The following Fedora 24 Security updates need testing: Age URL 116 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 109 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 72 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 52 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694 redis-3.2.8-1.fc24 30 https://bodhi.fedoraproject.org/updates/FEDORA-2017-68cdc567e9 php-onelogin-php-saml-2.10.5-1.fc24 22 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f5fe1913f sane-backends-1.0.25-7.fc24 22 https://bodhi.fedoraproject.org/updates/FEDORA-2017-72323a442f ntp-4.2.6p5-44.fc24 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec01954fe9 chromium-57.0.2987.133-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a66ca10c22 tigervnc-1.7.1-4.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7de130a80d tnef-1.4.14-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9a13090378 ghostscript-9.20-7.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2 python-XStatic-jquery-ui-1.12.0.1-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8eac23007d xorgxrdp-0.2.1-1.fc24 xrdp-0.9.2-5.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ed6b6a1d7a ming-0.4.8-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e15e37b689 proftpd-1.3.5e-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d9d620366e php-pear-CAS-1.3.5-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-be8574d593 libxml2-2.9.4-2.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f676ecb20d libsndfile-1.0.28-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5764721de5 xstream-1.4.9-5.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-db6864b797 jenkins-xstream-1.4.7-11.jenkins1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-da4ed58fd5 dovecot-2.2.29.1-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7c9a9b2b36 backintime-1.1.20-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-33355c425d ansible-2.3.0.0-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8e7549fb91 kernel-4.10.10-100.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9941306740 yara-3.5.0-7.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b639afc9c collectd-5.6.2-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c372fa4dbc sudo-1.8.19p2-1.fc24 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3e90bdded7 p11-kit-0.23.2-3.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a66ca10c22 tigervnc-1.7.1-4.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a90e43dc1b thunderbird-52.0-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-185a953346 libfm-1.2.5-3.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6ec305fa93 dbus-1.11.12-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-be8574d593 libxml2-2.9.4-2.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ae0e285fc1 libdrm-2.4.79-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5f06d0bad6 vim-8.0.562-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f676ecb20d libsndfile-1.0.28-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c8186b8423 audit-2.7.5-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3753e75f72 ca-certificates-2017.2.11-1.1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8e7549fb91 kernel-4.10.10-100.fc24 The following builds have been pushed to Fedora 24 updates-testing collectd-5.6.2-1.fc24 dnfdragora-1.0.1-1.fc24 drupal7-webform-4.15-1.fc24 drupal8-8.3.0-1.fc24 fail2ban-0.9.6-4.fc24 highlight-3.36-1.fc24 libyui-3.3.1-5.fc24 libyui-gtk-2.44.9-2.fc24 libyui-ncurses-2.48.1-4.fc24 libyui-qt-2.47.1-4.fc24 magic-8.1.158-1.fc24 php-asm89-stack-cors-1.1.0-1.fc24 php-di-5.4.3-1.fc24 php-symfony-psr-http-message-bridge-1.0.0-1.fc24 php-zendframework-zend-diactoros-1.4.0-1.fc24 xcircuit-3.9.66-1.fc24 Details about builds: ================================================================================ collectd-5.6.2-1.fc24 (FEDORA-2017-6b639afc9c) Statistics collection daemon for filling RRD files -------------------------------------------------------------------------------- Update Information: Fix CVE-2017-7401 collectd: Infinite loop due to incorrect interaction of parse_packet() and parse_part_sign_sha256() functions. This is a bug in the network plugin. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1439674 - CVE-2017-7401 collectd: Infinite loop due to incorrect interaction of parse_packet() and parse_part_sign_sha256() functions https://bugzilla.redhat.com/show_bug.cgi?id=1439674 -------------------------------------------------------------------------------- ================================================================================ dnfdragora-1.0.1-1.fc24 (FEDORA-2017-4442c7c9bf) DNF package-manager based on libYui abstraction -------------------------------------------------------------------------------- Update Information: * New upstream release -------------------------------------------------------------------------------- ================================================================================ drupal7-webform-4.15-1.fc24 (FEDORA-2017-453a769850) Enables the creation of forms and questionnaires -------------------------------------------------------------------------------- Update Information: * [7.x-4.15](https://www.drupal.org/project/webform/releases/7.x-4.15) ---- * [7.x-4.15-rc1](https://www.drupal.org/project/webform/releases/7.x-4.15-rc1) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442289 - drupal7-webform-4.15 is available https://bugzilla.redhat.com/show_bug.cgi?id=1442289 [ 2 ] Bug #1437695 - drupal7-webform-4.15-rc1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1437695 -------------------------------------------------------------------------------- ================================================================================ drupal8-8.3.0-1.fc24 (FEDORA-2017-d81ad030da) An open source content management platform -------------------------------------------------------------------------------- Update Information: # drupal8 * [8.3.0](https://www.drupal.org/project/drupal/releases/8.3.0) # php-symfony-psr-http-message-bridge ## 1.0.0 * Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1370802 - php-symfony-psr-http-message-bridge-v1.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370802 [ 2 ] Bug #1439698 - drupal8-8.