The following Fedora 24 Security updates need testing: Age URL 162 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 156 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 118 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 98 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694 redis-3.2.8-1.fc24 54 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2 python-XStatic-jquery-ui-1.12.0.1-1.fc24 34 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0b6da97aa5 squirrelmail-1.4.22-19.fc24 26 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a0e2d58f8 thunderbird-52.1.0-1.fc24 19 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4de07172f4 postgresql-9.5.7-1.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7d698eba8b chromium-58.0.3029.110-2.fc24 chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f11501a9f perltidy-20170521-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0a1b2d495a systemd-229-20.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d39099ea6a webkitgtk4-2.16.3-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b22de5c767 dropbear-2017.75-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f942f19ff4 picocom-2.2-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5c55ef46ee yara-3.6.0-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d6d0067f oniguruma-5.9.6-4.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-486a536b62 mosquitto-1.4.12-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e6f5f6957 poppler-0.41.0-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3258a7e433 dolphin-emu-5.0-14.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-eadc5f410e mingw-poppler-0.41.0-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-135429d732 sudo-1.8.20p1-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 41 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e1905fd566 koji-1.12.0-2.fc24 26 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a0e2d58f8 thunderbird-52.1.0-1.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2c9e5e8fe tigervnc-1.8.0-1.fc24 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6f5c3ec36e python-coverage-4.4.1-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3ca90a77bd libtiff-4.0.8-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c54e3353b6 p11-kit-0.23.2-4.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d39099ea6a webkitgtk4-2.16.3-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0a1b2d495a systemd-229-20.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dc75cff415 firefox-53.0.3-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-09ed8ebe2c sssd-1.15.2-5.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-135429d732 sudo-1.8.20p1-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fabdb3303a testdisk-7.0-9.fc24 ntfs-3g-2017.3.23-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e6f5f6957 poppler-0.41.0-4.fc24 The following builds have been pushed to Fedora 24 updates-testing dolphin-emu-5.0-14.fc24 klavaro-3.02-4.fc24 lizardfs-3.11.0-3.fc24 luksmeta-4-1.fc24 mingw-poppler-0.41.0-2.fc24 nordugrid-arc-5.3.1-1.fc24 nordugrid-arc-doc-2.0.15-1.fc24 nordugrid-arc-nagios-plugins-1.9.0-1.fc24 ntfs-3g-2017.3.23-1.fc24 pcsxr-1.9.94-11.fc24 perl-CPAN-Perl-Releases-3.20-1.fc24 perl-Inline-C-0.78-1.fc24 perl-Module-CoreList-5.20170530-1.fc24 perl-Ref-Util-0.203-1.fc24 perl-Ref-Util-XS-0.116-2.fc24 php-horde-Horde-Alarm-2.2.10-1.fc24 php-horde-Horde-Cli-2.2.3-1.fc24 php-horde-Horde-Core-2.29.0-1.fc24 php-horde-Horde-Date-2.4.0-1.fc24 php-robrichards-xmlseclibs-2.0.1-4.fc24 php-webmozart-path-util-2.3.0-3.fc24 plasma-pk-updates-0.3.1-1.fc24 poppler-0.41.0-4.fc24 python-m2r-0.1.6-1.git871d579.fc24 sssd-1.15.2-5.fc24 sudo-1.8.20p1-1.fc24 testdisk-7.0-9.fc24 varnish-modules-0.12.1-1.fc24 Details about builds: ================================================================================ dolphin-emu-5.0-14.fc24 (FEDORA-2017-3258a7e433) GameCube / Wii / Triforce Emulator -------------------------------------------------------------------------------- Update Information: Rebuild with new bochs version -------------------------------------------------------------------------------- ================================================================================ klavaro-3.02-4.fc24 (FEDORA-2017-8747c54b3b) Typing tutor -------------------------------------------------------------------------------- Update Information: Update to 3.0.2. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1423817 - klavaro: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1423817 -------------------------------------------------------------------------------- ================================================================================ lizardfs-3.11.0-3.fc24 (FEDORA-2017-6b3a4add9e) Distributed, fault tolerant file system -------------------------------------------------------------------------------- Update Information: Fix a rare crash in master, plus other small fixes -------------------------------------------------------------------------------- ================================================================================ luksmeta-4-1.fc24 (FEDORA-2017-202623c06a) Utility for storing small metadata in the LUKSv1 header -------------------------------------------------------------------------------- Update Information: New upstream release. Enhanced documentation. -------------------------------------------------------------------------------- ================================================================================ mingw-poppler-0.41.0-2.fc24 (FEDORA-2017-eadc5f410e) MinGW Windows Poppler library -------------------------------------------------------------------------------- Update Information: This update fixes CVEs 2017-7511 and 2017-9083. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1456829 - CVE-2017-7511 mingw-poppler: poppler: Null pointer dereference in pdfunite via crafted documents [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1456829 [ 2 ] Bug #1453200 - CVE-2017-9083 mingw-poppler: poppler: Null pointer dereference in the JPXStream::readUByte function [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1453200 -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-5.3.1-1.fc24 (FEDORA-2017-5fb4ee7077) Advanced Resource Connector Grid Middleware -------------------------------------------------------------------------------- Update Information: http://www.nordugrid.org/arc/releases/15.03u14/release_notes_15.03u14.html -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-doc-2.0.15-1.fc24 (FEDORA-2017-5fb4ee7077) Advanced Resource Connector Documentation -------------------------------------------------------------------------------- Update Information: http://www.nordugrid.org/arc/releases/15.03u14/release_notes_15.03u14.html -------------------------------------------------------------------------------- ================================================================================ nordugrid-arc-nagios-plugins-1.9.0-1.fc24 (FEDORA-2017-5fb4ee7077) Nagios plugins for ARC -------------------------------------------------------------------------------- Update Information: http://www.nordugrid.org/arc/releases/15.03u14/release_notes_15.03u14.html -------------------------------------------------------------------------------- ================================================================================ ntfs-3g-2017.3.23-1.fc24 (FEDORA-2017-fabdb3303a) Linux NTFS userspace driver -------------------------------------------------------------------------------- Update Information: Update to ntfs-3g 2017.3.23. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1436894 - ntfs-3g-2017.3.23 is available https://bugzilla.redhat.com/show_bug.cgi?id=1436894 -------------------------------------------------------------------------------- ================================================================================ pcsxr-1.9.94-11.fc24 (FEDORA-2017-f40328432d) A plugin based PlayStation (PSX) emulator with high compatibility -------------------------------------------------------------------------------- Update Information: Back-port an overflow crash fix with the input plugin using SDL. -------------------------------------------------------------------------------- ================================================================================ perl-CPAN-Perl-Releases-3.20-1.fc24 (FEDORA-2017-82a3503b61) Mapping Perl releases on CPAN to the location of the tarballs -------------------------------------------------------------------------------- Update Information: Updated to the latest version ---- Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457003 - perl-CPAN-Perl-Releases-3.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457003 [ 2 ] Bug #1454970 - perl-CPAN-Perl-Releases-3.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1454970 -------------------------------------------------------------------------------- ================================================================================ perl-Inline-C-0.78-1.fc24 (FEDORA-2017-f9788c6315) Write Perl subroutines in C -------------------------------------------------------------------------------- Update Information: This release fixes tests. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457006 - perl-Inline-C-0.78 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457006 -------------------------------------------------------------------------------- ================================================================================ perl-Module-CoreList-5.20170530-1.fc24 (FEDORA-2017-723abb5863) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information: This release provides data for Perl 5.26.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457010 - perl-Module-CoreList-5.20170530 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457010 -------------------------------------------------------------------------------- ================================================================================ perl-Ref-Util-0.203-1.fc24 (FEDORA-2017-8abd97d73c) Utility functions for checking references -------------------------------------------------------------------------------- Update Information: This update reflects upstream's split into pure-perl and XS parts. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450440 - Review Request: perl-Ref-Util-XS - Utility functions for checking references https://bugzilla.redhat.com/show_bug.cgi?id=1450440 -------------------------------------------------------------------------------- ================================================================================ perl-Ref-Util-XS-0.116-2.fc24 (FEDORA-2017-8abd97d73c) Utility functions for checking references -------------------------------------------------------------------------------- Update Information: This update reflects upstream's split into pure-perl and XS parts. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1450440 - Review Request: perl-Ref-Util-XS - Utility functions for checking references https://bugzilla.redhat.com/show_bug.cgi?id=1450440 -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Alarm-2.2.10-1.fc24 (FEDORA-2017-9313d1f0ea) Horde Alarm Libraries -------------------------------------------------------------------------------- Update Information: **Horde_Alarm 2.2.10** * [jan] Fix catching database backend exceptions. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Cli-2.2.3-1.fc24 (FEDORA-2017-beafbf881f) Horde Command Line Interface API -------------------------------------------------------------------------------- Update Information: **Horde_Cli 2.2.3** * [jan] Fix fatal error screen for PHP 7 error objects. * [jan] Fix header() method to print, not return the header. -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Core-2.29.0-1.fc24 (FEDORA-2017-37ee3ef2e7) Horde Core Framework libraries -------------------------------------------------------------------------------- Update Information: **Horde_Core 2.29.0** * [jan] Add Horde_Registry_Application#backup(), restore(), and restoreDependencies(). * [mjr] Fix calculating ActiveSync SOFTDELETE times for calendar collections (Bug #14631). -------------------------------------------------------------------------------- ================================================================================ php-horde-Horde-Date-2.4.0-1.fc24 (FEDORA-2017-12d6653360) Horde Date package -------------------------------------------------------------------------------- Update Information: **Horde_Date 2.4.0** * [jan] Add Horde_Date_Recurrence::fromHash() and toHash(). -------------------------------------------------------------------------------- ================================================================================ php-robrichards-xmlseclibs-2.0.1-4.fc24 (FEDORA-2017-4b78d93a7d) A PHP library for XML Security -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ php-webmozart-path-util-2.3.0-3.fc24 (FEDORA-2017-4b78d93a7d) Cross-platform utilities for file paths -------------------------------------------------------------------------------- Update Information: Switch autoloader to `php-fedora-autoloader` -------------------------------------------------------------------------------- ================================================================================ plasma-pk-updates-0.3.1-1.fc24 (FEDORA-2017-c6b42b3fe2) Plasma applet for system updates using PackageKit -------------------------------------------------------------------------------- Update Information: Plasma-pk-updates 0.3.1 release. -------------------------------------------------------------------------------- ================================================================================ poppler-0.41.0-4.fc24 (FEDORA-2017-7e6f5f6957) PDF rendering library -------------------------------------------------------------------------------- Update Information: CVE-2017-7511 poppler: Null pointer dereference in pdfunite via crafted documents -------------------------------------------------------------------------------- References: [ 1 ] Bug #1456828 - CVE-2017-7511 poppler: Null pointer dereference in pdfunite via crafted documents [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1456828 -------------------------------------------------------------------------------- ================================================================================ python-m2r-0.1.6-1.git871d579.fc24 (FEDORA-2017-82163acc0c) Markdown to reStructuredText converter -------------------------------------------------------------------------------- Update Information: Update to new upstream version **0.1.6**. ---- Packaging [m2r](https://github.com/miyakogi/m2r/) in Fedora. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457165 - python-m2r-0.1.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457165 [ 2 ] Bug #1452126 - Review Request: python-m2r - Markdown to reStructuredText converter https://bugzilla.redhat.com/show_bug.cgi?id=1452126 -------------------------------------------------------------------------------- ================================================================================ sssd-1.15.2-5.fc24 (FEDORA-2017-09ed8ebe2c) System Security Services Daemon -------------------------------------------------------------------------------- Update Information: Resolves upstream#3382 - SSSD should use memberOf, not originalMemberOf to -------------------------------------------------------------------------------- ================================================================================ sudo-1.8.20p1-1.fc24 (FEDORA-2017-135429d732) Allows restricted root access for specified users -------------------------------------------------------------------------------- Update Information: - update to 1.8.20p1 - fixes CVE-2017-1000367 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1453074 - CVE-2017-1000367 sudo: Privilege escalation in via improper get_process_ttyname() parsing https://bugzilla.redhat.com/show_bug.cgi?id=1453074 -------------------------------------------------------------------------------- ================================================================================ testdisk-7.0-9.fc24 (FEDORA-2017-fabdb3303a) Tool to check and undelete partition, PhotoRec recovers lost files -------------------------------------------------------------------------------- Update Information: Update to ntfs-3g 2017.3.23. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1436894 - ntfs-3g-2017.3.23 is available https://bugzilla.redhat.com/show_bug.cgi?id=1436894 -------------------------------------------------------------------------------- ================================================================================ varnish-modules-0.12.1-1.fc24 (FEDORA-2017-1ea38b76e1) A collection of modules ("vmods") extending Varnish VCL -------------------------------------------------------------------------------- Update Information: New package: varnish-modules --------------------------------------------- This is a collection of modules ("vmods") extending Varnish VCL used for describing HTTP request/response policies with additional capabilities. This collection contains the following vmods (previously kept individually): cookie, vsthrottle, header, saintmode, softpurge, tcp, var, xkey -------------------------------------------------------------------------------- References: [ 1 ] Bug #1324863 - Review Request: varnish-modules - A collection of modules extending varnish VCL https://bugzilla.redhat.com/show_bug.cgi?id=1324863 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
