The following Fedora 24 Security updates need testing: Age URL 170 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 164 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 126 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 106 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694 redis-3.2.8-1.fc24 62 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2 python-XStatic-jquery-ui-1.12.0.1-1.fc24 34 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a0e2d58f8 thunderbird-52.1.0-1.fc24 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4de07172f4 postgresql-9.5.7-1.fc24 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1f11501a9f perltidy-20170521-1.fc24 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0a1b2d495a systemd-229-20.fc24 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d39099ea6a webkitgtk4-2.16.3-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f942f19ff4 picocom-2.2-2.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5c55ef46ee yara-3.6.0-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-486a536b62 mosquitto-1.4.12-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e6f5f6957 poppler-0.41.0-4.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3258a7e433 dolphin-emu-5.0-14.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-212f07c853 perl-File-Path-2.12-3.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6aff7475b7 ansible-2.3.1.0-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e0ff7f73a log4j12-1.2.17-19.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-36c7e7ef06 ettercap-0.8.2-4.2.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a3d6e1a7bf libsndfile-1.0.28-2.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5f1006afb1 libstaroffice-0.0.3-3.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-62547837ba gajim-0.16.8-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1f4c48c68 nodejs-brace-expansion-1.1.7-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d04e48112b mariadb-10.1.24-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6554692044 kernel-4.11.4-100.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 49 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e1905fd566 koji-1.12.0-2.fc24 34 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a0e2d58f8 thunderbird-52.1.0-1.fc24 16 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c54e3353b6 p11-kit-0.23.2-4.fc24 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d39099ea6a webkitgtk4-2.16.3-1.fc24 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0a1b2d495a systemd-229-20.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-dc75cff415 firefox-53.0.3-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-09ed8ebe2c sssd-1.15.2-5.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fabdb3303a testdisk-7.0-9.fc24 ntfs-3g-2017.3.23-1.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7e6f5f6957 poppler-0.41.0-4.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-212f07c853 perl-File-Path-2.12-3.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a3d6e1a7bf libsndfile-1.0.28-2.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-41792497d9 vim-8.0.617-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2f817084d3 hwdata-0.301-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6554692044 kernel-4.11.4-100.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d04e48112b mariadb-10.1.24-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-852b6ec264 linux-firmware-20170605-74.git37857004.fc24 The following builds have been pushed to Fedora 24 updates-testing amanda-3.4.5-1.fc24 colorful-1.2-11.fc24 drupal7-7.55-1.fc24 google-noto-emoji-fonts-20170608-1.fc24 kernel-4.11.4-100.fc24 linux-firmware-20170605-74.git37857004.fc24 mariadb-10.1.24-2.fc24 python-ansible-tower-cli-3.1.4-1.fc24 python-nbxmpp-0.5.6-1.fc24 python-tinydb-3.3.0-1.fc24 sugar-calculator-44-1.fc24 sugar-jukebox-33-1.fc24 sugar-log-38-1.fc24 sugar-physics-32-1.fc24 sugar-read-118-1.fc24 Details about builds: ================================================================================ amanda-3.4.5-1.fc24 (FEDORA-2017-a9d435f9e2) A network-capable tape backup solution -------------------------------------------------------------------------------- Update Information: Updated to new upstream release 3.4.5, which fixes various bugs. -------------------------------------------------------------------------------- ================================================================================ colorful-1.2-11.fc24 (FEDORA-2017-7341f0c642) Side-view shooter game -------------------------------------------------------------------------------- Update Information: Initial build & update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1441813 - Review Request: colorful - simple side-view shooter game https://bugzilla.redhat.com/show_bug.cgi?id=1441813 -------------------------------------------------------------------------------- ================================================================================ drupal7-7.55-1.fc24 (FEDORA-2017-b05fcbacf4) An open-source content-management platform -------------------------------------------------------------------------------- Update Information: https://www.drupal.org/project/drupal/releases/7.55 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459710 - drupal7-7.55 is available https://bugzilla.redhat.com/show_bug.cgi?id=1459710 -------------------------------------------------------------------------------- ================================================================================ google-noto-emoji-fonts-20170608-1.fc24 (FEDORA-2017-bdf0a43127) Google Noto Emoji Fonts -------------------------------------------------------------------------------- Update Information: Update to upstream snapshot tarball ---- Update to upstream snapshot tarball -------------------------------------------------------------------------------- ================================================================================ kernel-4.11.4-100.fc24 (FEDORA-2017-6554692044) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.11.4 update contains a number of important fixes across the tree ---- This is a rebase to the 4.11 series of kernels. It includes all fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1452744 - CVE-2017-9077 kernel: net: tcp_v6_syn_recv_sock function mishandles inheritance https://bugzilla.redhat.com/show_bug.cgi?id=1452744 [ 2 ] Bug #1452688 - CVE-2017-9076 kernel: net: IPv6 DCCP implementation mishandles inheritance https://bugzilla.redhat.com/show_bug.cgi?id=1452688 [ 3 ] Bug #1452691 - CVE-2017-9075 kernel: net: sctp_v6_create_accept_sk function mishandles inheritance https://bugzilla.redhat.com/show_bug.cgi?id=1452691 [ 4 ] Bug #1452679 - CVE-2017-9074 kernel: net: IPv6 fragmentation implementation of nexthdr field may be associated with an invalid option https://bugzilla.redhat.com/show_bug.cgi?id=1452679 [ 5 ] Bug #1450972 - CVE-2017-8890 kernel: Double free in the inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c https://bugzilla.redhat.com/show_bug.cgi?id=1450972 -------------------------------------------------------------------------------- ================================================================================ linux-firmware-20170605-74.git37857004.fc24 (FEDORA-2017-852b6ec264) Firmware files used by the Linux kernel -------------------------------------------------------------------------------- Update Information: Update to latest upstream git snapshot -------------------------------------------------------------------------------- ================================================================================ mariadb-10.1.24-2.fc24 (FEDORA-2017-d04e48112b) A community developed branch of MySQL -------------------------------------------------------------------------------- Update Information: **Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file-contents.patch Patch14: %{pkgnamepatch}-example- config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new- cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled '--big-test' option for the testsuite Disabled '--skip-rpl' option for the testsuite = replication tests enabled **Warning** Some Spider tests started to fail, the engine can be probabbly unsafe now. **Aditional bugs solved:** #1459671: mariadb fails to start with tokudb; jemalloc not correctly enabled ---- **Rebase to 10.1.24** Plugin oqgraph enabled Plugin jemalloc enabled Sphinx engine enabled Build dependecies Bison and Libarchive added, others corrected Disabling Mroonga engine for i686 architecture, as it is not supported by MariaDB **Removed patches: (fixed by upstream)** Patch5: %{pkgnamepatch}-file- contents.patch Patch14: %{pkgnamepatch}-example-config-files.patch Patch31: %{pkgnamepatch}-string-overflow.patch Patch32: %{pkgnamepatch}-basedir.patch Patch41: %{pkgnamepatch}-galera-new- cluster-help.patch **CVEs fix** CVE-2017-3313 CVE-2017-3308 CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464 **Testsuite** Enabled '--big-test' option for the testsuite Disabled '--skip-rpl' option for the testsuite = replication tests enabled **Warning** Some Spider tests started to fail, the engine can be probabbly unsafe now. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459671 - mariadb fails to start with tokudb; jemalloc not correctly enabled https://bugzilla.redhat.com/show_bug.cgi?id=1459671 [ 2 ] Bug #1414387 - CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 mariadb: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1414387 -------------------------------------------------------------------------------- ================================================================================ python-ansible-tower-cli-3.1.4-1.fc24 (FEDORA-2017-d93e5d6ad2) A CLI tool for Ansible Tower -------------------------------------------------------------------------------- Update Information: update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459724 - python-ansible-tower-cli-v3.1.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1459724 -------------------------------------------------------------------------------- ================================================================================ python-nbxmpp-0.5.6-1.fc24 (FEDORA-2017-acd12a2fb0) Python library for non-blocking use of Jabber/XMPP -------------------------------------------------------------------------------- Update Information: python-nbxmpp is an XMPP library used by Gajim. Changes in python-nbxmpp 0.5.6: * Support XEP-0198 (Stream Management) Version 1.5.2 * Add new XEP Namespaces -------------------------------------------------------------------------------- ================================================================================ python-tinydb-3.3.0-1.fc24 (FEDORA-2017-05ee001a79) TinyDB is a tiny, document oriented database -------------------------------------------------------------------------------- Update Information: Update to latest version ---- Update to version 3.2.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1444586 - python-tinydb-3.2.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1444586 -------------------------------------------------------------------------------- ================================================================================ sugar-calculator-44-1.fc24 (FEDORA-2017-14a6a94930) Calculator for Sugar -------------------------------------------------------------------------------- Update Information: Release v44. -------------------------------------------------------------------------------- ================================================================================ sugar-jukebox-33-1.fc24 (FEDORA-2017-0605392d3f) Media player activity for Sugar -------------------------------------------------------------------------------- Update Information: Release v33. -------------------------------------------------------------------------------- ================================================================================ sugar-log-38-1.fc24 (FEDORA-2017-0c6302a576) Log activity for Sugar -------------------------------------------------------------------------------- Update Information: Release v38. -------------------------------------------------------------------------------- ================================================================================ sugar-physics-32-1.fc24 (FEDORA-2017-3d0ac9ac7c) A physical world simulator and playground for Sugar -------------------------------------------------------------------------------- Update Information: Release v32. -------------------------------------------------------------------------------- ================================================================================ sugar-read-118-1.fc24 (FEDORA-2017-0048a64c08) A document reader for Sugar -------------------------------------------------------------------------------- Update Information: Release v118 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
