The following Fedora 24 Security updates need testing: Age URL 219 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24 212 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24 175 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba runc-1.0.0-5.rc2.gitc91b5be.fc24 111 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2 python-XStatic-jquery-ui-1.12.0.1-1.fc24 50 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5f1006afb1 libstaroffice-0.0.3-3.fc24 50 https://bodhi.fedoraproject.org/updates/FEDORA-2017-a1f4c48c68 nodejs-brace-expansion-1.1.7-1.fc24 41 https://bodhi.fedoraproject.org/updates/FEDORA-2017-bbae64fdc2 libmwaw-0.3.11-3.fc24 30 https://bodhi.fedoraproject.org/updates/FEDORA-2017-56cf7067e7 irssi-1.0.3-1.fc24 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-21c0e9b25b qt5-qtwebkit-5.212.0-0.5.alpha2.fc24 15 https://bodhi.fedoraproject.org/updates/FEDORA-2017-405453f285 groovy18-1.8.9-28.fc24 14 https://bodhi.fedoraproject.org/updates/FEDORA-2017-06c1422db8 evince-3.20.1-3.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0b8c45ebf7 mingw-librsvg2-2.40.18-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-60410804eb moodle-3.1.7-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-8df9efed5f jackson-databind-2.6.3-3.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9d572cc64a webkitgtk4-2.16.6-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a827cf42a community-mysql-5.7.19-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-2b7c896551 rt-4.2.13-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-873ab0f17d java-1.8.0-openjdk-aarch32-1.8.0.141-1.170721.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-81851d3d15 nasm-2.12-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-5b199bf121 qt5-qtwebengine-5.6.3-0.2.20170712gitee719ad313e564.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-f16ba664e7 ruby-2.3.3-62.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-0bc23764e7 php-PHPMailer-5.2.24-1.fc24
The following Fedora 24 Critical Path updates have yet to be approved: Age URL 27 https://bodhi.fedoraproject.org/updates/FEDORA-2017-6c2a7b1453 thunderbird-52.2.1-1.fc24 10 https://bodhi.fedoraproject.org/updates/FEDORA-2017-c7a7826a49 perl-5.22.4-372.fc24 7 https://bodhi.fedoraproject.org/updates/FEDORA-2017-28275fd181 libdrm-2.4.82-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2017-ea3b1c1767 gnupg-1.4.22-1.fc24 2 https://bodhi.fedoraproject.org/updates/FEDORA-2017-9d572cc64a webkitgtk4-2.16.6-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-00b19afd38 net-snmp-5.7.3-15.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2017-3692a58167 sssd-1.15.3-1.fc24
The following builds have been pushed to Fedora 24 updates-testing
casync-2-1.fc24 gnome-valgrind-session-1.1-14.fc24 mimedefang-2.80-1.fc24 php-PHPMailer-5.2.24-1.fc24 qt5-qtwebengine-5.6.3-0.2.20170712gitee719ad313e564.fc24 ruby-2.3.3-62.fc24 rubygem-rdoc-4.2.2-3.fc24
Details about builds:
================================================================================ casync-2-1.fc24 (FEDORA-2017-92b961dc42) Content Addressable Data Synchronizer -------------------------------------------------------------------------------- Update Information:
Latest version: sftp support, selinux attributes, btrfs subvolume information, new man page, various fixes. No need to reboot or log out. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1475299 - casync-v2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1475299 --------------------------------------------------------------------------------
================================================================================ gnome-valgrind-session-1.1-14.fc24 (FEDORA-2017-8e5d529299) Run an entire GNOME session under valgrind -------------------------------------------------------------------------------- Update Information:
Don't blow up on modern machines! -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1376444 - valgrind breaks due to option "--alignment=8" https://bugzilla.redhat.com/show_bug.cgi?id=1376444 --------------------------------------------------------------------------------
================================================================================ mimedefang-2.80-1.fc24 (FEDORA-2017-80d493ca59) E-Mail filtering framework using Sendmail's Milter interface -------------------------------------------------------------------------------- Update Information:
MIMEDefang 2.80 =============== * md-mx-ctrl: Add newline to mimedefang- multiplexor output that lacks a newline * mimedefang-util: Properly substitute @PERL@ at configure time * mimedefang-multiplexor.c: Move variable declarations to start of compound statement to avoid problems with older C compilers * mimedefang.pl: Add an extra level of subdirectories in the quarantine to avoid 32K subdirectory limit on ext3; idea by Kevin McGrail * Note incompatibility: Quarantine subdirectory naming changed * mimedefang.c: Fix bug that caused Queue-ID not to show up when using MIMEDefang with Postfix (thanks to Kris Deugau) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1474551 - mimedefang-2.80 is available https://bugzilla.redhat.com/show_bug.cgi?id=1474551 --------------------------------------------------------------------------------
================================================================================ php-PHPMailer-5.2.24-1.fc24 (FEDORA-2017-0bc23764e7) PHP email transport class with a lot of features -------------------------------------------------------------------------------- Update Information:
Update to 5.2.24: fixes XSS vulnerability CVE-2017-11503. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1474418 - CVE-2017-11503 php-PHPMailer: phpmailer: XSS in code_generator.php [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1474418 --------------------------------------------------------------------------------
================================================================================ qt5-qtwebengine-5.6.3-0.2.20170712gitee719ad313e564.fc24 (FEDORA-2017-5b199bf121) Qt5 - QtWebEngine components -------------------------------------------------------------------------------- Update Information:
This update adds security fixes for CVE-2017-5052 and CVE-2017-5054, backported to Chromium 49 / QtWebEngine 5.6 by the Qt developers. --------------------------------------------------------------------------------
================================================================================ ruby-2.3.3-62.fc24 (FEDORA-2017-f16ba664e7) An interpreter of object-oriented scripting language -------------------------------------------------------------------------------- Update Information:
Fix IV Reuse in GCM Mode. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1381526 - CVE-2016-7798 ruby: IV Reuse in GCM Mode https://bugzilla.redhat.com/show_bug.cgi?id=1381526 --------------------------------------------------------------------------------
================================================================================ rubygem-rdoc-4.2.2-3.fc24 (FEDORA-2017-f1a98f12f3) RDoc produces HTML and command-line documentation for Ruby projects -------------------------------------------------------------------------------- Update Information:
Fix the RI path. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1458131 - RI can't find Array#new docs https://bugzilla.redhat.com/show_bug.cgi?id=1458131 --------------------------------------------------------------------------------