The following Fedora 24 Security updates need testing:
Age URL
148
https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24
132
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f
chicken-4.11.0-3.fc24
83
https://bodhi.fedoraproject.org/updates/FEDORA-2016-990e2012ea
compat-guile18-1.8.8-14.fc24
46
https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df
jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24
19
https://bodhi.fedoraproject.org/updates/FEDORA-2016-a1f774c3d7
FlightGear-2016.1.2-5.fc24
15
https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08
squid-3.5.23-1.fc24
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0b6ee25a07
php-PHPMailer-5.2.21-1.fc24
5
https://bodhi.fedoraproject.org/updates/FEDORA-2016-c6ae9b6cf8 sway-0.11-4.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-76d9809fd4
w3m-0.5.3-27.git20161120.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-b65e546846
php-swiftmailer-5.4.5-1.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1a7e14d084
libpng10-1.0.67-1.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0eb1d4ad19
mingw-libpng-1.6.27-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7af4c910c2
thunderbird-45.6.0-2.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8311440c55
pcsc-lite-1.8.20-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d0a537062c samba-4.4.9-0.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
48
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cddf0ec383
nss-3.27.0-1.3.fc24
28
https://bodhi.fedoraproject.org/updates/FEDORA-2016-90bd4d7d33
selinux-policy-3.13.1-191.23.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-1979eafeae
libgweather-3.20.4-1.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6c9a495a48
elfutils-0.168-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d0a537062c samba-4.4.9-0.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7af4c910c2
thunderbird-45.6.0-2.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-562277cfd8 vim-8.0.142-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-67fddcb6a4
hwdata-0.296-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8b3063d71c
redhat-rpm-config-42-2.fc24
The following builds have been pushed to Fedora 24 updates-testing
ebtree-6.0.8-4.fc24
gambas3-3.9.2-1.fc24
genius-1.0.22-2.fc24
lensfun-0.3.2-7.fc24
libsigrokdecode-0.4.1-1.fc24
lilypond-2.19.54-1.fc24
lilypond-doc-2.19.54-1.fc24
lirc-0.9.4c-7.fc24
mod_perl-2.0.10-2.fc24
nodejs-int64-buffer-0.1.9-1.fc24
ocid-0-0.7.git2e6070f.fc24
pcsc-lite-1.8.20-1.fc24
petsc-3.7.5-1.fc24
ptrash-1.1-1.fc24
python-cvss-1.6-2.fc24
rpcbind-0.2.3-14.rc2.fc24
rpmgrill-0.29-1.fc24
samba-4.4.9-0.fc24
thunderbird-45.6.0-2.fc24
vdr-epg-daemon-1.1.73-1.fc24
Details about builds:
================================================================================
ebtree-6.0.8-4.fc24 (FEDORA-2017-2ed27ba719)
Elastic binary tree library
--------------------------------------------------------------------------------
Update Information:
New package ebtree ebtree is a binary search tree specially optimized to very
frequently store, retrieve and delete discrete integer or binary data without
having to deal with memory allocation. ebtree is normally distributed as part of
another package, like haproxy. This package offers a shared library of ebtree
for common usage. Homepage:
http://1wt.eu/articles/ebtree/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1371158 - Review Request: ebtree - Elastic binary tree library
https://bugzilla.redhat.com/show_bug.cgi?id=1371158
--------------------------------------------------------------------------------
================================================================================
gambas3-3.9.2-1.fc24 (FEDORA-2017-3b0eec0a05)
IDE based on a basic interpreter with object extensions
--------------------------------------------------------------------------------
Update Information:
Update to 3.9.2. Full changelog here:
http://gambaswiki.org/wiki/doc/release/3.9.2
--------------------------------------------------------------------------------
================================================================================
genius-1.0.22-2.fc24 (FEDORA-2017-6aecfbf7e7)
An arbitrary precision integer and multiple precision floatingpoint calculator
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.22. Move gtksourceview files into gnome-genius subpackage.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401890 - packaging bug (genius package contains files that should be in
gnome-genius)
https://bugzilla.redhat.com/show_bug.cgi?id=1401890
[ 2 ] Bug #1314842 - update 1.0.21
https://bugzilla.redhat.com/show_bug.cgi?id=1314842
--------------------------------------------------------------------------------
================================================================================
lensfun-0.3.2-7.fc24 (FEDORA-2017-ff76e0527d)
Library to rectify defects introduced by photographic lenses
--------------------------------------------------------------------------------
Update Information:
Adds python3-lensfun dependency to lensfun-tools.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409893 - lensfun-tools package should depend on python3-lensfun
https://bugzilla.redhat.com/show_bug.cgi?id=1409893
--------------------------------------------------------------------------------
================================================================================
libsigrokdecode-0.4.1-1.fc24 (FEDORA-2017-4e80ba53f3)
Basic API for running protocol decoders
--------------------------------------------------------------------------------
Update Information:
- bug fix and enhancement release -
https://www.sigrok.org/blog/libsigrokdecode-041-released
--------------------------------------------------------------------------------
================================================================================
lilypond-2.19.54-1.fc24 (FEDORA-2017-a9249e70b9)
A typesetting system for music notation
--------------------------------------------------------------------------------
Update Information:
2.19.54
--------------------------------------------------------------------------------
================================================================================
lilypond-doc-2.19.54-1.fc24 (FEDORA-2017-a9249e70b9)
HTML documentation for LilyPond
--------------------------------------------------------------------------------
Update Information:
2.19.54
--------------------------------------------------------------------------------
================================================================================
lirc-0.9.4c-7.fc24 (FEDORA-2017-fcb87d3dc9)
The Linux Infrared Remote Control package
--------------------------------------------------------------------------------
Update Information:
Upstream fixes: - bad ircat --config handling, - lircd segfault on
SET_INPUTLOG package, - FTBS in client building against lirc (missing
config.h).
--------------------------------------------------------------------------------
================================================================================
mod_perl-2.0.10-2.fc24 (FEDORA-2017-b79ea2eb1d)
An embedded Perl interpreter for the Apache HTTP Server
--------------------------------------------------------------------------------
Update Information:
This release corrects tests to pass wirh httpd 2.4.25.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409610 - mod_perl-2.0.10-1.fc26 FTBFS: t/apache/read.t test fails
https://bugzilla.redhat.com/show_bug.cgi?id=1409610
--------------------------------------------------------------------------------
================================================================================
nodejs-int64-buffer-0.1.9-1.fc24 (FEDORA-2017-a4ef17a6bb)
64bit Long Integer on Buffer/Array/ArrayBuffer in Pure JavaScript
--------------------------------------------------------------------------------
Update Information:
64bit Long Integer on Buffer/Array/ArrayBuffer in Pure JavaScript
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397620 - Review Request: nodejs-int64-buffer - 64bit Long Integer on
Buffer/Array/ArrayBuffer in Pure JavaScript
https://bugzilla.redhat.com/show_bug.cgi?id=1397620
--------------------------------------------------------------------------------
================================================================================
ocid-0-0.7.git2e6070f.fc24 (FEDORA-2017-b9d15b70db)
OCI-based implementation of Kubernetes Container Runtime Interface
--------------------------------------------------------------------------------
Update Information:
Switch locate to /var/lib/containers for images ---- Resolves: #1392977 -
first upload to Fedora
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1392977 - Review Request: ocid - OCI-based implementation of Kubernetes
Container Runtime Interface
https://bugzilla.redhat.com/show_bug.cgi?id=1392977
--------------------------------------------------------------------------------
================================================================================
pcsc-lite-1.8.20-1.fc24 (FEDORA-2017-8311440c55)
PC/SC Lite smart card framework and applications
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1410074 - CVE-2016-10109 pcsc-lite: Use-after-free of cardsList due to
SCardReleaseContext invocations
https://bugzilla.redhat.com/show_bug.cgi?id=1410074
--------------------------------------------------------------------------------
================================================================================
petsc-3.7.5-1.fc24 (FEDORA-2017-2f38ea265d)
Portable Extensible Toolkit for Scientific Computation
--------------------------------------------------------------------------------
Update Information:
- Update to 3.7.5
--------------------------------------------------------------------------------
================================================================================
ptrash-1.1-1.fc24 (FEDORA-2017-a551b1a275)
Move file(s) to $XDG_DATA_HOME/Trash directory
--------------------------------------------------------------------------------
Update Information:
- New release v1.1 - Support xdg base directory and Trash specification so that
ptrash(1) is compatible with the desktop Trash.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1154282 - [rfe] support xdg base dir
https://bugzilla.redhat.com/show_bug.cgi?id=1154282
[ 2 ] Bug #1397674 - update 1.0.1
https://bugzilla.redhat.com/show_bug.cgi?id=1397674
--------------------------------------------------------------------------------
================================================================================
python-cvss-1.6-2.fc24 (FEDORA-2017-a8d668c7b7)
CVSS2/3 library with interactive calculator
--------------------------------------------------------------------------------
Update Information:
- New release v1.6. - Fix to ensure cvss2 score is never negative.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1402174 - python-cvss-v1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1402174
--------------------------------------------------------------------------------
================================================================================
rpcbind-0.2.3-14.rc2.fc24 (FEDORA-2017-b1bd13d611)
Universal Addresses to RPC Program Number Mapper
--------------------------------------------------------------------------------
Update Information:
commit ee569be4d6189a68b38d2af162af00ff475b48e2 Fix boot dependency in
systemd service file
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401561 - rpcbind-0.2.3-12.rc2.fc24 fails to start at boot
https://bugzilla.redhat.com/show_bug.cgi?id=1401561
--------------------------------------------------------------------------------
================================================================================
rpmgrill-0.29-1.fc24 (FEDORA-2017-055deefcec)
A utility for catching problems in koji builds
--------------------------------------------------------------------------------
Update Information:
bz1199960: fixes missing entries for armv7hl, bz1202633: allow to specify
subtests
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1199960 - Arch 'armv7hl' not in my Is_64
https://bugzilla.redhat.com/show_bug.cgi?id=1199960
[ 2 ] Bug #1202633 - [RFE] Allow to specify which (sub-) tests to run in rpmgrill
https://bugzilla.redhat.com/show_bug.cgi?id=1202633
--------------------------------------------------------------------------------
================================================================================
samba-4.4.9-0.fc24 (FEDORA-2017-d0a537062c)
Server and Client software to interoperate with Windows machines
--------------------------------------------------------------------------------
Update Information:
Update to Samba 4.4.9 ---- Security fix for CVE-2016-2125, CVE-2016-2126
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403114 - CVE-2016-2125 samba: Unconditional privilege delegation to Kerberos
servers in trusted realms
https://bugzilla.redhat.com/show_bug.cgi?id=1403114
[ 2 ] Bug #1403115 - CVE-2016-2126 samba: Flaws in Kerberos PAC validation can trigger
privilege elevation
https://bugzilla.redhat.com/show_bug.cgi?id=1403115
--------------------------------------------------------------------------------
================================================================================
thunderbird-45.6.0-2.fc24 (FEDORA-2017-7af4c910c2)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
For changes see:
https://www.mozilla.org/en-US/thunderbird/45.6.0/releasenotes/
--------------------------------------------------------------------------------
================================================================================
vdr-epg-daemon-1.1.73-1.fc24 (FEDORA-2017-df6e84f2d3)
A daemon to download EPG data from internet and manage it in a mysql database
--------------------------------------------------------------------------------
Update Information:
Update to 1.1.73 ---- Update to 1.1.72
--------------------------------------------------------------------------------