The following Fedora 24 Security updates need testing:
Age URL
120
https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24
103
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f
chicken-4.11.0-3.fc24
54
https://bodhi.fedoraproject.org/updates/FEDORA-2016-990e2012ea
compat-guile18-1.8.8-14.fc24
17
https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df
jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c198d15316
ntp-4.2.6p5-43.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2424eeca35
phpMyAdmin-4.6.5.1-2.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2460f713a1
php-php-gettext-1.0.12-1.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-302f840ecf
perl-DBD-MySQL-4.039-2.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c52762efb1
gstreamer-plugins-bad-free-0.10.23-33.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-30f68ec06b
mcabber-1.0.4-1.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-fad6fc78dd
golang-1.6.4-2.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-60753c3dcd
roundcubemail-1.2.3-1.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a98c560116
tomcat-8.0.39-1.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a3618d9ef6
python-tornado-4.4.2-1.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b000091725
php-simplesamlphp-saml2-2.3.3-1.fc24 php-simplesamlphp-saml2_1-1.10.3-1.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b465090499
ipsilon-2.0.2-2.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b4dd1db1e7 lxc-2.0.6-2.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5ec2475e3f
kernel-4.8.12-200.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b39fedec11
httpd-2.4.23-5.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e45a7e7b13 gd-2.2.3-5.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f4e992b0ac
gstreamer-plugins-good-0.10.31-17.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-4fff0cbc66
gstreamer1-plugins-base-1.8.3-2.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a17657197c
gstreamer-plugins-base-0.10.36-15.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
58
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00a05d7b9
pungi-4.1.10-1.fc24
20
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cddf0ec383
nss-3.27.0-1.3.fc24
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b0006447a5
colord-1.3.4-1.fc24
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-71f117dc02 pyxdg-0.25-10.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e9b731e067
libimobiledevice-1.2.0-8.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-77e191e610
evolution-data-server-3.20.6-1.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2016-41ce1a19af
libbluray-0.9.3-3.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-5ec2475e3f
kernel-4.8.12-200.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-90bd4d7d33
selinux-policy-3.13.1-191.23.fc24
The following builds have been pushed to Fedora 24 updates-testing
accumulo-1.6.6-12.fc24
cinnamon-3.2.2-2.fc24
clutter-gst3-3.0.22-1.fc24
copr-backend-1.95-1.fc24
copr-dist-git-0.23-1.fc24
copr-frontend-1.104-1.fc24
dmlite-0.8.5-1.fc24
easytag-2.4.3-1.fc24
fedfind-3.1.3-2.fc24
fedpkg-copr-0.10-1.fc24
ganglia-3.7.2-12.fc24
gap-pkg-gpd-1.45-1.fc24
gd-2.2.3-5.fc24
gnome-chemistry-utils-0.14.16-2.fc24
gstreamer-plugins-base-0.10.36-15.fc24
gstreamer-plugins-good-0.10.31-17.fc24
gstreamer1-plugins-base-1.8.3-2.fc24
httpd-2.4.23-5.fc24
itext-2.1.7-34.fc24
ledmon-0.80-1.fc24
libmediainfo-0.7.91-1.fc24
libzen-0.4.34-1.fc24
lilypond-2.19.52-1.fc24
lilypond-doc-2.19.52-1.fc24
mediainfo-0.7.91-1.fc24
mozilla-noscript-2.9.5.2-1.fc24
openqa-4.4-30.20161205git84716b1.fc24
ophcrack-3.6.1-1.fc24
orpie-1.5.2-4.fc24
os-autoinst-4.4-7.20161123gitdb6d2ef.fc24
owncloud-9.1.2-1.fc24
perl-Mail-JMAPTalk-0.06-1.fc24
perl-Mojolicious-Plugin-AssetPack-1.28-1.fc24
php-mongodb-1.0.4-1.fc24
puddletag-1.2.0-1.fc24
python-mwclient-0.8.3-1.fc24
python-nose-1.3.7-11.fc24
rubygem-occi-cli-4.3.5-1.fc24
selinux-policy-3.13.1-191.23.fc24
skopeo-0.1.17-1.dev.git2b3af4a.fc24
vdr-scraper2vdr-1.0.3-1.20161205gitc01f745.fc24
Details about builds:
================================================================================
accumulo-1.6.6-12.fc24 (FEDORA-2016-87d83cac01)
A software platform for processing vast amounts of data
--------------------------------------------------------------------------------
Update Information:
Fix for shell erroneously reading accumulo-site.xml when using -zh and -zi
parameters. ---- This update now makes the monitor sub-package available
(accumulo-monitor), deprecates a few utility scripts added by the maintainer
which don't exist in the upstream packaging, and adds a workaround for a jline
bug which prevents newline characters in the shell from printing correctly. It
also fixes a few class path bugs and vastly simplifies the default configuration
files. ---- This update now makes the monitor sub-package available (accumulo-
monitor), deprecates a few utility scripts added by the maintainer which don't
exist in the upstream packaging, and adds a workaround for a jline bug which
prevents newline characters in the shell from printing correctly.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1132725 - Monitor service sub-package not built with Accumulo
https://bugzilla.redhat.com/show_bug.cgi?id=1132725
--------------------------------------------------------------------------------
================================================================================
cinnamon-3.2.2-2.fc24 (FEDORA-2016-a9e4ca1381)
Window management and application launching for GNOME
--------------------------------------------------------------------------------
Update Information:
- Change default settings for two and three finger click, disabling them enables
clickpad button areas to function (for libinput).