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1439698 -------------------------------------------------------------------------------- ================================================================================ fail2ban-0.9.6-4.fc24 (FEDORA-2017-44cc991a04) Daemon to ban hosts that cause multiple authentication errors -------------------------------------------------------------------------------- Update Information: Properly handle /run/fail2ban -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442368 - fail2ban is missing /var/run/fail2ban after installation and refuses to start https://bugzilla.redhat.com/show_bug.cgi?id=1442368 -------------------------------------------------------------------------------- ================================================================================ highlight-3.36-1.fc24 (FEDORA-2017-d8b6a8b2a3) Universal source code to formatted text converter -------------------------------------------------------------------------------- Update Information: - Updated to new 3.36 upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1117261 - highlight package not available on epel-7-ppc64 (available on x86_64) https://bugzilla.redhat.com/show_bug.cgi?id=1117261 -------------------------------------------------------------------------------- ================================================================================ libyui-3.3.1-5.fc24 (FEDORA-2017-7fa4fbeed8) GUI-abstraction library -------------------------------------------------------------------------------- Update Information: * Updated patches from upstream -------------------------------------------------------------------------------- ================================================================================ libyui-gtk-2.44.9-2.fc24 (FEDORA-2017-a071d7beb3) Gtk3 User Interface for libyui -------------------------------------------------------------------------------- Update Information: * New upstream release * Change Supplements: back to gtk3, since libYUI provides selection of UI-plugin based on used desktop environment -------------------------------------------------------------------------------- ================================================================================ libyui-ncurses-2.48.1-4.fc24 (FEDORA-2017-2782834304) Character Based User Interface for libyui -------------------------------------------------------------------------------- Update Information: * Fix hardlinking of html-docs -------------------------------------------------------------------------------- ================================================================================ libyui-qt-2.47.1-4.fc24 (FEDORA-2017-612eb87f69) Qt User Interface for libyui -------------------------------------------------------------------------------- Update Information: * Change Supplements: back to qt5-qtbase-gui, since libYUI provides selection of UI-plugin based on used desktop environment * Fix hardlinking of html-docs -------------------------------------------------------------------------------- ================================================================================ magic-8.1.158-1.fc24 (FEDORA-2017-0ed0064e51) A very capable VLSI layout tool -------------------------------------------------------------------------------- Update Information: New version 8.1.158 is released. -------------------------------------------------------------------------------- ================================================================================ php-asm89-stack-cors-1.1.0-1.fc24 (FEDORA-2017-88d2252e46) Cross-origin resource sharing library and stack middleware -------------------------------------------------------------------------------- Update Information: ### 1.1.0 New release containing several improvements/bug fixes: * Skip empty Access-Control-Request-Headers. Working around some browser bugs. #30 * Requests from the same origin are not modified anymore. #11 * Updated dependencies to 2017. E.g. `php >= 5.5.9` and Symfony deps now have a lower bound of `~2.7`. #41 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1441443 - php-asm89-stack-cors-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1441443 -------------------------------------------------------------------------------- ================================================================================ php-di-5.4.3-1.fc24 (FEDORA-2017-2155949763) The dependency injection container for humans -------------------------------------------------------------------------------- Update Information: ### 5.4.3 * \#467: register the container against the PSR ContainerInterface -------------------------------------------------------------------------------- References: [ 1 ] Bug #1442382 - php-di-5.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1442382 -------------------------------------------------------------------------------- ================================================================================ php-symfony-psr-http-message-bridge-1.0.0-1.fc24 (FEDORA-2017-d81ad030da) Symfony PSR HTTP message bridge -------------------------------------------------------------------------------- Update Information: # drupal8 * [8.3.0](https://www.drupal.org/project/drupal/releases/8.3.0) # php-symfony-psr-http-message-bridge ## 1.0.0 * Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1370802 - php-symfony-psr-http-message-bridge-v1.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1370802 [ 2 ] Bug #1439698 - drupal8-8.3.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1439698 -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-diactoros-1.4.0-1.fc24 (FEDORA-2017-68280e0d9b) PSR HTTP Message implementations -------------------------------------------------------------------------------- Update Information: ## 1.4.0 ### Added * \#219 adds two new classes, `Zend\Diactoros\Request\ArraySerializer` and `Zend\Diactoros\Response\ArraySerializer`. Each exposes the static methods `toArray()` and `fromArray()`, allowing de/serialization of messages from and to arrays. * \#236 adds two new constants to the `Response` class: `MIN_STATUS_CODE_VALUE` and `MAX_STATUS_CODE_VALUE`. ### Changes * \#240 changes the behavior of `ServerRequestFactory::fromGlobals()` when no `$cookies` argument is present. Previously, it would use `$_COOKIES`; now, if a `Cookie` header is present, it will parse and use that to populate the instance instead. * This change allows utilizing cookies that contain period characters (`.`) in their names (PHP's built-in cookie handling renames these to replace `.` with `_`, which can lead to synchronization issues with clients). * \#235 changes the behavior of `Uri::__toString()` to better follow proscribed behavior in PSR-7. In particular, prior to this release, if a scheme was missing but an authority was present, the class was incorrectly returning a value that did not include a `//` prefix. As of this release, it now does this correctly. ### Deprecated Nothing. ### Removed Nothing. ### Fixed Nothing. ## 1.3.11 ### Added Nothing. ### Changes * \#241 changes the constraint by which the package provides `psr/http-message-implementation` to simply `1.0` instead of `~1.0.0`, to follow how other implementations provide PSR-7. ### Deprecated Nothing. ### Removed Nothing. ### Fixed * \#161 adds additional validations to header names and values to ensure no malformed values are provided. * \#234 fixes a number of reason phrases in the `Response` instance, and adds automation from the canonical IANA sources to ensure any new phrases added are correct. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1440332 - php-zendframework-zend-diactoros-1.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1440332 -------------------------------------------------------------------------------- ================================================================================ xcircuit-3.9.66-1.fc24 (FEDORA-2017-a36759ca4c) Electronic circuit schematic drawing program -------------------------------------------------------------------------------- Update Information: New version 3.9.66 is released. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
