixes.
--------------------------------------------------------------------------------


================================================================================
 glusterfs-3.8.11-1.fc24 (FEDORA-2017-efd28bd5c7)
 Distributed File System
--------------------------------------------------------------------------------
Update Information:

3.8.11 GA
--------------------------------------------------------------------------------


================================================================================
 gnucash-2.6.16-1.fc24 (FEDORA-2017-d90785c9e9)
 Finance management application
--------------------------------------------------------------------------------
Update Information:

This updates GnuCash to the latest upstream bugfix release, 2.6.16. For more
information, see the upstream release notes at http://gnucash.org/.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1436183 - gnucash-2.6.16 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1436183
  [ 2 ] Bug #1409887 - Reports flicker after opening
        https://bugzilla.redhat.com/show_bug.cgi?id=1409887
--------------------------------------------------------------------------------


================================================================================
 gnucash-docs-2.6.16-1.fc24 (FEDORA-2017-d90785c9e9)
 Help files and documentation for the GnuCash personal finance manager
--------------------------------------------------------------------------------
Update Information:

This updates GnuCash to the latest upstream bugfix release, 2.6.16. For more
information, see the upstream release notes at http://gnucash.org/.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1436183 - gnucash-2.6.16 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1436183
  [ 2 ] Bug #1409887 - Reports flicker after opening
        https://bugzilla.redhat.com/show_bug.cgi?id=1409887
--------------------------------------------------------------------------------


================================================================================
 jenkins-xstream-1.4.7-11.jenkins1.fc24 (FEDORA-2017-db6864b797)
 Jenkins XStream library
--------------------------------------------------------------------------------
Update Information:

Security fix for rhbz#1441541
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1441541 - jenkins-xstream: XStream: DoS when unmarshalling void type [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1441541
--------------------------------------------------------------------------------


================================================================================
 js-jquery-2.2.4-3.fc24 (FEDORA-2017-4c189bc234)
 JavaScript DOM manipulation, event handling, and AJAX library
--------------------------------------------------------------------------------
Update Information:

Update adds Provides: js-jquery2, in order to better support future package
rename and addition of jQuery 3.
--------------------------------------------------------------------------------


================================================================================
 kde-cli-tools-5.8.6-2.fc24 (FEDORA-2017-9c1688ae30)
 Tools based on KDE Frameworks 5 to better interact with the system
--------------------------------------------------------------------------------
Update Information:

Backport upstream fix for getting a more-complete output from "kcmshell5 --list"
--------------------------------------------------------------------------------


================================================================================
 kf5-networkmanager-qt-5.33.0-2.fc24 (FEDORA-2017-f1b43b783e)
 A Tier 1 KDE Frameworks 5 module that wraps NetworkManager DBus API
--------------------------------------------------------------------------------
Update Information:

Set default value for auto-negotiation in wired setting based on running
NetworkManager version (bz#1440583).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1440583 - Unable to modify network settings
        https://bugzilla.redhat.com/show_bug.cgi?id=1440583
--------------------------------------------------------------------------------


================================================================================
 kup-0.3.6-1.fc24 (FEDORA-2017-a9e48d1d49)
 Kernel.org Uploader
--------------------------------------------------------------------------------
Update Information:

Update to upstream 0.3.6 with support for subcmd and gitolite
--------------------------------------------------------------------------------


================================================================================
 libmicrohttpd-0.9.53-1.fc24 (FEDORA-2017-a815fd1582)
 Lightweight library for embedding a webserver in applications
--------------------------------------------------------------------------------
Update Information:

Update to 0.9.53-1
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1288676 - libmicrohttpd-0.9.53 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1288676
--------------------------------------------------------------------------------


================================================================================
 libsndfile-1.0.28-1.fc24 (FEDORA-2017-f676ecb20d)
 Library for reading and writing sound files
--------------------------------------------------------------------------------
Update Information:

* updated to 1.0.28 * fixes possible buffer overflow when parsing crafted ID3
tags (#1440758, CVE-2017-7586) * fixes possible buffer overflow when parsing
crafted flac file (#1440756, CVE-2017-7585)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1440756 - CVE-2017-7585 libsndfile: Stack-based buffer overflow in flac_buffer_copy()
        https://bugzilla.redhat.com/show_bug.cgi?id=1440756
  [ 2 ] Bug #1440758 - CVE-2017-7586 libsndfile: Error in header_read() causing stack-based buffer overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=1440758
--------------------------------------------------------------------------------