--------------------------------------------------------------------------------
================================================================================
clutter-gst3-3.0.22-1.fc24 (FEDORA-2016-c2ca3957fc)
GStreamer integration library for Clutter
--------------------------------------------------------------------------------
Update Information:
clutter-gst 3.0.22 release. For details, see
https://mail.gnome.org/archives
/ftp-release-list/2016-December/msg00009.html
--------------------------------------------------------------------------------
================================================================================
copr-backend-1.95-1.fc24 (FEDORA-2016-b5e57a860c)
Backend for Copr
--------------------------------------------------------------------------------
Update Information:
- use buildroot_pkgs substitution type according to job.chroot - use timeout
command to respect timeout param coming from frontend - don't ship unitfiles in
%%bindir - move createrepo to the end of the rawhide_to_release handler -
modulemd 1.0.2 compatibility - Bug 1397119 - Error reading SSH protocol banner -
added auto-prune project's option - Bug 1086139 - [RFE] provide UI to cancel a
build - Fix misleading debug statement - fix exception logging in
ensure_dir_exists helper - Fix chroot_setup_cmd regex for custom chroot ---- -
fix NameError: global name 'result' is not defined - fix exception logging -
Modularity support - Bug 1357564 - RFE: allow downloading of mock profiles
(reproducible builds) - "safer" exception handling for actions - also provide
default version and release for generated modules.json ---- - wrap feedback
about actions to frontend into try-except - log even the traceback from forking
- use makedirs instead of mkpath in fork action - if anything bad happens, log
exception in generate_gpg_key action - also restart copr-backend-vmm and copr-
backend-log when (re)installing - Bug 1361344 - RFE: Allow denial of build
deletion and resubmitting at project or group level - catch errors in fork
action - set action result for comps.xml and module_md.yaml file deletion -
backend fork action now takes care of new gpg-key generation instead of frontend
- removed no longer supported --api-version=0.8 arg from appstream-builder
command line - specify module_md as module type - fix saving comps.xml and
module_md.yaml into empty copr (with no build) - module_md.yaml is added to
repodata now similarly to appstream.xml - support for generation of module dist
tags - module_md.yaml uploading for a chroot - simplified build and action task
workflow - use copy of the mock (chroot) config, not the original in /etc/mock/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397119 - Error reading SSH protocol banner
https://bugzilla.redhat.com/show_bug.cgi?id=1397119
[ 2 ] Bug #1086139 - [RFE] provide UI to cancel a build
https://bugzilla.redhat.com/show_bug.cgi?id=1086139
[ 3 ] Bug #1399094 - copr-backend contains systemd unit files under /usr/bin
https://bugzilla.redhat.com/show_bug.cgi?id=1399094
--------------------------------------------------------------------------------
================================================================================
copr-dist-git-0.23-1.fc24 (FEDORA-2016-8d317577a7)
Copr services for Dist Git server
--------------------------------------------------------------------------------
Update Information:
- use other than epel chroot for scm building - use newest mock - run mock-scm
inside of docker - add README information about how docker image is built -
stripped down impl of building from dist-git - fixed unittests - refactor VM.run
method - remove exited containers - add possibility to run dist-git in single
thread - refactor lookaside my_upload slightly - Bug 1377780 - Multiple failed
tasks with: Importing SRPM into Dist Git failed.
--------------------------------------------------------------------------------
================================================================================
copr-frontend-1.104-1.fc24 (FEDORA-2016-2dc796f330)
Frontend for Copr
--------------------------------------------------------------------------------
Update Information:
- set default build timeout to 18 hours - allow hiding "quick enable" helper -
login should not be required for viewing modules - (cli) inform user about build
links - create backend_rawhide_to_release command - adding chroot repos
implemented - group_add: make group in breadcrumb menu clickable - create
status/order functions by 'create_db' - modularize design files - spec: allow
'rpmbuild --without check' - use "Suggests" tag only in Fedora - add api
method
for translating module NVR to DNF repo url - promptly generate mock profiles -
added auto-prune project's option - Bug 1393361 - get_project_details returns
incorrect yum_repos - Bug 1086139 - [RFE] provide UI to cancel a build - group
support for modules - modularity 1.0.2 support - create proper module table - by
pagure fedmsgs induced auto-rebuilds - Bug 1384923 - Ignore push events to other
branches when one is selected - stripped down impl of building from dist-git -
fix unit tests - Bug 1377854 - provide functional URL when asking to renew token
- Bug 1382243 - Multiple rows were found for one() - add link to all BZs to
footer - Bug 1335168 - Delete build(s) from CLI - Bug 1380810 - [RFE] Show
original repo when forking - Bug 1368458 - Resubmit does not work on forked
projects. - FAS groups need re-login, inform user - Bug 1381790 - rename Rawhide
to F26 in Copr and create F27 when Fedora branches instead - use 'debug' level
for krb debug message - fix krb auth for services - fork only successful builds
- check user permissions when building module - implement methods for querying
multiple modules - Bug 1361641 - Status in build table shows wrong values - show
html code for build badge - speed up querying for recent builds - modularity UI
improvements - do not fork created_on from previous project - fix Bug 1376703 -
Cannot cancel build and now explain
--------------------------------------------------------------------------------
================================================================================
dmlite-0.8.5-1.fc24 (FEDORA-2016-e1d9dd5487)
Lcgdm grid data management and storage framework
--------------------------------------------------------------------------------
Update Information:
* new upstream release ---- * new upstrem release ---- * new upstream
release ---- * new upstream release ---- * bug fixes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1384305 - dnf upgrade produces error msgs
https://bugzilla.redhat.com/show_bug.cgi?id=1384305
--------------------------------------------------------------------------------
================================================================================
easytag-2.4.3-1.fc24 (FEDORA-2016-6b97a8b7b5)
Tag editor for MP3, Ogg, FLAC and other music files
--------------------------------------------------------------------------------
Update Information:
Update to 2.4.3 * Fix two crashes in the dialog to load filenames from a file *
Avoid a crash when adding an image and no files are selected * Avoid a crash
when saving ID3v2.4 tags and no audio is present * Fix a crash when applying
CDDB results * Fix saving of ID3v1 genres when also using ID3v2.4 * Fix Ogg tag
writing on Windows * Ensure that a selected path in the browser is shown in the
path list * Open the online version of the help if Yelp is not available * Fix
handling of MP4 files with empty tag fields * Fix the artist/album toolbar icon
* Eckhard M. J��ger���s Adwaita-style artist/album icons * Add support for MP4
files with the .aac file extension * Anders Jonsson���s Swedish translation update
* Bal��zs ��r���s Hungarian translation update * Charles Monzat���s French translation
update * C��dric Valmary���s Occitan translation * Walter Cheuk���s Chinese (Taiwan)
translation update * Jobava���s Romanian translation update * Jordi Mas���s Catalan
translation updates * Piotr Dr��g���s Polish translation updates * Rafael
Fontanelle���s Brazilian Portuguese translation update * Tiago Santos��� Portuguese
translation update * Daniel Mustieles��� and M��nica Canizo���s Spanish translation
updates * gogo���s Croation translation
--------------------------------------------------------------------------------
================================================================================
fedfind-3.1.3-2.fc24 (FEDORA-2016-02e08ebdda)
Fedora Finder finds Fedora
--------------------------------------------------------------------------------
Update Information:
fedfind 3.1 changes how fedfind handles metadata for composes which were
originally created by Pungi 4 and had real metadata, but were then modified in
some ways and had their metadata removed. This includes milestone and stable
releases for Fedora 24 and later: when these are placed in their 'final'
locations on the mirrors, some contents are split into different locations and
some deliverables are removed. Previously, fedfind would simply synthesize
metadata for these composes, as it does for pre-Pungi 4 composes. Now, it first
attempts to find the original metadata (from
[
PDC](https://pdc.fedoraproject.org/)) and adjust it for the modified image
locations, while preserving all the other image attributes from the original
metadata (including ones it could not synthesize). It will only fall back to
synthesizing the metadata if it cannot find corresponding metadata from PDC. The
practical result of this is that you should get more reliable and complete
metadata for these composes.
--------------------------------------------------------------------------------
================================================================================
fedpkg-copr-0.10-1.fc24 (FEDORA-2016-7cce295511)
Fedpkg modified to work with copr dist git
--------------------------------------------------------------------------------
Update Information:
- Bug 1393460 - Copr chokes on %%mageia conditional in spec files for rebuilding
SRPM - Add Mageia branches to the regex ---- New package to interact with
copr-dist-git
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1378341 - Review Request: fedpkg-copr - copr dist-git client
https://bugzilla.redhat.com/show_bug.cgi?id=1378341
--------------------------------------------------------------------------------
================================================================================
ganglia-3.7.2-12.fc24 (FEDORA-2016-b5a19c84f6)
Distributed Monitoring System
--------------------------------------------------------------------------------
Update Information:
Fixes a problem with processing of sflow data.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400932 - Gmond crashes when processing sflow data
https://bugzilla.redhat.com/show_bug.cgi?id=1400932
--------------------------------------------------------------------------------
================================================================================
gap-pkg-gpd-1.45-1.fc24 (FEDORA-2016-1658f3793b)
Groupoids, group graphs, and groupoid graphs
--------------------------------------------------------------------------------
Update Information:
Changes in version 1.45: - (02/11/16) improved RestrictedMappingGroupoids -
(01/11/16) added IsomorphismStandardGroupoid to gpdhom.g{d,i};
GroupoidAutomorphismByRayImages->GroupoidAutomorphismByRayShifts;
SinglePieceGroupoidByGenerators->SinglePiceSubgroupoidByGenerators;
improved RestrictedMappingGroupoids - (18/10/16) now using bibliography file
bib.xml of type "bibxmlext.dtd" - (12/10/16) changed package releases to https
://gap-packages.github.io/gpd - (03/10/16) ImagesOfRays renamed
ImageElementsOfRays - (28/04/16) replaced Image(hom,x) with ImageElm(hom,x)
throughout - (28/04/16) moved AutomorphismGroup methods to
AutomorphismGroupOfGroupoid - (27/04/16) added EmbeddingsInNiceObject -
(14/04/16) converted cases of \in to new InAutomorphismGroupOfGroupoid
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401775 - gap-pkg-gpd-v1.45 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1401775
--------------------------------------------------------------------------------
================================================================================
gd-2.2.3-5.fc24 (FEDORA-2016-e45a7e7b13)
A graphics library for quick creation of PNG or JPEG images
--------------------------------------------------------------------------------
Update Information:
- Security fix for CVE-2016-8670 - Security fix for CVE-2016-6911 - Security fix
for CVE-2016-7568 - For Fedora 26 disabled two tests - they are failing because
of freetype 2.7 (
https://github.com/libgd/libgd/issues/302,
https://github.com/libgd/libgd/issues/217)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1380450 - CVE-2016-7568 gd, php: Integer overflow in gdImageWebpCtx
https://bugzilla.redhat.com/show_bug.cgi?id=1380450
[ 2 ] Bug #1388787 - CVE-2016-6911 gd, php: Missing check for OOB read in
dynamicGetbuf()
https://bugzilla.redhat.com/show_bug.cgi?id=1388787
[ 3 ] Bug #1391068 - CVE-2016-8670 gd, php: Stack based buffer overflow in
dynamicGetbuf
https://bugzilla.redhat.com/show_bug.cgi?id=1391068
--------------------------------------------------------------------------------
================================================================================
gnome-chemistry-utils-0.14.16-2.fc24 (FEDORA-2016-420f41594c)
A set of chemical utilities
--------------------------------------------------------------------------------
Update Information:
This update fixes missing icon for gchemtable
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1402039 - Error in .desktop file
https://bugzilla.redhat.com/show_bug.cgi?id=1402039
--------------------------------------------------------------------------------
================================================================================
gstreamer-plugins-base-0.10.36-15.fc24 (FEDORA-2016-a17657197c)
GStreamer streaming media framework base plug-ins
--------------------------------------------------------------------------------
Update Information:
typefind: bounds check windows ico detection
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401949 - CVE-2016-9811 gstreamer-plugins-base: gstreamer: Out of bounds heap
read in windows_icon_typefind [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1401949
--------------------------------------------------------------------------------
================================================================================
gstreamer-plugins-good-0.10.31-17.fc24 (FEDORA-2016-f4e992b0ac)
GStreamer plug-ins with good code and licensing
--------------------------------------------------------------------------------
Update Information:
Disable insecure FLX plugin (rhbz#1397441)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397441 - CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808
gstreamer-plugins-good: Heap buffer overflow in FLIC decoder
https://bugzilla.redhat.com/show_bug.cgi?id=1397441
--------------------------------------------------------------------------------
================================================================================
gstreamer1-plugins-base-1.8.3-2.fc24 (FEDORA-2016-4fff0cbc66)
GStreamer streaming media framework base plugins
--------------------------------------------------------------------------------
Update Information:
Fix for Out of bounds heap read in windows_icon_typefind
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401950 - CVE-2016-9811 gstreamer1-plugins-base: gstreamer: Out of bounds
heap read in windows_icon_typefind [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1401950
--------------------------------------------------------------------------------
================================================================================
httpd-2.4.23-5.fc24 (FEDORA-2016-b39fedec11)
Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2016-8740
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401528 - CVE-2016-8740 httpd: Incomplete handling of LimitRequestFields
directive in mod_http2
https://bugzilla.redhat.com/show_bug.cgi?id=1401528
--------------------------------------------------------------------------------
================================================================================
itext-2.1.7-34.fc24 (FEDORA-2016-64ca2ac172)
A Free Java-PDF library
--------------------------------------------------------------------------------
Update Information:
fix itext-rups wrapper
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401566 - itext-rups fails to start
https://bugzilla.redhat.com/show_bug.cgi?id=1401566
--------------------------------------------------------------------------------
================================================================================
ledmon-0.80-1.fc24 (FEDORA-2016-793e69a15a)
Enclosure LED Utilities
--------------------------------------------------------------------------------
Update Information:
Update to 0.80 (#1401924)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401924 - ledmon-0.80 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1401924
--------------------------------------------------------------------------------
================================================================================
libmediainfo-0.7.91-1.fc24 (FEDORA-2016-a6ed2e8e95)
Library for supplies technical and tag information about a video or audio file
--------------------------------------------------------------------------------
Update Information:
Update to last version.
--------------------------------------------------------------------------------
================================================================================
libzen-0.4.34-1.fc24 (FEDORA-2016-a6ed2e8e95)
Shared library for libmediainfo and medianfo*
--------------------------------------------------------------------------------
Update Information:
Update to last version.
--------------------------------------------------------------------------------
================================================================================
lilypond-2.19.52-1.fc24 (FEDORA-2016-66a113946d)
A typesetting system for music notation
--------------------------------------------------------------------------------
Update Information:
2.19.52
--------------------------------------------------------------------------------
================================================================================
lilypond-doc-2.19.52-1.fc24 (FEDORA-2016-66a113946d)
HTML documentation for LilyPond
--------------------------------------------------------------------------------
Update Information:
2.19.52
--------------------------------------------------------------------------------
================================================================================
mediainfo-0.7.91-1.fc24 (FEDORA-2016-a6ed2e8e95)
Supplies technical and tag information about a video or audio file (CLI)
--------------------------------------------------------------------------------
Update Information:
Update to last version.
