The following Fedora 24 Security updates need testing: Age URL 57 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 41 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f chicken-4.11.0-3.fc24 13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89060100d7 mongodb-3.2.8-2.fc24 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a64716084e irssi-0.8.20-2.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7f193a0c59 php-ZendFramework-1.12.20-1.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5706eeb875 python-django-1.9.10-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-861b8c46b7 nodejs-4.6.0-5.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c23a8ce9e5 mingw-openjpeg2-2.1.2-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c75bdc394a zathura-pdf-mupdf-0.3.0-2.fc24 mujs-0-5.20160921git5c337af.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-328754be1c libdwarf-20160929-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1cc00cde2d c-ares-1.12.0-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a7f9e86df7 mingw-c-ares-1.12.0-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e1d4972701 nsd-4.1.13-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-870236238e perl-DBD-MySQL-4.037-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d61c4f72da chromium-53.0.2785.143-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-98768233b8 python-pillow-3.2.0-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-96045ad97b ghostscript-9.16-5.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d07987265b freeimage-3.17.0-7.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4529e034ca mingw-freeimage-3.17.0-4.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-294e0ed595 python-pillow-3.2.0-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ae6d4b4c33 ca-certificates-2016.2.10-1.0.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4c407cd849 xen-4.6.3-6.fc24
The following Fedora 24 Critical Path updates have yet to be approved: Age URL 7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-229e5b4143 lorax-24.21-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2bf9743359 pungi-4.1.9-2.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a300f36043 perl-Scalar-List-Utils-1.46-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-faf2598d0c systemd-229-16.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ae6d4b4c33 ca-certificates-2016.2.10-1.0.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c7eb9bc37d kernel-4.7.6-200.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-85db98bcfd ModemManager-1.6.2-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8e8d7885fe libdrm-2.4.71-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-639b10779f hwdata-0.293-1.fc24 The following builds have been pushed to Fedora 24 updates-testing ModemManager-1.6.2-1.fc24 ca-certificates-2016.2.10-1.0.fc24 freeimage-3.17.0-7.fc24 frescobaldi-2.19.0-3.fc24 gomtree-0-0.2.git8c6b32c.fc24 kernel-4.7.6-200.fc24 libdrm-2.4.71-1.fc24 mingw-freeimage-3.17.0-4.fc24 notmuch-0.23-1.fc24 perl-CPANPLUS-0.91.60-2.fc24 perl-MCE-Shared-1.805-3.fc24 python-pillow-3.2.0-3.fc24 qt5ct-0.27-1.fc24 strace-4.14-1.fc24 sway-0.10-0.1.rc2.fc24 systemd-229-16.fc24 tzdata-2016g-1.fc24 vdr-vnsiserver-1.5.1-1.fc24 wlc-0.0.6-1.fc24 wxGTK3-3.0.2-25.fc24 xcowsay-1.4-1.fc24 xen-4.6.3-6.fc24 Details about builds: ================================================================================ ModemManager-1.6.2-1.fc24 (FEDORA-2016-85db98bcfd) Mobile broadband modem management service -------------------------------------------------------------------------------- Update Information: Update to 1.6.2. -------------------------------------------------------------------------------- ================================================================================ ca-certificates-2016.2.10-1.0.fc24 (FEDORA-2016-ae6d4b4c33) The Mozilla CA root certificate bundle -------------------------------------------------------------------------------- Update Information: This is an update to the Mozilla CA certificates list version 2.10, which has been published as part of Mozilla NSS 3.27. For additional details, please refer to the NSS 3.27 release notes: https://developer.mozilla.org/en- US/docs/Mozilla/Projects/NSS/NSS_3.27_release_notes As in previous versions of the ca-certificates package, the CA list has been modified to keep several legacy CAs still trusted for compatibility reasons. Please refer to https://fedoraproject.org/wiki/CA-Certificates for details. If you prefer to use the unchanged list provided by Mozilla, and if you accept any compatibility issues it may cause, an administrator may configure the system by executing the "ca-legacy disable" command. Please refer to the manual page of the ca-legacy command for additional details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380067 - nss-3.27 is available https://bugzilla.redhat.com/show_bug.cgi?id=1380067 -------------------------------------------------------------------------------- ================================================================================ freeimage-3.17.0-7.fc24 (FEDORA-2016-d07987265b) Multi-format image decoder library -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-5684 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1381517 - CVE-2016-5684 freeimage: XMP Image Handling Code Execution Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1381517 -------------------------------------------------------------------------------- ================================================================================ frescobaldi-2.19.0-3.fc24 (FEDORA-2016-2e411ffd2a) Edit LilyPond sheet music with ease! -------------------------------------------------------------------------------- Update Information: Require PyQt4-webkit -------------------------------------------------------------------------------- ================================================================================ gomtree-0-0.2.git8c6b32c.fc24 (FEDORA-2016-3f4edf70de) Go CLI tool for mtree support -------------------------------------------------------------------------------- Update Information: Resolves: #1380420 - import into Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380420 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380420 -------------------------------------------------------------------------------- ================================================================================ kernel-4.7.6-200.fc24 (FEDORA-2016-c7eb9bc37d) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.7.6 update contains a number of important fixes across the tree -------------------------------------------------------------------------------- ================================================================================ libdrm-2.4.71-1.fc24 (FEDORA-2016-8e8d7885fe) Direct Rendering Manager runtime library -------------------------------------------------------------------------------- Update Information: Update to 2.4.71 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1381543 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381543 -------------------------------------------------------------------------------- ================================================================================ mingw-freeimage-3.17.0-4.fc24 (FEDORA-2016-4529e034ca) MinGW Windows freeimage library -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-5684 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1381517 - CVE-2016-5684 freeimage: XMP Image Handling Code Execution Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1381517 -------------------------------------------------------------------------------- ================================================================================ notmuch-0.23-1.fc24 (FEDORA-2016-53402157e6) System for indexing, searching, and tagging email -------------------------------------------------------------------------------- Update Information: Latest upstream ---- Latest upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1381546 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381546 [ 2 ] Bug #1330998 - None https://bugzilla.redhat.com/show_bug.cgi?id=1330998 -------------------------------------------------------------------------------- ================================================================================ perl-CPANPLUS-0.91.60-2.fc24 (FEDORA-2016-3f8cb9aae9) Ameliorated interface to the Comprehensive Perl Archive Network -------------------------------------------------------------------------------- Update Information: This release corrects a typo in cpan2dist manual. It also fixes a test that failed if Cwd module version contained an underscore. -------------------------------------------------------------------------------- ================================================================================ perl-MCE-Shared-1.805-3.fc24 (FEDORA-2016-3411eea4a3) MCE extension for sharing data, supporting threads and processes -------------------------------------------------------------------------------- Update Information: This is the first Fedora/EPEL release of MCE::Shared. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1378028 - None https://bugzilla.redhat.com/show_bug.cgi?id=1378028 -------------------------------------------------------------------------------- ================================================================================ python-pillow-3.2.0-3.fc24 (FEDORA-2016-294e0ed595) Python image processing library -------------------------------------------------------------------------------- Update Information: This update backports an overflow fix. -------------------------------------------------------------------------------- ================================================================================ qt5ct-0.27-1.fc24 (FEDORA-2016-a130d27d5c) Qt5 Configuration Tool -------------------------------------------------------------------------------- Update Information: New version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1378068 - None https://bugzilla.redhat.com/show_bug.cgi?id=1378068 -------------------------------------------------------------------------------- ================================================================================ strace-4.14-1.fc24 (FEDORA-2016-6560d89b7b) Tracks and displays system calls associated with a running process -------------------------------------------------------------------------------- Update Information: v4.13 -> v4.14: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1377846 - None https://bugzilla.redhat.com/show_bug.cgi?id=1377846 -------------------------------------------------------------------------------- ================================================================================ sway-0.10-0.1.rc2.fc24 (FEDORA-2016-73badaad47) i3-compatible window manager for Wayland -------------------------------------------------------------------------------- Update Information: rc2 ---- pre-release update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380075 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380075 -------------------------------------------------------------------------------- ================================================================================ systemd-229-16.fc24 (FEDORA-2016-faf2598d0c) A System and Service Manager -------------------------------------------------------------------------------- Update Information: Fixes for three bugs listed. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1378974 - None https://bugzilla.redhat.com/show_bug.cgi?id=1378974 [ 2 ] Bug #1371596 - None https://bugzilla.redhat.com/show_bug.cgi?id=1371596 [ 3 ] Bug #1357990 - None https://bugzilla.redhat.com/show_bug.cgi?id=1357990 -------------------------------------------------------------------------------- ================================================================================ tzdata-2016g-1.fc24 (FEDORA-2016-0a6ef6df3c) Timezone data -------------------------------------------------------------------------------- Update Information: Rebase to 2016g - Turkey permanently switches from +02 to +03 as of 2016-09-07, - Per IERS Bulletin C 52, leap second to be added on 2016-09-31 at 23:59:60. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380219 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380219 -------------------------------------------------------------------------------- ================================================================================ vdr-vnsiserver-1.5.1-1.fc24 (FEDORA-2016-3a40dccb60) VDR plugin to handle Kodi clients via VNSI -------------------------------------------------------------------------------- Update Information: Update to v1.5.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380047 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380047 -------------------------------------------------------------------------------- ================================================================================ wlc-0.0.6-1.fc24 (FEDORA-2016-73badaad47) Wayland compositor library -------------------------------------------------------------------------------- Update Information: rc2 ---- pre-release update -------------------------------------------------------------------------------- References: [ 1 ] Bug #1380075 - None https://bugzilla.redhat.com/show_bug.cgi?id=1380075 -------------------------------------------------------------------------------- ================================================================================ wxGTK3-3.0.2-25.fc24 (FEDORA-2016-733a201e01) GTK port of the wxWidgets GUI library -------------------------------------------------------------------------------- Update Information: Fixes problems with files containing percent signs or non-ASCII characters. ---- Fixes crash in wxGCDC::DrawEllipticArc() -------------------------------------------------------------------------------- References: [ 1 ] Bug #1381767 - None https://bugzilla.redhat.com/show_bug.cgi?id=1381767 -------------------------------------------------------------------------------- ================================================================================ xcowsay-1.4-1.fc24 (FEDORA-2016-994c79024e) Displays a cute cow and message on your desktop -------------------------------------------------------------------------------- Update Information: 1.4 -------------------------------------------------------------------------------- ================================================================================ xen-4.6.3-6.fc24 (FEDORA-2016-4c407cd849) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: qemu-kvm: Directory traversal flaw in 9p virtio backend [CVE-2016-7116] qemu: hw: net: Heap overflow in xlnx.xps-ethernetlite [CVE-2016-7161] CR0.TS and CR0.EM not always honored for x86 HVM guest [XSA-190, CVE-2016-7777] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1346349 - CVE-2016-7116 Qemu: 9p: directory traversal flaw in 9p virtio backend https://bugzilla.redhat.com/show_bug.cgi?id=1346349 [ 2 ] Bug #1379297 - CVE-2016-7161 qemu: hw: net: Heap overflow in xlnx.xps-ethernetlite https://bugzilla.redhat.com/show_bug.cgi?id=1379297 [ 3 ] Bug #1377789 - CVE-2016-7777 xsa190 xen: CR0.TS and CR0.EM not always honored for x86 HVM guests (XSA-190) https://bugzilla.redhat.com/show_bug.cgi?id=1377789 -------------------------------------------------------------------------------- _______________________________________________ test mailing list -- test@lists.fedoraproject.org To unsubscribe send an email to test-le...@lists.fedoraproject.org
