The following Fedora 24 Security updates need testing: Age URL 193 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 186 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 149 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 85 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2 python-XStatic-jquery-ui-1.12.0.1-1.fc24 24 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5f1006afb1 libstaroffice-0.0.3-3.fc24 24 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1f4c48c68 nodejs-brace-expansion-1.1.7-1.fc24 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bbae64fdc2 libmwaw-0.3.11-3.fc24 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-b8d76bef4e chromium-native_client-59.0.3071.86-1.20170607gitaac1de2.fc24 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4932c9b886 c-ares-1.13.0-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2cfb239358 libsndfile-1.0.28-3.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e0a9e51dd5 graphite2-1.3.10-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d191fb7fce zabbix-3.0.9-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5f8ebbd2b1 globus-xio-5.16-1.fc24 globus-net-manager-0.17-1.fc24 globus-gass-cache-program-6.7-1.fc24 globus-gass-copy-9.27-1.fc24 globus-gssapi-gsi-12.16-1.fc24 globus-gram-job-manager-14.36-1.fc24 globus-gridftp-server-12.2-1.fc24 globus-io-11.9-1.fc24 globus-xio-gsi-driver-3.11-1.fc24 globus-xio-pipe-driver-3.10-1.fc24 globus-xio-udt-driver-1.27-1.fc24 myproxy-6.1.28-1.fc24 globus-ftp-client-8.35-2.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e8a2017b3c drupal7-7.56-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-37f68e3534 webkitgtk4-2.16.5-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-299525e757 php-horde-Horde-Image-2.5.1-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b1f07acd9 flatpak-0.8.7-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-d26266eb32 libmtp-1.1.13-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-014d67fa9d libdb-5.3.28-24.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56cf7067e7 irssi-1.0.3-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-72f0c1ea9c systemd-229-22.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-cf9599a306 httpd-2.4.26-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-06d7ff5a5d pius-2.2.4-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3b70d0b976 libgcrypt-1.7.8-1.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-1206f87545 jetty-9.3.7-3.v20160115.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-001f135337 bind-dyndb-ldap-10.1-2.fc24 bind-9.10.5-2.P2.fc24 dnsperf-2.1.0.0-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-749f4c7d2a mosquitto-1.4.13-1.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 72 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e1905fd566 koji-1.12.0-2.fc24 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-07fed9b000 libteam-1.27-1.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ce8c7053eb audit-2.7.7-1.fc24 9 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2cfb239358 libsndfile-1.0.28-3.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e0a9e51dd5 graphite2-1.3.10-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-014d67fa9d libdb-5.3.28-24.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6b1f07acd9 flatpak-0.8.7-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3e62f0d34b perl-5.22.3-371.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-37f68e3534 webkitgtk4-2.16.5-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-72f0c1ea9c systemd-229-22.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6c2a7b1453 thunderbird-52.2.1-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3b70d0b976 libgcrypt-1.7.8-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8100aed299 rsync-3.1.2-4.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-af79986d5f libsoup-2.54.1-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-e8cb8fdad5 gsm-1.0.17-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4880e0f183 kernel-4.11.8-100.fc24 The following builds have been pushed to Fedora 24 updates-testing LuxRender-1.6-16.fc24 bind-9.10.5-2.P2.fc24 bind-dyndb-ldap-10.1-2.fc24 dnscrypt-proxy-gui-1.11.10-1.fc24 dnsperf-2.1.0.0-3.fc24 embree-2.16.4-1.fc24 flacon-3.0.0-1.fc24 gimagereader-3.2.3-1.fc24 groonga-7.0.4-1.fc24 kernel-4.11.8-100.fc24 libtaskotron-0.4.21-1.fc24 mosquitto-1.4.13-1.fc24 ndctl-57.1-1.fc24 radicale-1.1.2-2.fc24 rkhunter-1.4.4-1.fc24 sugar-measure-101-1.fc24 thermald-1.6-6.fc24 xplayer-1.4.3-1.fc24 Details about builds: ================================================================================ LuxRender-1.6-16.fc24 (FEDORA-2017-47d8ff904f) Lux Renderer, an unbiased rendering system -------------------------------------------------------------------------------- Update Information: Rebuild with embree 2.16.4. Release note ----------------- Bugfix in the ribbon intersector for hair primitives. Non-normalized rays caused wrong intersection distance to be reported. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459537 - embree-2.16.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1459537 [ 2 ] Bug #1434810 - embree-2.16.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1434810 [ 3 ] Bug #1466767 - embree-2.16.