--------------------------------------------------------------------------------
================================================================================
mozilla-noscript-2.9.5.2-1.fc24 (FEDORA-2016-f73aaf2036)
JavaScript white list extension for Mozilla Firefox
--------------------------------------------------------------------------------
Update Information:
* Fixed Stylish editor breakage (thanks JustAnotherGuy for reporting * Fixed
media blocking delayed with Tor Browser's "Medium" Security Sider preset *
Fixed
frame blocking issues * Fixed top-level media loads issues * Fixed apparent
delay in menu UI feedback (thanks mechadon for reporting) * Fixed some XSS
filter over-sensitivity regressions * Fixed "Allow local links" causing file://
URLs to fail * [Locale] Updated nl (thanks Ton)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400191 - mozilla-noscript-2.9.5.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1400191
--------------------------------------------------------------------------------
================================================================================
openqa-4.4-30.20161205git84716b1.fc24 (FEDORA-2016-18596ca7d1)
OS-level automated testing framework
--------------------------------------------------------------------------------
Update Information:
This update provides new git snapshots of openQA and os-autoinst, with various
enhancements and bug fixes from upstream. It also provides an updated version of
the Mojolicious AssetPack plugin, as the code for generating the asset cache
seems to have changed slightly between 1.17 and 1.28 so a cache pre-built with
1.28 will not work for a package build done with 1.17, and vice versa. To keep
this simple and avoid needing different versions of the pre-built cache tarball
for different Fedora releases, we'll just keep the AssetPack version the same
across F24, F25 and F26. openQA is the only package that uses the AssetPack
plugin.
--------------------------------------------------------------------------------
================================================================================
ophcrack-3.6.1-1.fc24 (FEDORA-2016-c78a8371a7)
Free Windows password cracker based on rainbow tables
--------------------------------------------------------------------------------
Update Information:
- Rebuilt for new upstream release 3.6.1, fixes rhbz #1365143
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1365143 - ophcrack-3.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1365143
--------------------------------------------------------------------------------
================================================================================
orpie-1.5.2-4.fc24 (FEDORA-2016-77150df4f2)
A full-screen console-based RPN calculator application
--------------------------------------------------------------------------------
Update Information:
This is a new package of Orpie, a console based RPN scientific calculator.
--------------------------------------------------------------------------------
================================================================================
os-autoinst-4.4-7.20161123gitdb6d2ef.fc24 (FEDORA-2016-18596ca7d1)
OS-level test automation
--------------------------------------------------------------------------------
Update Information:
This update provides new git snapshots of openQA and os-autoinst, with various
enhancements and bug fixes from upstream. It also provides an updated version of
the Mojolicious AssetPack plugin, as the code for generating the asset cache
seems to have changed slightly between 1.17 and 1.28 so a cache pre-built with
1.28 will not work for a package build done with 1.17, and vice versa. To keep
this simple and avoid needing different versions of the pre-built cache tarball
for different Fedora releases, we'll just keep the AssetPack version the same
across F24, F25 and F26. openQA is the only package that uses the AssetPack
plugin.
--------------------------------------------------------------------------------
================================================================================
owncloud-9.1.2-1.fc24 (FEDORA-2016-c695777597)
Private file sync and share server
--------------------------------------------------------------------------------
Update Information:
New release 9.1.2
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1393164 - owncloud-9.1.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1393164
--------------------------------------------------------------------------------
================================================================================
perl-Mail-JMAPTalk-0.06-1.fc24 (FEDORA-2016-ab2416ecdb)
Perl client for JMAP protocol
--------------------------------------------------------------------------------
Update Information:
This release adds support for downloading. ---- This release adds support for
upload and debugging.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401923 - perl-Mail-JMAPTalk-0.06 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1401923
[ 2 ] Bug #1400185 - perl-Mail-JMAPTalk-0.04 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1400185
--------------------------------------------------------------------------------
================================================================================
perl-Mojolicious-Plugin-AssetPack-1.28-1.fc24 (FEDORA-2016-18596ca7d1)
Compress and convert CSS, Less, Sass, JavaScript and CoffeeScript files
--------------------------------------------------------------------------------
Update Information:
This update provides new git snapshots of openQA and os-autoinst, with various
enhancements and bug fixes from upstream. It also provides an updated version of
the Mojolicious AssetPack plugin, as the code for generating the asset cache
seems to have changed slightly between 1.17 and 1.28 so a cache pre-built with
1.28 will not work for a package build done with 1.17, and vice versa. To keep
this simple and avoid needing different versions of the pre-built cache tarball
for different Fedora releases, we'll just keep the AssetPack version the same
across F24, F25 and F26. openQA is the only package that uses the AssetPack
plugin.