================================================================================
 libtaskotron-0.4.20-1.fc24 (FEDORA-2017-2a907d23bd)
 Taskotron Support Library
--------------------------------------------------------------------------------
Update Information:

Added better support for F26, secondary arches handling. Added module_build item
type, other small fixes
--------------------------------------------------------------------------------


================================================================================
 python-pyvo-0.6.0-1.git20170411.3fa56a6.fc24 (FEDORA-2017-6d2d130048)
 Access to remote data and services of the Virtual observatory (VO) using Python
--------------------------------------------------------------------------------
Update Information:

New upstream release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1441189 - python-pyvo-0.6.0 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1441189
--------------------------------------------------------------------------------


================================================================================
 shotwell-0.24.6-1.fc24 (FEDORA-2017-a9d0c09896)
 A photo organizer for the GNOME desktop
--------------------------------------------------------------------------------
Update Information:

shotwell 0.24.6 release.    * Fix gamma and chromatic aberrations when
developing with libraw   * Picasa: Remove possibility to create new albums   *
Fix import of files with ".ogg" extension   * Fix crash on wayland when dragging
tool boxes   * Fix toolbox not visible in Cinnamon   * Fix manpage   * Viewer:
Fix navigation after saving a photo   * Do not load files into memory when
importing   * Translation updates
--------------------------------------------------------------------------------


================================================================================
 snapd-2.24-1.fc24 (FEDORA-2017-3f22cb3858)
 A transactional software package manager
--------------------------------------------------------------------------------
Update Information:

Update to snapd v2.24.  Some of the highlights (from the Snappy team):  * Fix
potential transition issue from `ubuntu-core` to `core` * Work towards improved
aliases * (many) cross-distribution improvements * Fixes to work better with
GNOME Software * Improve internal interfaces code * Detect devmode by inspecting
the AppArmor support in the kernel * Test improvements * Allow chroot in base
template * Fix `pi-config.*` core settings and add some more * interface
updates: `browser-support`,`unity7`,`framebuffer`,`location-observe`,`location-
control`,`browser-support`,`mir`,`opengl`,`unity8` * new interfaces:
`joystick`,`maliit`,`autopilot`
--------------------------------------------------------------------------------


================================================================================
 taskotron-trigger-0.4.8-1.fc24 (FEDORA-2017-858026aa08)
 Triggering Taskotron jobs via fedmsg
--------------------------------------------------------------------------------
Update Information:

Fixing issue where branch parameter was not being passed correctly and added MBS
consumer  ----  Fixes a bug in finding cloud images due to hard codded values
--------------------------------------------------------------------------------


================================================================================
 thermald-1.6-3.fc24 (FEDORA-2017-9ab3f22a16)
 Thermal Management daemon
--------------------------------------------------------------------------------
Update Information:

* Initial rpm-release
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1440406 - Review Request: thermald - Thermal Management daemon
        https://bugzilla.redhat.com/show_bug.cgi?id=1440406
--------------------------------------------------------------------------------


================================================================================
 vim-8.0.562-1.fc24 (FEDORA-2017-5f06d0bad6)
 The VIM editor
--------------------------------------------------------------------------------
Update Information:

The newest upstream commit.
--------------------------------------------------------------------------------


================================================================================
 webkitgtk4-2.16.1-2.fc24 (FEDORA-2017-c4d0520cfc)
 GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:

This update brings the following changes:   * Fix no-third-party cookies policy
in case of redirections.  * Keep URL fragments after server redirections.  *
Honor GTK+ font settings.  * Ensure depth and stencil renderbuffers are created
on GLESv2.  * Prevent new navigations from onbeforeunload handler and document
unload.  * Disallow beforeunload alerts from web pages users have never
interacted with.  * Fix several crashes and rendering issues.
--------------------------------------------------------------------------------


================================================================================
 xstream-1.4.9-5.fc24 (FEDORA-2017-5764721de5)
 Java XML serialization library
--------------------------------------------------------------------------------
Update Information:

Security fix for rhbz#1441542
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1441542 - XStream: DoS when unmarshalling void type [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1441542
--------------------------------------------------------------------------------
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux