The following Fedora 24 Security updates need testing:
Age URL
138 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24
121 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f chicken-4.11.0-3.fc24
73 https://bodhi.fedoraproject.org/updates/FEDORA-2016-990e2012ea compat-guile18-1.8.8-14.fc24
35 https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24
19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b465090499 ipsilon-2.0.2-2.fc24
9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a1f774c3d7 FlightGear-2016.1.2-5.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-04383482b4 game-music-emu-0.6.1-1.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-608be17784 python-wikitcms-2.1.10-1.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-631737a49a tracker-1.8.2-1.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d337166907 freeipa-4.3.2-4.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8586235698 nagios-plugins-2.1.4-2.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c7e60a9fd4 community-mysql-5.7.17-1.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3b7f39a8c1 openjpeg2-2.1.2-3.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-52a1b18397 mingw-openjpeg2-2.1.2-3.fc24
4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-09dc3efcd2 samba-4.4.8-0.fc24
4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08 squid-3.5.23-1.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-76b646637e tor-0.2.8.12-1.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-06e8a3f776 js-jquery1-1.12.4-2.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8516b7d6fb js-jquery-2.2.4-1.fc24
2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1185de6aa6 php-zendframework-zend-mail-2.7.2-1.fc24
2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-54a717d5d6 zookeeper-3.4.9-1.fc24
1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-bc02bff7f5 xen-4.6.4-5.fc24
1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5c3d057783 libbsd-0.8.3-1.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-86d2b5aefb curl-7.47.1-10.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-55f912fcdc seamonkey-2.46-1.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
38 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cddf0ec383 nss-3.27.0-1.3.fc24
18 https://bodhi.fedoraproject.org/updates/FEDORA-2016-90bd4d7d33 selinux-policy-3.13.1-191.23.fc24
12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d4be615424 libfm-1.2.5-1.fc24 lxsession-0.5.3-2.fc24 pcmanfm-1.2.5-1.fc24
9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d2820fc67d libvorbis-1.3.5-1.fc24
9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-700f16d3f3 gnome-online-accounts-3.20.5-1.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-0281ab71ff vim-8.0.134-2.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab5b9ae96b audit-2.7-1.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8b3063d71c meson-0.36.0-4.fc24 redhat-rpm-config-42-2.fc24
4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-09dc3efcd2 samba-4.4.8-0.fc24
4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-85dffa754f perl-5.22.2-365.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f5c57e05b6 openssl-1.0.2j-3.fc24
1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b938403605 gcc-6.3.1-1.fc24 libtool-2.4.6-13.fc24 gcc-python-plugin-0.15-8.1.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-86d2b5aefb curl-7.47.1-10.fc24
The following builds have been pushed to Fedora 24 updates-testing
cinnamon-3.2.7-1.fc24
cinnamon-screensaver-3.2.12-1.fc24
composer-1.3.0-1.fc24
curl-7.47.1-10.fc24
frepple-3.1-1.fc24
java-1.8.0-openjdk-aarch32-1.8.0.112-1.161109.fc24
kf5-libktorrent-2.0.1-5.fc24
lirc-0.9.4c-6.fc24
mate-session-manager-1.16.0-2.fc24
nfs-ganesha-2.4.1-2.fc24
odb-2.4.0-16.fc24
perl-B-Debug-1.24-1.fc24
php-akamai-open-edgegrid-auth-0.6.1-1.fc24
php-akamai-open-edgegrid-client-0.6.2-2.fc24
php-deepend-Mockery-0.9.7-1.fc24
php-react-promise-2.5.0-1.fc24
php-zendframework-zend-expressive-helpers-2.2.0-1.fc24
seamonkey-2.46-1.fc24
tuxguitar-1.4-1.fc24
wine-2.0-0.1.rc2.fc24
wine-mono-4.6.4-1.fc24
Details about builds:
================================================================================
cinnamon-3.2.7-1.fc24 (FEDORA-2016-6bebfa24d5)
Window management and application launching for GNOME
--------------------------------------------------------------------------------
Update Information:
- Update
--------------------------------------------------------------------------------
================================================================================
cinnamon-screensaver-3.2.12-1.fc24 (FEDORA-2016-6bebfa24d5)
Cinnamon Screensaver
--------------------------------------------------------------------------------
Update Information:
- Update
--------------------------------------------------------------------------------
================================================================================
composer-1.3.0-1.fc24 (FEDORA-2016-83d812ade8)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.3.0** - 2016-12-24 * Fixed handling of annotated git tags vs
lightweight tags leading to useless updates sometimes * Fixed ext-xdebug not
being require-able anymore due to automatic xdebug disabling * Fixed case
insensitivity of remove command **Version 1.3.0-RC** - 2016-12-11 * Added
workaround for xdebug performance impact by restarting PHP without xdebug
automatically in case it is enabled * Added `--minor-only` to the `outdated`
command to only show updates to minor versions and ignore new major versions *
Added `--apcu-autoloader` to the `update`/`install` commands and `--apcu` to
`dump-autoload` to enable an APCu-caching autoloader, which can be more
efficient than --classmap-authoritative if you attempt to autoload many classes
that do not exist, or if you can not use authoritative classmaps for some reason
* Added summary of operations to be executed before they run, and made execution
output more compact * Added `php-debug` and `php-zts` virtual platform
packages * Added `gitlab-token` auth config for GitLab private tokens *
Added `--strict` to the `outdated` command to return a non-zero exit code when
there are outdated packages * Added ability to call php scripts using the
current php interpreter (instead of finding php in PATH by default) in script
handlers via `@php ...` * Added `COMPOSER_ALLOW_XDEBUG` env var to circumvent
the xdebug-disabling behavior * Added `COMPOSER_MIRROR_PATH_REPOS` env var to
force mirroring of path repositories vs symlinking * Added `COMPOSER_DEV_MODE`
env var that is set by Composer to forward the dev mode to script handlers *
Fixed support for git 2.11 * Fixed output from zip and rar leaking out when an
error occured * Removed `hash` from composer.lock, only `content-hash` is now
used which should reduce conflicts * Minor fixes and performance improvements
--------------------------------------------------------------------------------
================================================================================
curl-7.47.1-10.fc24 (FEDORA-2016-86d2b5aefb)
A utility for getting files from remote servers (FTP, HTTP, and others)
--------------------------------------------------------------------------------
Update Information:
- fix floating point buffer overflow issues (CVE-2016-9586)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1406716 - CVE-2016-9586 curl: printf floating point buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1406716
--------------------------------------------------------------------------------
================================================================================
frepple-3.1-1.fc24 (FEDORA-2016-bc46764d7d)
Free Production PLanning
--------------------------------------------------------------------------------
Update Information:
New upstream release
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-aarch32-1.8.0.112-1.161109.fc24 (FEDORA-2016-c4b7b63beb)
OpenJDK Runtime Environment in a preview of the OpenJDK AArch32 project
--------------------------------------------------------------------------------
Update Information:
8u112 feature update, sync with mainline package
--------------------------------------------------------------------------------
================================================================================
kf5-libktorrent-2.0.1-5.fc24 (FEDORA-2016-1d2a0ef47f)
Library providing torrent downloading code
--------------------------------------------------------------------------------
Update Information:
KDE Framework providing torrent downloading code.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1386774 - Review Request: kf5-libktorrent - Library providing torrent downloading code
https://bugzilla.redhat.com/show_bug.cgi?id=1386774
--------------------------------------------------------------------------------
================================================================================
lirc-0.9.4c-6.fc24 (FEDORA-2016-dc3f1b4a61)
The Linux Infrared Remote Control package
--------------------------------------------------------------------------------
Update Information:
Fixes bug in parsing --listen option (#249) ---- Fix missing lircd-
setup.service file
--------------------------------------------------------------------------------
================================================================================
mate-session-manager-1.16.0-2.fc24 (FEDORA-2016-0ed144b91a)
MATE Desktop session manager
--------------------------------------------------------------------------------
Update Information:
fix resizing the startup applications preferences window
--------------------------------------------------------------------------------
================================================================================
nfs-ganesha-2.4.1-2.fc24 (FEDORA-2016-9b8e81133d)
NFS-Ganesha is a NFS Server running in user space
--------------------------------------------------------------------------------
Update Information:
nfs-ganesha 2.4.1 w/ glusterfs-3.8.6 upcall fix
--------------------------------------------------------------------------------
================================================================================
odb-2.4.0-16.fc24 (FEDORA-2016-23fb7e6072)
Object-relational mapping (ORM) system for C++
--------------------------------------------------------------------------------
Update Information:
Fix for [gcc 6](http://codesynthesis.com/pipermail/odb-
users/2016-December/003581.html)
--------------------------------------------------------------------------------
================================================================================
perl-B-Debug-1.24-1.fc24 (FEDORA-2016-02ca7e6d41)
Walk Perl syntax tree, print debug information about op-codes
--------------------------------------------------------------------------------
Update Information:
This release adapts tests to Perl 5.25.6. We deliver only to provide newer
version string.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1408456 - perl-B-Debug-1.24 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1408456
--------------------------------------------------------------------------------
================================================================================
php-akamai-open-edgegrid-auth-0.6.1-1.fc24 (FEDORA-2016-09fde30d7a)
Implements the Akamai {OPEN} EdgeGrid Authentication
--------------------------------------------------------------------------------
Update Information:
### 0.6.1 [17 Dec, 2016] * Fix PHP 7.1 compatibility (@remicollet)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405779 - php-akamai-open-edgegrid-auth-0.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1405779
--------------------------------------------------------------------------------
================================================================================
php-akamai-open-edgegrid-client-0.6.2-2.fc24 (FEDORA-2016-2dcbdd47db)
Implements the Akamai {OPEN} EdgeGrid Authentication
--------------------------------------------------------------------------------
Update Information:
### 0.6.2 [17 Dec, 2016] * Update to akamai-open/edgegrid-auth 0.6.1 (PHP 7.1
compatibility)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405781 - php-akamai-open-edgegrid-client-0.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1405781
--------------------------------------------------------------------------------
================================================================================
php-deepend-Mockery-0.9.7-1.fc24 (FEDORA-2016-dd95eda64c)
Mockery is a simple but flexible PHP mock object framework
--------------------------------------------------------------------------------
Update Information:
**Version 0.9.7** * Clear the _filesToCleanUp array after unlink.
--------------------------------------------------------------------------------
================================================================================
php-react-promise-2.5.0-1.fc24 (FEDORA-2016-ee02b6126a)
A lightweight implementation of CommonJS Promises/A for PHP
--------------------------------------------------------------------------------
Update Information:
### 2.5.0 (2016-12-22) * Revert automatic cancellation of pending collection
promises once the output promise resolves. This was introduced in 42d86b7 (PR
#36, released in
[v2.3.0](https://github.com/reactphp/promise/releases/tag/v2.3.0)) and was
both unintended and backward incompatible. If you need automatic cancellation,
you can use something like: ``` function allAndCancel(array $promises) {
return \React\Promise\all($promises) ->always(function() use ($promises)
{ foreach ($promises as $promise) { if ($promise
instanceof \React\Promise\CancellablePromiseInterface) {
$promise->cancel(); } } }); } ``` * `all()` and
`map()` functions now preserve the order of the array (#77). * Fix circular
references when resolving a promise with itself (#71).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1408344 - php-react-promise-2.5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1408344
--------------------------------------------------------------------------------
================================================================================
php-zendframework-zend-expressive-helpers-2.2.0-1.fc24 (FEDORA-2016-abc5584b14)
Helper/Utility classes for Expressive
--------------------------------------------------------------------------------
Update Information:
**Version 2.2.0** - 2016-12-23 - [#30](https://github.com/zendframework/zend-
expressive-helpers/pull/30) Use new ZF coding standard -
[#31](https://github.com/zendframework/zend-expressive-helpers/pull/32) Check to
ensure 100% test coverage is retained **Version 2.1.1** - 2016-12-23 -
[#29](https://github.com/zendframework/zend-expressive-helpers/pull/29) Don't
throw exception on empty JSON body
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.46-1.fc24 (FEDORA-2016-55f912fcdc)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to 2.46 Fixes various security issues, see
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more
info. No more includes Chatzilla and DOM Inspector in the package -- install
them yourself now (as usual other addons) from https://addons.mozilla.org
--------------------------------------------------------------------------------
================================================================================
tuxguitar-1.4-1.fc24 (FEDORA-2016-f9dc76f6dc)
A multitrack tablature editor and player written in Java-SWT
--------------------------------------------------------------------------------
Update Information:
* New edit Toolbar * Several bugs fixed
--------------------------------------------------------------------------------
================================================================================
wine-2.0-0.1.rc2.fc24 (FEDORA-2016-91267b0c0e)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
- Bug fix update of the Mono engine. - Support for IDN name resolution. - Many
more Shader Model 5 operations. - Still more fixes in the regression tests. -
Various bug fixes. https://www.winehq.org/announce/2.0-rc2 - Bug fixes only,
we are in code freeze. https://wine-staging.com/news/2016-12-21-release-2.0-rc2.html - Implement basic AES support
in bcrypt. - Remove GnuTLS / CommonCrypto dependency for hash calculations in
bcrypt. - Improve TIFF support in windoscodecs. - Various improvements in
user32, winhttp and other dlls.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1398794 - wine-mono 4.6.3 is broken
https://bugzilla.redhat.com/show_bug.cgi?id=1398794
--------------------------------------------------------------------------------
================================================================================
wine-mono-4.6.4-1.fc24 (FEDORA-2016-91267b0c0e)
Mono library required for Wine
--------------------------------------------------------------------------------
Update Information:
- Bug fix update of the Mono engine. - Support for IDN name resolution. - Many
more Shader Model 5 operations. - Still more fixes in the regression tests. -
Various bug fixes. https://www.winehq.org/announce/2.0-rc2 - Bug fixes only,
we are in code freeze. https://wine-staging.com/news/2016-12-21-release-2.0-rc2.html - Implement basic AES support
in bcrypt. - Remove GnuTLS / CommonCrypto dependency for hash calculations in
bcrypt. - Improve TIFF support in windoscodecs. - Various improvements in
user32, winhttp and other dlls.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1398794 - wine-mono 4.6.3 is broken
https://bugzilla.redhat.com/show_bug.cgi?id=1398794
--------------------------------------------------------------------------------
The following Fedora 25 Security updates need testing:
Age URL
121 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b3ed5f170 chicken-4.11.0-3.fc25
73 https://bodhi.fedoraproject.org/updates/FEDORA-2016-6dd3bc37c3 compat-guile18-1.8.8-14.fc25
19 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2d8fb6d7ad ipsilon-2.0.2-2.fc25
15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-daf90926d4 dovecot-2.2.27-1.fc25
9 https://bodhi.fedoraproject.org/updates/FEDORA-2016-01eba63bcc FlightGear-2016.3.1-3.fc25
6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fce8b939c9 python-wikitcms-2.1.10-1.fc25
6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f30fae0f67 nagios-plugins-2.1.4-2.fc25
6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9b83c6862d community-mysql-5.7.17-1.fc25
6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-89ee54c661 mingw-openjpeg2-2.1.2-3.fc25
4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c614315d29 squid-4.0.17-1.fc25
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-95b4e9077e tor-0.2.8.12-1.fc25
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b6cb3e83fa js-jquery1-1.12.4-2.fc25
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-897a1e6698 smack-4.1.5-3.fc25
2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a6e72e28e1 php-zendframework-zend-mail-2.7.2-1.fc25
2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5557ccf1f9 zookeeper-3.4.9-1.fc25
2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2361e1e07a cxf-3.1.6-3.fc25
1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3477b592e3 hdf5-1.8.17-2.fc25
1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d3e562bb52 libbsd-0.8.3-1.fc25
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f341d71730 springframework-3.2.18-1.fc25
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-edbb33ab2e curl-7.51.0-4.fc25
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2bca1021a3 seamonkey-2.46-1.fc25
The following Fedora 25 Critical Path updates have yet to be approved:
Age URL
28 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a1231ada78 python-productmd-1.3-1.fc25
28 https://bodhi.fedoraproject.org/updates/FEDORA-2016-940ecb5c59 wpa_supplicant-2.6-1.fc25
15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-9c25320b71 pungi-4.1.11-3.fc25
8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ab324eaf7a libnl3-3.2.29-0.2.fc25
4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-469935a9d1 xorg-x11-server-1.19.0-3.fc25
4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-be5fa630c5 vim-8.0.134-2.fc25
2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3189d3a4df PackageKit-1.1.5-0.1.20161221.fc25
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b49fa138f4 glibc-2.24-4.fc25
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-edbb33ab2e curl-7.51.0-4.fc25
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-37c1b46c83 python-mako-1.0.6-1.fc25
The following builds have been pushed to Fedora 25 updates-testing
cinnamon-3.2.7-1.fc25
cinnamon-screensaver-3.2.12-1.fc25
composer-1.3.0-1.fc25
curl-7.51.0-4.fc25
darktable-2.2.0-1.fc25
glibc-2.24-4.fc25
gnome-builder-3.22.4-1.fc25
golly-2.8-1.fc25
gromacs-2016.1-2.fc25
java-1.8.0-openjdk-aarch32-1.8.0.112-1.161109.fc25
kf5-libktorrent-2.0.1-5.fc25
lirc-0.9.4c-6.fc25
mate-session-manager-1.16.0-2.fc25
nfs-ganesha-2.4.1-2.fc25
nodejs-zipfile-0.5.11-1.fc25
odb-2.4.0-16.fc25
perl-B-Debug-1.24-1.fc25
php-akamai-open-edgegrid-auth-0.6.1-1.fc25
php-akamai-open-edgegrid-client-0.6.2-2.fc25
php-deepend-Mockery-0.9.7-1.fc25
php-nette-di-2.4.5-1.fc25
php-react-promise-2.5.0-1.fc25
php-zendframework-zend-expressive-helpers-2.2.0-1.fc25
python-ccdproc-1.2.0-1.fc25
python-mako-1.0.6-1.fc25
sagemath-7.3-7.fc25
seamonkey-2.46-1.fc25
springframework-3.2.18-1.fc25
tuxguitar-1.4-1.fc25
wine-2.0-0.1.rc2.fc25
Details about builds:
================================================================================
cinnamon-3.2.7-1.fc25 (FEDORA-2016-6b61cc6489)
Window management and application launching for GNOME
--------------------------------------------------------------------------------
Update Information:
- Update
--------------------------------------------------------------------------------
================================================================================
cinnamon-screensaver-3.2.12-1.fc25 (FEDORA-2016-6b61cc6489)
Cinnamon Screensaver
--------------------------------------------------------------------------------
Update Information:
- Update
--------------------------------------------------------------------------------
================================================================================
composer-1.3.0-1.fc25 (FEDORA-2016-9b145fae91)
Dependency Manager for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.3.0** - 2016-12-24 * Fixed handling of annotated git tags vs
lightweight tags leading to useless updates sometimes * Fixed ext-xdebug not
being require-able anymore due to automatic xdebug disabling * Fixed case
insensitivity of remove command **Version 1.3.0-RC** - 2016-12-11 * Added
workaround for xdebug performance impact by restarting PHP without xdebug
automatically in case it is enabled * Added `--minor-only` to the `outdated`
command to only show updates to minor versions and ignore new major versions *
Added `--apcu-autoloader` to the `update`/`install` commands and `--apcu` to
`dump-autoload` to enable an APCu-caching autoloader, which can be more
efficient than --classmap-authoritative if you attempt to autoload many classes
that do not exist, or if you can not use authoritative classmaps for some reason
* Added summary of operations to be executed before they run, and made execution
output more compact * Added `php-debug` and `php-zts` virtual platform
packages * Added `gitlab-token` auth config for GitLab private tokens *
Added `--strict` to the `outdated` command to return a non-zero exit code when
there are outdated packages * Added ability to call php scripts using the
current php interpreter (instead of finding php in PATH by default) in script
handlers via `@php ...` * Added `COMPOSER_ALLOW_XDEBUG` env var to circumvent
the xdebug-disabling behavior * Added `COMPOSER_MIRROR_PATH_REPOS` env var to
force mirroring of path repositories vs symlinking * Added `COMPOSER_DEV_MODE`
env var that is set by Composer to forward the dev mode to script handlers *
Fixed support for git 2.11 * Fixed output from zip and rar leaking out when an
error occured * Removed `hash` from composer.lock, only `content-hash` is now
used which should reduce conflicts * Minor fixes and performance improvements
--------------------------------------------------------------------------------
================================================================================
curl-7.51.0-4.fc25 (FEDORA-2016-edbb33ab2e)
A utility for getting files from remote servers (FTP, HTTP, and others)
--------------------------------------------------------------------------------
Update Information:
- fix floating point buffer overflow issues (CVE-2016-9586)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1406716 - CVE-2016-9586 curl: printf floating point buffer overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1406716
--------------------------------------------------------------------------------
================================================================================
darktable-2.2.0-1.fc25 (FEDORA-2016-35d9388016)
Utility to organize and develop raw images
--------------------------------------------------------------------------------
Update Information:
2.2.0 release
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1400075 - darktable-2.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1400075
--------------------------------------------------------------------------------
================================================================================
glibc-2.24-4.fc25 (FEDORA-2016-b49fa138f4)
The GNU libc libraries
--------------------------------------------------------------------------------
Update Information:
This update addresses user-reported bugs including #1398370 where ssh
configurations using kerberos authentication could fail with *_dl_close:
Assertion `map->l_init_called' failed!*
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1398370 - Plugin unloading causes undefined behavior: Inconsistency detected by ld.so: dl-close.c: 811: _dl_close: Assertion `map->l_init_called' failed!
https://bugzilla.redhat.com/show_bug.cgi?id=1398370
--------------------------------------------------------------------------------
================================================================================
gnome-builder-3.22.4-1.fc25 (FEDORA-2016-24109870d3)
IDE for writing GNOME-based software
--------------------------------------------------------------------------------
Update Information:
gnome-builder 3.22.4 release. * Some minor improvements to vala auto-
completion * UI tweaks to project creation view for better discovery * Allow
wider content in the file selection popover * Improve cache eviction when
certain project files change * Allow talking to FileManager1 DBUS interface
from flatpak * A handful of leak fixes * Improved unit tests * Avoid
overzealous background project builds * Runtimes can now translate paths to
files such as headers so that the processes outside the runtime can access
them. * Allow libclang to parse files inside of Flatpak runtimes. This ensures
that autocompletion and diagnostics work when building against org.gnome.Sdk *
Autotools will discover gmake vs make from the runtime * A "clone and edit this
flatpak" feature as been added using the -m command line option. This
integrates with some GNOME-based compositors to allow an "edit this app"
feature. * Various build system improvements * Improved support for building
flatpaks * Improved support for the meson build system * Builder depends on a
newer VTE for various regex features and now the build system configure
check reflects that. * Some vim improvements
--------------------------------------------------------------------------------
================================================================================
golly-2.8-1.fc25 (FEDORA-2016-1551012d52)
Cellular automata simulator (includes Conway's Game of Life)
--------------------------------------------------------------------------------
Update Information:
Updated to latest upstream release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1296103 - update 2.7
https://bugzilla.redhat.com/show_bug.cgi?id=1296103
--------------------------------------------------------------------------------
================================================================================
gromacs-2016.1-2.fc25 (FEDORA-2016-5122e909eb)
Fast, Free and Flexible Molecular Dynamics
--------------------------------------------------------------------------------
Update Information:
Bump to add support for inside docker.
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-aarch32-1.8.0.112-1.161109.fc25 (FEDORA-2016-5a10b53397)
OpenJDK Runtime Environment in a preview of the OpenJDK AArch32 project
--------------------------------------------------------------------------------
Update Information:
8u112 feature update, sync with mainline package
--------------------------------------------------------------------------------
================================================================================
kf5-libktorrent-2.0.1-5.fc25 (FEDORA-2016-cab746d8a0)
Library providing torrent downloading code
--------------------------------------------------------------------------------
Update Information:
KDE Framework providing torrent downloading code.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1386774 - Review Request: kf5-libktorrent - Library providing torrent downloading code
https://bugzilla.redhat.com/show_bug.cgi?id=1386774
--------------------------------------------------------------------------------
================================================================================
lirc-0.9.4c-6.fc25 (FEDORA-2016-04c837c067)
The Linux Infrared Remote Control package
--------------------------------------------------------------------------------
Update Information:
Fixes bug in parsing --listen option (#249)
--------------------------------------------------------------------------------
================================================================================
mate-session-manager-1.16.0-2.fc25 (FEDORA-2016-84c660cad4)
MATE Desktop session manager
--------------------------------------------------------------------------------
Update Information:
fix resizing the startup applications preferences window
--------------------------------------------------------------------------------
================================================================================
nfs-ganesha-2.4.1-2.fc25 (FEDORA-2016-0c61baf4a4)
NFS-Ganesha is a NFS Server running in user space
--------------------------------------------------------------------------------
Update Information:
nfs-ganesha 2.4.1 w/ glusterfs-3.8.6 upcall fix and FSAL_RGW
--------------------------------------------------------------------------------
================================================================================
nodejs-zipfile-0.5.11-1.fc25 (FEDORA-2016-ef8c2be7d3)
C++ library for handling zipfiles in Node.js
--------------------------------------------------------------------------------
Update Information:
Update to latest version to fix warnings from Node.
--------------------------------------------------------------------------------
================================================================================
odb-2.4.0-16.fc25 (FEDORA-2016-4f1d3df45b)
Object-relational mapping (ORM) system for C++
--------------------------------------------------------------------------------
Update Information:
Fix for [gcc 6](http://codesynthesis.com/pipermail/odb-
users/2016-December/003581.html)
--------------------------------------------------------------------------------
================================================================================
perl-B-Debug-1.24-1.fc25 (FEDORA-2016-d1f5dffb56)
Walk Perl syntax tree, print debug information about op-codes
--------------------------------------------------------------------------------
Update Information:
This release adapts tests to Perl 5.25.6. We deliver only to provide newer
version string.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1408456 - perl-B-Debug-1.24 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1408456
--------------------------------------------------------------------------------
================================================================================
php-akamai-open-edgegrid-auth-0.6.1-1.fc25 (FEDORA-2016-22a1011513)
Implements the Akamai {OPEN} EdgeGrid Authentication
--------------------------------------------------------------------------------
Update Information:
### 0.6.1 [17 Dec, 2016] * Fix PHP 7.1 compatibility (@remicollet)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405779 - php-akamai-open-edgegrid-auth-0.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1405779
--------------------------------------------------------------------------------
================================================================================
php-akamai-open-edgegrid-client-0.6.2-2.fc25 (FEDORA-2016-02fd58f542)
Implements the Akamai {OPEN} EdgeGrid Authentication
--------------------------------------------------------------------------------
Update Information:
### 0.6.2 [17 Dec, 2016] * Update to akamai-open/edgegrid-auth 0.6.1 (PHP 7.1
compatibility)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1405781 - php-akamai-open-edgegrid-client-0.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1405781
--------------------------------------------------------------------------------
================================================================================
php-deepend-Mockery-0.9.7-1.fc25 (FEDORA-2016-040f9e539e)
Mockery is a simple but flexible PHP mock object framework
--------------------------------------------------------------------------------
Update Information:
**Version 0.9.7** * Clear the _filesToCleanUp array after unlink.
--------------------------------------------------------------------------------
================================================================================
php-nette-di-2.4.5-1.fc25 (FEDORA-2016-584fcb4bf5)
Nette Dependency Injection Component
--------------------------------------------------------------------------------
Update Information:
**version 2.4.5** * ContainerBuilder: support for nullable types in
generated factories #132 * DependencyChecker: fixed serialization of
returnType, supports nullable types * Config\Loader: allow absolute paths in
includes section (#131) * IniAdapter, NeonAdapter: process() is public #134 *
return self -> static
--------------------------------------------------------------------------------
================================================================================
php-react-promise-2.5.0-1.fc25 (FEDORA-2016-380d08a395)
A lightweight implementation of CommonJS Promises/A for PHP
--------------------------------------------------------------------------------
Update Information:
### 2.5.0 (2016-12-22) * Revert automatic cancellation of pending collection
promises once the output promise resolves. This was introduced in 42d86b7 (PR
#36, released in
[v2.3.0](https://github.com/reactphp/promise/releases/tag/v2.3.0)) and was
both unintended and backward incompatible. If you need automatic cancellation,
you can use something like: ``` function allAndCancel(array $promises) {
return \React\Promise\all($promises) ->always(function() use ($promises)
{ foreach ($promises as $promise) { if ($promise
instanceof \React\Promise\CancellablePromiseInterface) {
$promise->cancel(); } } }); } ``` * `all()` and
`map()` functions now preserve the order of the array (#77). * Fix circular
references when resolving a promise with itself (#71).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1408344 - php-react-promise-2.5.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1408344
--------------------------------------------------------------------------------
================================================================================
php-zendframework-zend-expressive-helpers-2.2.0-1.fc25 (FEDORA-2016-cccb1fad6b)
Helper/Utility classes for Expressive
--------------------------------------------------------------------------------
Update Information:
**Version 2.2.0** - 2016-12-23 - [#30](https://github.com/zendframework/zend-
expressive-helpers/pull/30) Use new ZF coding standard -
[#31](https://github.com/zendframework/zend-expressive-helpers/pull/32) Check to
ensure 100% test coverage is retained **Version 2.1.1** - 2016-12-23 -
[#29](https://github.com/zendframework/zend-expressive-helpers/pull/29) Don't
throw exception on empty JSON body
--------------------------------------------------------------------------------
================================================================================
python-ccdproc-1.2.0-1.fc25 (FEDORA-2016-6d6b87c5f7)
Astropy affiliated package for reducing optical/IR CCD data
--------------------------------------------------------------------------------
Update Information:
new release
--------------------------------------------------------------------------------
================================================================================
python-mako-1.0.6-1.fc25 (FEDORA-2016-37c1b46c83)
Mako template library for Python
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.6 (#1257376).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1257376 - python-mako-1.0.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1257376
--------------------------------------------------------------------------------
================================================================================
sagemath-7.3-7.fc25 (FEDORA-2016-f67bf04062)
A free open-source mathematics software system
--------------------------------------------------------------------------------
Update Information:
Correct build from source and f24 to f25 sagemath upgrade problems.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1396848 - file conflict prevents upgrade
https://bugzilla.redhat.com/show_bug.cgi?id=1396848
[ 2 ] Bug #1381949 - Missing dependency: python-speaklater
https://bugzilla.redhat.com/show_bug.cgi?id=1381949
--------------------------------------------------------------------------------
================================================================================
seamonkey-2.46-1.fc25 (FEDORA-2016-2bca1021a3)
Web browser, e-mail, news, IRC client, HTML editor
--------------------------------------------------------------------------------
Update Information:
Update to 2.46 Fixes various security issues, see
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for more
info. No more includes Chatzilla and DOM Inspector in the package -- install
them yourself now (as usual other addons) from https://addons.mozilla.org
--------------------------------------------------------------------------------
================================================================================
springframework-3.2.18-1.fc25 (FEDORA-2016-f341d71730)
Spring Java Application Framework
--------------------------------------------------------------------------------
Update Information:
Update to 3.2.18.RELEASE. Resolves: CVE-2016-9878 (rhbz#1408164,1408165)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1408164 - CVE-2016-9878 Spring Framework: Directory Traversal in the Spring Framework ResourceServlet
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
--------------------------------------------------------------------------------
================================================================================
tuxguitar-1.4-1.fc25 (FEDORA-2016-91f7a8c6dd)
A multitrack tablature editor and player written in Java-SWT
--------------------------------------------------------------------------------
Update Information:
* New edit Toolbar * Several bugs fixed
--------------------------------------------------------------------------------
================================================================================
wine-2.0-0.1.rc2.fc25 (FEDORA-2016-a949dc3bee)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
https://www.winehq.org/announce/2.0-rc2 - Bug fixes only, we are in code
freeze. https://wine-staging.com/news/2016-12-21-release-2.0-rc2.html -
Implement basic AES support in bcrypt. - Remove GnuTLS / CommonCrypto dependency
for hash calculations in bcrypt. - Improve TIFF support in windoscodecs. -
Various improvements in user32, winhttp and other dlls.
--------------------------------------------------------------------------------
On Fri, 2016-12-23 at 08:49 +0000, rawhide(a)fedoraproject.org wrote:
> Announcing the creation of a new nightly release validation test event
> for Fedora 26 Rawhide 20161222.n.1. Please help run some tests for this
> nightly compose if you have time. For more information on nightly
> release validation testing, see:
> https://fedoraproject.org/wiki/QA:Release_validation_test_plan
>
> Notable package version changes:
> pyparted - 20161218.n.1: pyparted-3.10.7-4.fc25.src, 20161222.n.1: pyparted-3.10.7-5.fc26.src
> pykickstart - 20161218.n.1: pykickstart-2.33-1.fc26.src, 20161222.n.1: pykickstart-2.33-2.fc26.src
> lorax - 20161218.n.1: lorax-26.3-1.fc26.src, 20161222.n.1: lorax-26.3-2.fc26.src
> python-blivet - 20161218.n.1: python-blivet-2.1.7-3.fc26.src, 20161222.n.1: python-blivet-2.1.7-4.fc26.src
> anaconda - 20161218.n.1: anaconda-26.16-1.fc26.src, 20161222.n.1: anaconda-26.16-2.fc26.src
This compose is completely broken by a blivet / Python 3.6 issue:
https://bugzilla.redhat.com/show_bug.cgi?id=1408282
It doesn't seem like any maintainers are around to review my fix ATM,
so I think I'll do a downstream patch temporarily - we don't usually
apply patches to anaconda/blivet packages, but if they've all gone for
the end-of-year vacation already I'll have to do it that way to avoid
it being broken into the New Year.
If you do want to test things out at present, you can use this updates
image:
inst.updates=https://www.happyassassin.net/updates/1408282.0.img
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net