The following Fedora 24 Security updates need testing: Age URL 153 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 146 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 109 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 89 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694 redis-3.2.8-1.fc24 45 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2 python-XStatic-jquery-ui-1.12.0.1-1.fc24 25 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0b6da97aa5 squirrelmail-1.4.22-19.fc24 18 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c3ce061ea7 lynis-2.5.0-1.fc24 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a0e2d58f8 thunderbird-52.1.0-1.fc24 16 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ebe41f3fd7 python-fedora-0.9.0-3.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01a7989fc0 git-2.7.5-1.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4de07172f4 postgresql-9.5.7-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f2d5790d2 lxterminal-0.3.0-3.fc24 menu-cache-1.0.2-4.D20170514git56f6668459.fc24 pcmanfm-1.2.5-2.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fc10e3165a FlightGear-2016.1.2-6.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-607352ce5f FlightCrew-0.9.1-7.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7d698eba8b chromium-58.0.3029.110-2.fc24 chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-46fcfd8c98 wordpress-4.7.5-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dd5d2381e4 libvncserver-0.9.11-2.fc24.1 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f15fde598 moodle-3.1.6-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f11501a9f perltidy-20170521-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 32 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e1905fd566 koji-1.12.0-2.fc24 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a0e2d58f8 thunderbird-52.1.0-1.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-01a7989fc0 git-2.7.5-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3f2d5790d2 lxterminal-0.3.0-3.fc24 menu-cache-1.0.2-4.D20170514git56f6668459.fc24 pcmanfm-1.2.5-2.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2c9e5e8fe tigervnc-1.8.0-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-718c9992ef vim-8.0.600-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6f5c3ec36e python-coverage-4.4.1-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3ca90a77bd libtiff-4.0.8-1.fc24 The following builds have been pushed to Fedora 24 updates-testing R-Rcpp-0.12.11-1.fc24 cacti-1.1.7-1.fc24 composer-1.4.2-2.fc24 librdkafka-0.9.5-1.fc24 libtiff-4.0.8-1.fc24 lilypond-2.19.61-1.fc24 lilypond-doc-2.19.61-1.fc24 mingw-mediawriter-4.1.0-1.fc24 perltidy-20170521-1.fc24 php-pear-Mail-Mime-1.10.1-1.fc24 php-phpunit-diff-1.4.3-1.fc24 php-zendframework-zend-filter-2.7.2-1.fc24 php-zendframework-zend-form-2.10.2-1.fc24 php-zendframework-zend-i18n-2.7.4-1.fc24 php-zendframework-zend-inputfilter-2.7.4-1.fc24 php-zendframework-zend-log-2.9.2-1.fc24 Details about builds: ================================================================================ R-Rcpp-0.12.11-1.fc24 (FEDORA-2017-f422eee632) Seamless R and C++ Integration -------------------------------------------------------------------------------- Update Information: https://cran.r-project.org/web/packages/Rcpp/news.html -------------------------------------------------------------------------------- References: [ 1 ] Bug #1453062 - Version 0.12.11 was released https://bugzilla.redhat.com/show_bug.cgi?id=1453062 -------------------------------------------------------------------------------- ================================================================================ cacti-1.1.7-1.fc24 (FEDORA-2017-13b078aae6) An rrd based graphing tool -------------------------------------------------------------------------------- Update Information: - Update to 1.1.7 Release notes: http://www.cacti.net/release_notes.php?version=1.1.7 -------------------------------------------------------------------------------- ================================================================================ composer-1.4.2-2.fc24 (FEDORA-2017-b1905e59c9) Dependency Manager for PHP -------------------------------------------------------------------------------- Update Information: **Version 1.4.2** - 2017-05-17 * Fixed Bitbucket API handler parsing old deleted branches in hg repos * Fixed regression in gitlab downloads * Fixed output inconsistencies * Fixed unicode handling in `init` command for author names * Fixed useless warning when doing partial updates/removes on packages that are not currently installed * Fixed xdebug disabling issue when combined with disable_functions and allow_url_fopen CLI overrides -------------------------------------------------------------------------------- ================================================================================ librdkafka-0.9.5-1.fc24 (FEDORA-2017-fbd77dca03) The Apache Kafka C library -------------------------------------------------------------------------------- Update Information: Update to 0.9.