The following Fedora 24 Security updates need testing: Age URL 162 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 156 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 118 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 99 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694 redis-3.2.8-1.fc24 54 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2 python-XStatic-jquery-ui-1.12.0.1-1.fc24 26 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a0e2d58f8 thunderbird-52.1.0-1.fc24 19 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4de07172f4 postgresql-9.5.7-1.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7d698eba8b chromium-58.0.3029.110-2.fc24 chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f11501a9f perltidy-20170521-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0a1b2d495a systemd-229-20.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d39099ea6a webkitgtk4-2.16.3-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b22de5c767 dropbear-2017.75-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f942f19ff4 picocom-2.2-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5c55ef46ee yara-3.6.0-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e2d6d0067f oniguruma-5.9.6-4.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-486a536b62 mosquitto-1.4.12-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e6f5f6957 poppler-0.41.0-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3258a7e433 dolphin-emu-5.0-14.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-eadc5f410e mingw-poppler-0.41.0-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ed1c665a3f wget-1.18-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-facd994774 sudo-1.8.20p2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-212f07c853 perl-File-Path-2.12-3.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 42 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e1905fd566 koji-1.12.0-2.fc24 26 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a0e2d58f8 thunderbird-52.1.0-1.fc24 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6f5c3ec36e python-coverage-4.4.1-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3ca90a77bd libtiff-4.0.8-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c54e3353b6 p11-kit-0.23.2-4.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d39099ea6a webkitgtk4-2.16.3-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0a1b2d495a systemd-229-20.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dc75cff415 firefox-53.0.3-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-212f07c853 perl-File-Path-2.12-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-facd994774 sudo-1.8.20p2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-09ed8ebe2c sssd-1.15.2-5.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fabdb3303a testdisk-7.0-9.fc24 ntfs-3g-2017.3.23-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e6f5f6957 poppler-0.41.0-4.fc24 The following builds have been pushed to Fedora 24 updates-testing inxi-2.3.11-1.fc24 perl-CPAN-Perl-Releases-3.22-1.fc24 perl-Crypt-OpenSSL-EC-1.3-1.fc24 perl-File-Path-2.12-3.fc24 perl-Module-CoreList-5.20170531-1.fc24 python-moksha-hub-1.4.9-1.fc24 rudiments-1.0.5-1.fc24 sudo-1.8.20p2-1.fc24 wget-1.18-2.fc24 Details about builds: ================================================================================ inxi-2.3.11-1.fc24 (FEDORA-2017-9e1accf183) A full featured system information script -------------------------------------------------------------------------------- Update Information: Update to 2.3.11. ---- Update to 2.3.9. -------------------------------------------------------------------------------- ================================================================================ perl-CPAN-Perl-Releases-3.22-1.fc24 (FEDORA-2017-d60451f9ae) Mapping Perl releases on CPAN to the location of the tarballs -------------------------------------------------------------------------------- Update Information: Updated to the latest version ---- Updated to the latest version ---- Updated to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457578 - perl-CPAN-Perl-Releases-3.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457578 [ 2 ] Bug #1457003 - perl-CPAN-Perl-Releases-3.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457003 [ 3 ] Bug #1454970 - perl-CPAN-Perl-Releases-3.18 is available https://bugzilla.redhat.com/show_bug.cgi?id=1454970 -------------------------------------------------------------------------------- ================================================================================ perl-Crypt-OpenSSL-EC-1.3-1.fc24 (FEDORA-2017-72bb303adb) Perl extension for OpenSSL EC (Elliptic Curves) library -------------------------------------------------------------------------------- Update Information: This release fixes a memory leak in Crypt::OpenSSL::EC::EC_POINT::point2hex() function. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457844 - perl-Crypt-OpenSSL-EC-1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457844 -------------------------------------------------------------------------------- ================================================================================ perl-File-Path-2.12-3.fc24 (FEDORA-2017-212f07c853) Create or remove directory trees -------------------------------------------------------------------------------- Update Information: This release fixes a possible setting arbitrary mode on an arbitrary file in rmtree() and remove_tree() calls known as CVE-2017-6512. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457832 - CVE-2017-6512 perl-File-Path: rmtree/remove_tree race condition https://bugzilla.redhat.com/show_bug.cgi?id=1457832 -------------------------------------------------------------------------------- ================================================================================ perl-Module-CoreList-5.20170531-1.fc24 (FEDORA-2017-cb29621dfe) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information: This release provides data about Perl 5.27.0. ---- This release provides data for Perl 5.26.0. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457584 - perl-Module-CoreList-5.20170531 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457584 [ 2 ] Bug #1457010 - perl-Module-CoreList-5.20170530 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457010 -------------------------------------------------------------------------------- ================================================================================ python-moksha-hub-1.4.9-1.fc24 (FEDORA-2017-a2836efcfc) Hub components for Moksha -------------------------------------------------------------------------------- Update Information: One bugfix for STOMP users, which unescapes headers: https://github.com/mokshaproject/moksha/pull/40 One new feature to properly support users interacting with durable broker queues: https://github.com/mokshaproject/moksha/pull/39 -------------------------------------------------------------------------------- ================================================================================ rudiments-1.0.5-1.fc24 (FEDORA-2017-db33ce1940) C++ class library for developing systems and applications -------------------------------------------------------------------------------- Update Information: Updated to version 1.0.5. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1457586 - rudiments-1.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1457586 -------------------------------------------------------------------------------- ================================================================================ sudo-1.8.20p2-1.fc24 (FEDORA-2017-facd994774) Allows restricted root access for specified users -------------------------------------------------------------------------------- Update Information: - update to 1.8.20p2 - added sudo package to dnf/yum protected packages ---- - update to 1.8.20p1 - fixes CVE-2017-1000367 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1453074 - CVE-2017-1000367 sudo: Privilege escalation in via improper get_process_ttyname() parsing https://bugzilla.redhat.com/show_bug.cgi?id=1453074 -------------------------------------------------------------------------------- ================================================================================ wget-1.18-2.fc24 (FEDORA-2017-ed1c665a3f) A utility for retrieving files using the HTTP or FTP protocols -------------------------------------------------------------------------------- Update Information: Fixed CVE-2017-6508: CRLF injection in the url_parse function in url.c -------------------------------------------------------------------------------- References: [ 1 ] Bug #1429984 - CVE-2017-6508 wget: CRLF injection in the url_parse function in url.c https://bugzilla.redhat.com/show_bug.cgi?id=1429984 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
