The following Fedora 24 Security updates need testing: Age URL 203 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 197 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 159 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 95 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2 python-XStatic-jquery-ui-1.12.0.1-1.fc24 35 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5f1006afb1 libstaroffice-0.0.3-3.fc24 35 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1f4c48c68 nodejs-brace-expansion-1.1.7-1.fc24 25 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bbae64fdc2 libmwaw-0.3.11-3.fc24 21 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4932c9b886 c-ares-1.13.0-1.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-37f68e3534 webkitgtk4-2.16.5-1.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56cf7067e7 irssi-1.0.3-1.fc24 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3b70d0b976 libgcrypt-1.7.8-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f6361db8fd jabberd-2.6.1-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-fba331bb86 GraphicsMagick-1.3.26-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3db2a34403 cacti-1.1.12-2.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5ade380ab2 php-5.6.31-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bd6aa662fc knot-2.4.5-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-21c0e9b25b qt5-qtwebkit-5.212.0-0.5.alpha2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-405453f285 groovy18-1.8.9-28.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-081fc9ad77 knot-resolver-1.3.1-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-61689edaf4 spice-0.12.8-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9b752904ed sqlite-3.13.0-2.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-37f68e3534 webkitgtk4-2.16.5-1.fc24 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6c2a7b1453 thunderbird-52.2.1-1.fc24 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3b70d0b976 libgcrypt-1.7.8-1.fc24 12 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8100aed299 rsync-3.1.2-4.fc24 11 https://bodhi.fedoraproject.org/updates/FEDORA-2017-af79986d5f libsoup-2.54.1-2.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bc6b0dec8a gnome-keyring-3.20.1-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2017-94b2c5e120 pcre-8.41-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9b752904ed sqlite-3.13.0-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5a6f49afbd mariadb-10.1.25-1.fc24 The following builds have been pushed to Fedora 24 updates-testing fedrepo-req-0.1.9-1.fc24 gnome-pkg-tools-0.19.8-1.fc24 gnome-shell-extension-activities-configurator-57-1.fc24 httpd-2.4.27-2.fc24 mariadb-10.1.25-1.fc24 mod_http2-1.10.7-1.fc24 mosquitto-1.4.14-1.fc24 nrpe-3.1.1-6.fc24 perl-ExtUtils-MakeMaker-7.10-6.fc24 php-JMSParser-1.0.0-9.fc24 php-Metadata-1.6.0-1.fc24 php-PhpCollection-0.5.0-1.fc24 php-PhpOption-1.5.0-1.fc24 php-zendframework-zend-modulemanager-2.7.3-1.fc24 python-trezor-0.7.16-2.fc24 spice-0.12.8-3.fc24 sqlite-3.13.0-2.fc24 Details about builds: ================================================================================ fedrepo-req-0.1.9-1.fc24 (FEDORA-2017-2b2a87e5eb) CLI for Fedora package repo requests -------------------------------------------------------------------------------- Update Information: Initial release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469331 - Review Request: fedrepo-req - A CLI tool that provides an easy way to submit ticket requests for packaging tasks in Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1469331 -------------------------------------------------------------------------------- ================================================================================ gnome-pkg-tools-0.19.8-1.fc24 (FEDORA-2017-37ebdad65c) Tools for the Debian GNOME Packaging Team -------------------------------------------------------------------------------- Update Information: Update to version 0.19.8, see http://metadata.ftp- master.debian.org/changelogs/main/g/gnome-pkg-tools/gnome-pkg- tools_0.19.8_changelog for details. -------------------------------------------------------------------------------- ================================================================================ gnome-shell-extension-activities-configurator-57-1.fc24 (FEDORA-2017-25548a56d0) Configure the top bar and Activities button in GNOME Shell -------------------------------------------------------------------------------- Update Information: Bump to upstream version 57, which fixes a translation error. -------------------------------------------------------------------------------- ================================================================================ httpd-2.4.27-2.fc24 (FEDORA-2017-4871efb056) Apache HTTP Server -------------------------------------------------------------------------------- Update Information: File /etc/sysconfig/httpd is ghosted now ---- Version update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469959 - httpd update cleaned out /etc/sysconfig https://bugzilla.redhat.com/show_bug.cgi?id=1469959 [ 2 ] Bug #1469103 - httpd-2.4.27 is available https://bugzilla.redhat.com/show_bug.cgi?id=1469103 -------------------------------------------------------------------------------- ================================================================================ mariadb-10.1.25-1.fc24 (FEDORA-2017-5a6f49afbd) A community developed branch of MySQL -------------------------------------------------------------------------------- Update Information: Smaller update fixing few bugs: * CrackLib and GSSApi plugins disabled by default - rhbz#1468028, rhbz#1464070 * First build to include fix for rhbz#1455811 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1455811 - fix %global pidfiledir and other references to legacy /var/run https://bugzilla.redhat.com/show_bug.cgi?id=1455811 [ 2 ] Bug #1464070 - The default config is incompatible with mysqladmin password https://bugzilla.redhat.com/show_bug.cgi?id=1464070 [ 3 ] Bug #1468028 - auth_gssapi plugin should be disabled by default https://bugzilla.redhat.com/show_bug.cgi?id=1468028 -------------------------------------------------------------------------------- ================================================================================ mod_http2-1.10.7-1.fc24 (FEDORA-2017-0b25a72f68) module implementing HTTP/2 for Apache 2 -------------------------------------------------------------------------------- Update Information: Version update -------------------------------------------------------------------------------- ================================================================================ mosquitto-1.4.14-1.fc24 (FEDORA-2017-9b12a4397f) An Open Source MQTT v3.1/v3.1.1 Broker -------------------------------------------------------------------------------- Update Information: Update to new upstream version 1.4.14 -------------------------------------------------------------------------------- ================================================================================ nrpe-3.1.1-6.fc24 (FEDORA-2017-9d9d9c0909) Host/service/network monitoring agent for Nagios -------------------------------------------------------------------------------- Update Information: Put in fixes for 1204683,1318773,1467808,1467971,1469210 ---- Fix patch name. Silly human. Do a fedpkg srpm before build. ---- Fix bug due to /etc/nrpe.d/ includes was above other defined entries BZ# 1467971 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1204683 - check_ide_smart cannot be started by nrpe https://bugzilla.redhat.com/show_bug.cgi?id=1204683 [ 2 ] Bug #1318773 - nrpe.service sets User/Group, prevents normal .cfg user/group setting https://bugzilla.redhat.com/show_bug.cgi?id=1318773 [ 3 ] Bug #1467808 - Segfault when starting epel https://bugzilla.redhat.com/show_bug.cgi?id=1467808 [ 4 ] Bug #1467971 - Regression to Bug 963703 - nrpe.cfg sets config values after including user configuration https://bugzilla.redhat.com/show_bug.cgi?id=1467971 [ 5 ] Bug #1469210 - None https://bugzilla.redhat.com/show_bug.cgi?id=1469210 -------------------------------------------------------------------------------- ================================================================================ perl-ExtUtils-MakeMaker-7.10-6.fc24 (FEDORA-2017-a1eb19e612) Create a module Makefile -------------------------------------------------------------------------------- Update Information: This release fixes a test that started to fail due to bad order of setting permissions for a file and removing the file. -------------------------------------------------------------------------------- ================================================================================ php-JMSParser-1.0.0-9.fc24 (FEDORA-2017-b3ab847496) Library for writing recursive-descent parsers -------------------------------------------------------------------------------- Update Information: # php-JMSParser RPM-only release # php-Metadata ## 1.6.0 Adds PSR6 PsrCacheAdapter # php-PhpCollection ## 0.5.0 Among some fixes, this release adds an implementation for Set. # php-PhpOption ## 1.5.0 This polishes the API a bit, and adds convenience methods for common operations. -------------------------------------------------------------------------------- ================================================================================ php-Metadata-1.6.0-1.fc24 (FEDORA-2017-b3ab847496) Class/method/property metadata management in PHP -------------------------------------------------------------------------------- Update Information: # php-JMSParser RPM-only release # php-Metadata ## 1.6.0 Adds PSR6 PsrCacheAdapter # php-PhpCollection ## 0.5.0 Among some fixes, this release adds an implementation for Set. # php-PhpOption ## 1.5.0 This polishes the API a bit, and adds convenience methods for common operations. -------------------------------------------------------------------------------- ================================================================================ php-PhpCollection-0.5.0-1.fc24 (FEDORA-2017-b3ab847496) General purpose collection library for PHP -------------------------------------------------------------------------------- Update Information: # php-JMSParser RPM-only release # php-Metadata ## 1.6.0 Adds PSR6 PsrCacheAdapter # php-PhpCollection ## 0.5.0 Among some fixes, this release adds an implementation for Set. # php-PhpOption ## 1.5.0 This polishes the API a bit, and adds convenience methods for common operations. -------------------------------------------------------------------------------- ================================================================================ php-PhpOption-1.5.0-1.fc24 (FEDORA-2017-b3ab847496) Option type for PHP -------------------------------------------------------------------------------- Update Information: # php-JMSParser RPM-only release # php-Metadata ## 1.6.0 Adds PSR6 PsrCacheAdapter # php-PhpCollection ## 0.5.0 Among some fixes, this release adds an implementation for Set. # php-PhpOption ## 1.5.0 This polishes the API a bit, and adds convenience methods for common operations. -------------------------------------------------------------------------------- ================================================================================ php-zendframework-zend-modulemanager-2.7.3-1.fc24 (FEDORA-2017-61d9008984) Zend Framework ModuleManager component -------------------------------------------------------------------------------- Update Information: **Version 2.7.3** - 2017-07-11 - [#39](https://github.com/zendframework/zend- modulemanager/pull/39) and [#53](https://github.com/zendframework/zend- modulemanager/pull/53) prevent race conditions when writing cache files (merged configuration). - [#36](https://github.com/zendframework/zend- modulemanager/pull/36) removes a throw from `ServiceListener::onLoadModulesPost()` that was previously emitted when a named plugin manager did not have an associated service present yet. Doing so allows plugin managers to be registered after configuration is fully merged, instead of requiring they be defined early. This change allows components to define their plugin managers via their `Module` classes. - [#58](https://github.com/zendframework/zend-modulemanager/pull/58) corrects the typehint for the `ServiceListener::$listeners` property. -------------------------------------------------------------------------------- ================================================================================ python-trezor-0.7.16-2.fc24 (FEDORA-2017-0d02675e6b) Python library for communicating with TREZOR Hardware Wallet -------------------------------------------------------------------------------- Update Information: Added patches for Fedora 24/25 to work with protobuffer2 -------------------------------------------------------------------------------- ================================================================================ spice-0.12.8-3.fc24 (FEDORA-2017-61689edaf4) Implements the SPICE protocol -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-7506 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1452606 - CVE-2017-7506 spice: Possible buffer overflow via invalid monitor configurations https://bugzilla.redhat.com/show_bug.cgi?id=1452606 -------------------------------------------------------------------------------- ================================================================================ sqlite-3.13.0-2.fc24 (FEDORA-2017-9b752904ed) Library that implements an embeddable SQL database engine -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-10989: Heap-buffer overflow in the getNodeSize function -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469672 - CVE-2017-10989 sqlite: Heap-buffer overflow in the getNodeSize function https://bugzilla.redhat.com/show_bug.cgi?id=1469672 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
