The following Fedora 24 Security updates need testing: Age URL 206 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 199 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 161 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 98 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2 python-XStatic-jquery-ui-1.12.0.1-1.fc24 37 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5f1006afb1 libstaroffice-0.0.3-3.fc24 37 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1f4c48c68 nodejs-brace-expansion-1.1.7-1.fc24 28 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bbae64fdc2 libmwaw-0.3.11-3.fc24 23 https://bodhi.fedoraproject.org/updates/FEDORA-2017-4932c9b886 c-ares-1.13.0-1.fc24 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-37f68e3534 webkitgtk4-2.16.5-1.fc24 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56cf7067e7 irssi-1.0.3-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5ade380ab2 php-5.6.31-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bd6aa662fc knot-2.4.5-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-21c0e9b25b qt5-qtwebkit-5.212.0-0.5.alpha2.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-405453f285 groovy18-1.8.9-28.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-081fc9ad77 knot-resolver-1.3.1-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-61689edaf4 spice-0.12.8-3.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9b752904ed sqlite-3.13.0-2.fc24 1 https://bodhi.fedoraproject.org/updates/FEDORA-2017-06c1422db8 evince-3.20.1-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5ce9d89b82 kernel-4.11.10-100.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-93868169a0 mingw-poppler-0.41.0-3.fc24 The following Fedora 24 Critical Path updates have yet to be approved: Age URL 17 https://bodhi.fedoraproject.org/updates/FEDORA-2017-37f68e3534 webkitgtk4-2.16.5-1.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6c2a7b1453 thunderbird-52.2.1-1.fc24 13 https://bodhi.fedoraproject.org/updates/FEDORA-2017-af79986d5f libsoup-2.54.1-2.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bc6b0dec8a gnome-keyring-3.20.1-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2017-94b2c5e120 pcre-8.41-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9b752904ed sqlite-3.13.0-2.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5a6f49afbd mariadb-10.1.25-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-de05b989aa net-snmp-5.7.3-14.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5ce9d89b82 kernel-4.11.10-100.fc24 The following builds have been pushed to Fedora 24 updates-testing kernel-4.11.10-100.fc24 mingw-poppler-0.41.0-3.fc24 net-snmp-5.7.3-14.fc24 root-6.10.02-3.fc24 rtpproxy-2.0.0-6.fc24 salt-2017.7.0-1.fc24 sensible-utils-0.0.9-6.fc24 suricata-3.2.3-1.fc24 Details about builds: ================================================================================ kernel-4.11.10-100.fc24 (FEDORA-2017-5ce9d89b82) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.11.10 update contains a number of important fixes across the tree -------------------------------------------------------------------------------- References: [ 1 ] Bug #1468023 - CVE-2017-10810 Kernel: virtio-gpu: memory leakage while creating gpu object https://bugzilla.redhat.com/show_bug.cgi?id=1468023 -------------------------------------------------------------------------------- ================================================================================ mingw-poppler-0.41.0-3.fc24 (FEDORA-2017-93868169a0) MinGW Windows Poppler library -------------------------------------------------------------------------------- Update Information: This update fixes multiple security vulnerabilities (CVE-2017-7515, CVE-2017-9775, CVE-2017-9776, CVE-2017-9865). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1466442 - CVE-2017-9775 poppler: Stack-buffer overflow in GfxState.cc https://bugzilla.redhat.com/show_bug.cgi?id=1466442 [ 2 ] Bug #1466435 - CVE-2017-9865 poppler: Buffer over-read in the GfxImageColorMap::getGray function https://bugzilla.redhat.com/show_bug.cgi?id=1466435 [ 3 ] Bug #1459066 - CVE-2017-7515 poppler: Stack exhaustion due to infinite recursive call in pdfunite https://bugzilla.redhat.com/show_bug.cgi?id=1459066 [ 4 ] Bug #1466443 - CVE-2017-9776 poppler: Integer overflow in JBIG2Stream.cc https://bugzilla.redhat.com/show_bug.cgi?id=1466443 -------------------------------------------------------------------------------- ================================================================================ net-snmp-5.7.3-14.fc24 (FEDORA-2017-de05b989aa) A collection of SNMP protocol tools and libraries -------------------------------------------------------------------------------- Update Information: Fix issue with undefined symbol my_progname when try to load NetSNMP::TrapReceiver in perl script. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1470004 - undefined symbol my_progname in libnetsnmptrapd.so https://bugzilla.redhat.com/show_bug.cgi?id=1470004 -------------------------------------------------------------------------------- ================================================================================ root-6.10.02-3.fc24 (FEDORA-2017-6719bfe6ce) Numerical data analysis framework -------------------------------------------------------------------------------- Update Information: root 6.10.02 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1469093 - CMake config broken due to scoped targets https://bugzilla.redhat.com/show_bug.cgi?id=1469093 -------------------------------------------------------------------------------- ================================================================================ rtpproxy-2.0.0-6.fc24 (FEDORA-2017-fe48c116c3) A symmetric RTP proxy -------------------------------------------------------------------------------- Update Information: * Missing socket file added -------------------------------------------------------------------------------- References: [ 1 ] Bug #1470951 - rtpproxy package missed rtpproxy.socket file https://bugzilla.redhat.com/show_bug.cgi?id=1470951 -------------------------------------------------------------------------------- ================================================================================ salt-2017.7.0-1.fc24 (FEDORA-2017-07d5034bf5) A parallel remote execution system -------------------------------------------------------------------------------- Update Information: Update to feature release 2017.7.0 -------------------------------------------------------------------------------- ================================================================================ sensible-utils-0.0.9-6.fc24 (FEDORA-2017-003dabb204) Utilities for sensible alternative selection -------------------------------------------------------------------------------- Update Information: This update avoids the `which` help outputted when invoking sensible-editor when `EDITOR` is not set. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1467077 - sensible-editor calls 'which' without any parameters (prints use info of which) https://bugzilla.redhat.com/show_bug.cgi?id=1467077 -------------------------------------------------------------------------------- ================================================================================ suricata-3.2.3-1.fc24 (FEDORA-2017-4f826ade70) Intrusion Detection System -------------------------------------------------------------------------------- Update Information: Upstream bugfix update -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx