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1466767 -------------------------------------------------------------------------------- ================================================================================ bind-9.10.5-2.P2.fc24 (FEDORA-2017-001f135337) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information: Update back to ISC supported version. Security fix for CVE-2017-3143, CVE-2017-3142, CVE-2017-3140 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1466193 - CVE-2017-3143 bind: An error in TSIG authentication can permit unauthorized dynamic updates https://bugzilla.redhat.com/show_bug.cgi?id=1466193 [ 2 ] Bug #1461302 - CVE-2017-3140 bind: Error processing RPZ rules leads to endless loop while handling query https://bugzilla.redhat.com/show_bug.cgi?id=1461302 [ 3 ] Bug #1466189 - CVE-2017-3142 bind: An error in TSIG authentication can permit unauthorized zone transfers https://bugzilla.redhat.com/show_bug.cgi?id=1466189 -------------------------------------------------------------------------------- ================================================================================ bind-dyndb-ldap-10.1-2.fc24 (FEDORA-2017-001f135337) LDAP back-end plug-in for BIND -------------------------------------------------------------------------------- Update Information: Update back to ISC supported version. Security fix for CVE-2017-3143, CVE-2017-3142, CVE-2017-3140 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1466193 - CVE-2017-3143 bind: An error in TSIG authentication can permit unauthorized dynamic updates https://bugzilla.redhat.com/show_bug.cgi?id=1466193 [ 2 ] Bug #1461302 - CVE-2017-3140 bind: Error processing RPZ rules leads to endless loop while handling query https://bugzilla.redhat.com/show_bug.cgi?id=1461302 [ 3 ] Bug #1466189 - CVE-2017-3142 bind: An error in TSIG authentication can permit unauthorized zone transfers https://bugzilla.redhat.com/show_bug.cgi?id=1466189 -------------------------------------------------------------------------------- ================================================================================ dnscrypt-proxy-gui-1.11.10-1.fc24 (FEDORA-2017-26208f109e) GUI wrapper for dnscrypt-proxy -------------------------------------------------------------------------------- Update Information: enhancements; -------------------------------------------------------------------------------- References: [ 1 ] Bug #1464281 - dnscrypt-proxy-gui-1.11.10 is available https://bugzilla.redhat.com/show_bug.cgi?id=1464281 -------------------------------------------------------------------------------- ================================================================================ dnsperf-2.1.0.0-3.fc24 (FEDORA-2017-001f135337) Benchmarking authorative and recursing DNS servers -------------------------------------------------------------------------------- Update Information: Update back to ISC supported version. Security fix for CVE-2017-3143, CVE-2017-3142, CVE-2017-3140 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1466193 - CVE-2017-3143 bind: An error in TSIG authentication can permit unauthorized dynamic updates https://bugzilla.redhat.com/show_bug.cgi?id=1466193 [ 2 ] Bug #1461302 - CVE-2017-3140 bind: Error processing RPZ rules leads to endless loop while handling query https://bugzilla.redhat.com/show_bug.cgi?id=1461302 [ 3 ] Bug #1466189 - CVE-2017-3142 bind: An error in TSIG authentication can permit unauthorized zone transfers https://bugzilla.redhat.com/show_bug.cgi?id=1466189 -------------------------------------------------------------------------------- ================================================================================ embree-2.16.4-1.fc24 (FEDORA-2017-47d8ff904f) Collection of high-performance ray tracing kernels developed at Intel -------------------------------------------------------------------------------- Update Information: Rebuild with embree 2.16.4. Release note ----------------- Bugfix in the ribbon intersector for hair primitives. Non-normalized rays caused wrong intersection distance to be reported. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459537 - embree-2.16.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1459537 [ 2 ] Bug #1434810 - embree-2.16.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1434810 [ 3 ] Bug #1466767 - embree-2.16.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1466767 -------------------------------------------------------------------------------- ================================================================================ flacon-3.0.0-1.fc24 (FEDORA-2017-d9e3f2bd59) Audio File Encoder -------------------------------------------------------------------------------- Update Information: new version 3.0.0 -------------------------------------------------------------------------------- ================================================================================ gimagereader-3.2.3-1.fc24 (FEDORA-2017-376d4d6edd) A front-end to tesseract-ocr -------------------------------------------------------------------------------- Update Information: Update to version 3.2.3, see https://github.com/manisandro/gImageReader/releases/tag/v3.2.3 for details. ---- Update to version 3.2.2, see https://github.com/manisandro/gImageReader/releases/tag/v3.2.2 for details. -------------------------------------------------------------------------------- ================================================================================ groonga-7.0.4-1.fc24 (FEDORA-2017-7dcd948299) An