--------------------------------------------------------------------------------
================================================================================
php-mongodb-1.0.4-1.fc24 (FEDORA-2016-3638bc6c79)
MongoDB driver library
--------------------------------------------------------------------------------
Update Information:
**Version 1.0.4** * [
PHPLIB-228](https://jira.mongodb.org/browse/PHPLIB-228) -
ReadConcern default should only be set when supported by the server
--------------------------------------------------------------------------------
================================================================================
puddletag-1.2.0-1.fc24 (FEDORA-2016-301c3e3a85)
Feature rich, easy to use tag editor
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream release puddletag 1.2.0.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400221 - puddletag-1.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1400221
--------------------------------------------------------------------------------
================================================================================
python-mwclient-0.8.3-1.fc24 (FEDORA-2016-c861fee0fd)
Mwclient is a client to the MediaWiki API
--------------------------------------------------------------------------------
Update Information:
This update provides the latest upstream release of mwclient, with various
bugfixes and improvements. It should be fully backward compatible with previous
0.8 releases, but Python 2.6 support has been dropped upstream, so no EPEL 6
build is provided.
--------------------------------------------------------------------------------
================================================================================
python-nose-1.3.7-11.fc24 (FEDORA-2016-1d54dafa42)
Discovery-based unit test extension for Python
--------------------------------------------------------------------------------
Update Information:
Provide nosetests-3 (#1289820).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1289820 - [PATCH] Please add /usr/bin/nosetests-3
https://bugzilla.redhat.com/show_bug.cgi?id=1289820
--------------------------------------------------------------------------------
================================================================================
rubygem-occi-cli-4.3.5-1.fc24 (FEDORA-2016-0c2222d39d)
Executable OCCI client
--------------------------------------------------------------------------------
Update Information:
New feature: waiting for active during creating a resource
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397616 - rubygem-occi-cli-v4.3.5 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1397616
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.13.1-191.23.fc24 (FEDORA-2016-90bd4d7d33)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
More info:
http://koji.fedoraproject.org/koji/buildinfo?buildID=822888
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1374051 - SELinux is preventing iw from 'write' accesses on the file
/run/tlp/lock_tlp.
https://bugzilla.redhat.com/show_bug.cgi?id=1374051
[ 2 ] Bug #1374187 - SELinux is preventing /usr/lib/systemd/systemd-journald from
'sys_ptrace' accesses on the cap_userns Unknown.
https://bugzilla.redhat.com/show_bug.cgi?id=1374187
[ 3 ] Bug #1392464 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1392464
[ 4 ] Bug #1393774 - systemd can't create dev-log socket
https://bugzilla.redhat.com/show_bug.cgi?id=1393774
[ 5 ] Bug #1395053 - SELinux is preventing pmsignal from using the 'signal'
accesses on a process.
https://bugzilla.redhat.com/show_bug.cgi?id=1395053
[ 6 ] Bug #1396757 - SELinux is preventing systemd from 'read' accesses on the
file LoaderTimeInitUSec-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f.
https://bugzilla.redhat.com/show_bug.cgi?id=1396757
[ 7 ] Bug #1399081 - SELinux is preventing df from 'getattr' accesses on the
file /run/docker/netns/a154e3251d7c.
https://bugzilla.redhat.com/show_bug.cgi?id=1399081
--------------------------------------------------------------------------------
================================================================================
skopeo-0.1.17-1.dev.git2b3af4a.fc24 (FEDORA-2016-6f281a722a)
Inspect Docker images and repositories on registries
--------------------------------------------------------------------------------
Update Information:
bump to 0.1.17-dev
--------------------------------------------------------------------------------
================================================================================
vdr-scraper2vdr-1.0.3-1.20161205gitc01f745.fc24 (FEDORA-2016-8c2e0f90e5)
A client plugin which provides scraped metadata from EPGD to other plugins
--------------------------------------------------------------------------------
Update Information:
Update to vdr-scraper2vdr-1.0.3-1.20161205gitc01f745
--------------------------------------------------------------------------------