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1440747 - librdkafka-v0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1440747 -------------------------------------------------------------------------------- ================================================================================ libtiff-4.0.8-1.fc24 (FEDORA-2017-3ca90a77bd) Library of functions for manipulating TIFF format image files -------------------------------------------------------------------------------- Update Information: New upstream release **4.0.8** with a lot of bugfixes, mostly security fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1453030 - libtiff-4.0.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1453030 -------------------------------------------------------------------------------- ================================================================================ lilypond-2.19.61-1.fc24 (FEDORA-2017-6ad20660e9) A typesetting system for music notation -------------------------------------------------------------------------------- Update Information: 2.19.61 -------------------------------------------------------------------------------- ================================================================================ lilypond-doc-2.19.61-1.fc24 (FEDORA-2017-6ad20660e9) HTML documentation for LilyPond -------------------------------------------------------------------------------- Update Information: 2.19.61 -------------------------------------------------------------------------------- ================================================================================ mingw-mediawriter-4.1.0-1.fc24 (FEDORA-2017-43f0102708) Fedora Media Writer -------------------------------------------------------------------------------- Update Information: Update to 4.1.0 ---- Update to 4.0.4 ---- Update to 4.0.0-0 ---- Update to 3.97.2 ---- Update to 3.97.1 ---- Update to 3.97.0 ---- Update to 3.96.0 -------------------------------------------------------------------------------- ================================================================================ perltidy-20170521-1.fc24 (FEDORA-2017-1f11501a9f) Tool for indenting and re-formatting Perl scripts -------------------------------------------------------------------------------- Update Information: Cumulative bug-fix, enhancement and security update, including fix for CVE-2016-10374: perltidy relies on the current working directory for certain output files and did not have a symlink-attack protection mechanism, which allowed local users to overwrite arbitrary files by creating a symlink, as demonstrated by creating a perltidy.ERR symlink that the victim could not delete. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1452050 - CVE-2016-10374 perltidy: Uses current working directory without symlink-attack protection https://bugzilla.redhat.com/show_bug.cgi?id=1452050 -------------------------------------------------------------------------------- ================================================================================ php-pear-Mail-Mime-1.10.1-1.fc24 (FEDORA-2017-d39fdaef42) Classes to create MIME messages -------------------------------------------------------------------------------- Update Information: **Version 1.10.1** * Fix Bug pear#21206: explodeQuotedString() does not handle quoted strings correctly [dfukagaw28] * Fix Bug pear#21205: Invalid encoding of headers with quoted multibyte strings in non-unicode charset [dfukagaw28] * Fix Bug pear#21098: Discrepancy in handling of empty (but set) plain text part [alec] -------------------------------------------------------------------------------- ================================================================================ php-phpunit-diff-1.4.3-1.fc24 (FEDORA-2017-cf5605f351) Diff implementation -------------------------------------------------------------------------------- Update Information: Latest upstream **version 1.4.2**. No changelog available, upstream doesn't care, feel free to open [an issue](https://github.com/sebastianbergmann/diff/issues). -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-filter-2.7.2-1.fc24 (FEDORA-2017-18da6d17bc) Zend Framework Filter component -------------------------------------------------------------------------------- Update Information: **Version 2.7.2** - 2017-05-17 * Changes - [#40](https://github.com/zendframework/zend-filter/pull/40) updates the `Callback` filter's `setCallback()` method to allow passing a string name of a class that is instantiable without constructor arguments, and which defines `__invoke()`. - [#43](https://github.com/zendframework/zend-filter/pull/43) updates the exception thrown by the `File\Rename` filter when the target already exists to indicate the target filename path. * Fixed - [#56](https://github.com/zendframework/zend-filter/pull/56) fixes how the `FilterPluginManagerFactory` factory initializes the plugin manager instance, ensuring it is injecting the relevant configuration from the `config` service and thus seeding it with configured translator loader services. This means that the `filters` configuration will now be honored in non-zend-mvc contexts. - [#36](https://github.com/zendframework/zend-filter/pull/36) fixes an issue in the constructor whereby a discovered option was not removed from the options list after being used to set the compression algorithm. - [#49](https://github.com/zendframework/zend-filter/pull/49) and [#51](https://github.com/zendframework/zend-filter/pull/51) fix logic within the `Boolean` and `ToNull` filters to use boolean rather than arithmetic operations, ensuring that if the same type is specified multiple times via the options, it will be aggregated correctly internally, and thus ensure correct operation of the filter. - [#55](https://github.com/zendframework/zend- filter/pull/55) adds a missing import statement to the `Word\SeparatorToSeparatorFactory`. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-form-2.10.2-1.fc24 (FEDORA-2017-325b32e8e7) Zend Framework Form component -------------------------------------------------------------------------------- Update Information: **Version 2.10.2** - 2017-05-18 * Fixed - [#161](https://github.com/zendframework/zend-form/pull/161) adds an import statement to the `ElementFactory`, fixing an error whereby checks for `Traversable` creation options would lead to a service creation exception; these now correctly identify traversable options and convert them to an array. - [#164](https://github.com/zendframework/zend-form/pull/164) fixes how the `FormElementManagerFactory` factory initializes the plugin manager instance, ensuring it is injecting the relevant configuration from the `config` service and thus seeding it with configured form/form element services. This means that the `form_elements` configuration will now be honored in non-zend-mvc contexts. - [#159](https://github.com/zendframework/zend-form/pull/159) fixes the behavior of the `min` and `max` attributes of the various `DateTime` elements, ensuring that the elements raise an exception during instantiation if the values provided are in a format that `DateTime` does not recognize for the element type in question. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-i18n-2.7.4-1.fc24 (FEDORA-2017-851539081f) Zend Framework I18n component -------------------------------------------------------------------------------- Update Information: **Version 2.7.4** - 2017-05-17 * Changes - [#65](https://github.com/zendframework/zend-i18n/pull/65) updates the `PostCode` validation for Ireland to support Eircode (https://www.eircode.ie /what-is-eircode) * Fixed - [#74](https://github.com/zendframework/zend- i18n/pull/74) fixes how the `LoaderPluginManagerFactory` factory initializes the plugin manager instance, ensuring it is injecting the relevant configuration from the `config` service and thus seeding it with configured translator loader services. This means that the `translator_plugins` configuration will now be honored in non-zend-mvc contexts. - [#56](https://github.com/zendframework/zend-i18n/pull/56) adds more aliases to the `LoaderPluginManager` to ensure different cAsIng strategies will still resolve translation loaders under zend-servicemanager v3. - [#62](https://github.com/zendframework/zend-i18n/pull/62) fixes an issue with how the gettext adapter resolves `PoEdit` source keywords when a text_domain is defined. - [#73](https://github.com/zendframework/zend-i18n/pull/73) provides a workaround within the `CurrencyFormat` view helper for an ICU bug (http://bugs.icu-project.org/trac/ticket/10997). -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-inputfilter-2.7.4-1.fc24 (FEDORA-2017-ca14536f3e) Zend Framework InputFilter component -------------------------------------------------------------------------------- Update Information: **Version 2.7.4** - 2017-05-18 * Changes - [#122](https://github.com/zendframework/zend-inputfilter/pull/122) maps the `Zend\InputFilter\InputFilterPluginManager` service to `Zend\InputFilter\InputFilterPluginManagerFactory`, and adds an alias from `InputFitlerPluginManager` to the fully qualified class name. This change allows you to request the service using either the original short name, or the fully qualified class name. * Fixed - [#137](https://github.com/zendframework/zend-inputfilter/pull/137) fixes how the `InputFilterPluginManagerFactory` factory initializes the plugin manager instance, ensuring it is injecting the relevant configuration from the `config` service and thus seeding it with configured input filter services. This means that the `input_filters` configuration will now be honored in non- zend-mvc contexts. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-log-2.9.2-1.fc24 (FEDORA-2017-e5e9ba4e4a) Zend Framework Log component -------------------------------------------------------------------------------- Update Information: **Version 2.9.2** - 2017-05-17 * Fixed - [#74](https://github.com/zendframework/zend-log/pull/74) fixes how the various plugin manager factories initialize the plugin manager instances, ensuring they are injecting the relevant configuration from the `config` service and thus seeding them with configured plugin services. This means that the `log_processors`, `log_writers`, `log_filters`, and `log_formatters` configuration will now be honored in non-zend-mvc contexts. - [#62](https://github.com/zendframework/zend-log/pull/62) fixes registration of the alias and factory for the `PsrPlaceholder` processor plugin. - [#66](https://github.com/zendframework/zend-log/pull/66) fixes the namespace of the `LogFormatterProviderInterface` when registering the `LogFormatterManager` with the zend-modulemanager `ServiceListener`. - [#67](https://github.com/zendframework/zend-log/pull/67) ensures that content being injected into a DOM node by `Zend\Log\Formatter\Xml` is escaped so that XML entities will be properly emitted. - [#73](https://github.com/zendframework/zend-log/pull/73) adds a missing import statement to the `Psr` log writer. -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