Embeddable Fulltext Search Engine -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1446598 - None https://bugzilla.redhat.com/show_bug.cgi?id=1446598 -------------------------------------------------------------------------------- ================================================================================ kernel-4.11.8-100.fc24 (FEDORA-2017-4880e0f183) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.11.8 update contains a number of important fixes across the tree ---- The 4.11.7 update contains a number of important fixes across the tree -------------------------------------------------------------------------------- References: [ 1 ] Bug #1459676 - Regression: Deleting iptables rules stopped working https://bugzilla.redhat.com/show_bug.cgi?id=1459676 [ 2 ] Bug #1464709 - 8250_pci driver is no longer built-in in 4.11.x causing serial console not to be activated https://bugzilla.redhat.com/show_bug.cgi?id=1464709 -------------------------------------------------------------------------------- ================================================================================ libtaskotron-0.4.21-1.fc24 (FEDORA-2017-238d89b478) Taskotron Support Library -------------------------------------------------------------------------------- Update Information: - documentation improvements - DNF_REPO item type removed - default task artifact now points to artifacts root dir instead of task log - fix rpm deps handling via dnf on Fedora 26 (but only support package names and filepaths as deps in task formulas) -------------------------------------------------------------------------------- ================================================================================ mosquitto-1.4.13-1.fc24 (FEDORA-2017-749f4c7d2a) An Open Source MQTT v3.1/v3.1.1 Broker -------------------------------------------------------------------------------- Update Information: Fix CVE-2017-9868 (rhbz#1464946) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1464946 - CVE-2017-9868 mosquitto: World-readable persistence file possibly leaking sensitive information https://bugzilla.redhat.com/show_bug.cgi?id=1464946 -------------------------------------------------------------------------------- ================================================================================ ndctl-57.1-1.fc24 (FEDORA-2017-ea64c253a0) Manage "libnvdimm" subsystem devices (Non-volatile Memory) -------------------------------------------------------------------------------- Update Information: Release v57.1 -------------------------------------------------------------------------------- ================================================================================ radicale-1.1.2-2.fc24 (FEDORA-2017-16c46d40be) A simple CalDAV (calendar) and CardDAV (contact) server -------------------------------------------------------------------------------- Update Information: Remove PrivateDevices=true (RHBZ#1452328) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1452328 - SELinux prevents from start radicale.service https://bugzilla.redhat.com/show_bug.cgi?id=1452328 -------------------------------------------------------------------------------- ================================================================================ rkhunter-1.4.4-1.fc24 (FEDORA-2017-5b1d389235) A host-based tool to scan for rootkits, backdoors and local exploits -------------------------------------------------------------------------------- Update Information: New upstream release with various fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1284403 - Logger is not being used correctly in /usr/bin/rkhunter https://bugzilla.redhat.com/show_bug.cgi?id=1284403 [ 2 ] Bug #1466318 - rkhunter-1.4.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1466318 -------------------------------------------------------------------------------- ================================================================================ sugar-measure-101-1.fc24 (FEDORA-2017-fe702fa8b8) Measure for Sugar -------------------------------------------------------------------------------- Update Information: Release version 101 -------------------------------------------------------------------------------- ================================================================================ thermald-1.6-6.fc24 (FEDORA-2017-5d33d2e777) Thermal Management daemon -------------------------------------------------------------------------------- Update Information: * Replace fix for rhbz#1464548 from upstream commit * Add upstream patch to fix README * Add upstreamed patch to silence compiler warnings ---- * Add upstream patch to fix ThermalMonitor * Add several fixes from upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1464548 - [abrt] thermald-monitor: ThermaldInterface::getLowestValidTripTempForZone(): ThermalMonitor killed by signal 11 https://bugzilla.redhat.com/show_bug.cgi?id=1464548 -------------------------------------------------------------------------------- ================================================================================ xplayer-1.4.3-1.fc24 (FEDORA-2017-4b6513628c) A generic Media Player -------------------------------------------------------------------------------- Update Information: * New upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1467001 - xplayer-1.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1467001 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
