The following Fedora 24 Security updates need testing:
Age URL
54 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e339a7779 optipng-0.7.6-1.fc24
10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-95edf19d8a squid-3.5.19-2.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dfa325d31b community-mysql-5.7.12-1.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e3240782ec phpMyAdmin-4.6.2-1.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d23d2712de roundcubemail-1.2.0-1.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e5f722a9a7 docker-1.10.3-12.git4158ccc.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa49938267 pungi-4.0.15-2.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3d4c0d27b6 sqlite-3.12.2-1.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f85aa7dd6b selinux-policy-3.13.1-190.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f8a34340d systemd-229-8.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fa807cca6f nss-3.24.0-1.1.fc24 nss-softokn-3.24.0-1.0.fc24 nss-util-3.24.0-1.0.fc24
The following builds have been pushed to Fedora 24 updates-testing
fedfind-2.4.9-1.fc24
gammu-1.37.3-2.fc24
gimp-layer-via-copy-cut-1.6-2.fc24
php-iamcal-lib-autolink-1.7-1.fc24
php-justinrainbow-json-schema-2.0.4-1.fc24
php-nrk-Predis-1.0.4-1.fc24
php-pear-PHP-CodeSniffer-2.6.1-1.fc24
php-zendframework-zend-router-3.0.1-1.fc24
python-gammu-2.6-1.fc24
radeontop-0.9-2.20160527git2047d13.fc24
selinux-policy-3.13.1-190.fc24
wammu-0.41-2.fc24
wildfly-elytron-1.0.2-1.fc24
Details about builds:
================================================================================
fedfind-2.4.9-1.fc24 (FEDORA-2016-60bec25667)
Fedora Finder finds Fedora
--------------------------------------------------------------------------------
Update Information:
This update provides the latest release of
[fedfind](https://www.happyassassin.net/fedfind). It ensures `Release` instances
always have a `label` attribute, and makes `fedfind.helpers.parse_cid` raise an
error if the compose ID is invalid.
--------------------------------------------------------------------------------
================================================================================
gammu-1.37.3-2.fc24 (FEDORA-2016-b702a12e01)
Command Line utility to work with mobile phones
--------------------------------------------------------------------------------
Update Information:
Update gammu to 1.37.3, python-gammu-2.6 and update wammu to 0.41
--------------------------------------------------------------------------------
================================================================================
gimp-layer-via-copy-cut-1.6-2.fc24 (FEDORA-2016-396be8064a)
Layer via copy/cut plug-in for GIMP
--------------------------------------------------------------------------------
Update Information:
This add-on for GIMP allows copying/cutting and paste a layer at the same
position
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1329923 - Review Request: gimp-layer-via-copy-cut - Layer via copy/cut plug-in for GIMP
https://bugzilla.redhat.com/show_bug.cgi?id=1329923
--------------------------------------------------------------------------------
================================================================================
php-iamcal-lib-autolink-1.7-1.fc24 (FEDORA-2016-be8b9d2565)
Adds anchors to urls in a text
--------------------------------------------------------------------------------
Update Information:
Find URLs in HTML that are not already links, and make them into links.
Autoloader: /usr/share/php/php-iamcal-lib-autolink/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1330429 - Review Request: php-iamcal-lib-autolink - Adds anchors to urls in a text
https://bugzilla.redhat.com/show_bug.cgi?id=1330429
--------------------------------------------------------------------------------
================================================================================
php-justinrainbow-json-schema-2.0.4-1.fc24 (FEDORA-2016-ba31f25ade)
A library to validate a json schema
--------------------------------------------------------------------------------
Update Information:
A PHP Implementation for validating JSON Structures against a given Schema.
This package provides the library version 2. The php-JsonSchema package provides
the library version 1 and the validate-json command. See http://json-schema.org/ Autoloader: /usr/share/php/JsonSchema2/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1327511 - Review Request: php-justinrainbow-json-schema - A library to validate a json schema
https://bugzilla.redhat.com/show_bug.cgi?id=1327511
--------------------------------------------------------------------------------
================================================================================
php-nrk-Predis-1.0.4-1.fc24 (FEDORA-2016-15c2ed77ae)
PHP client library for Redis
--------------------------------------------------------------------------------
Update Information:
**Version 1.0.4** (2016-05-30) - Added new profile for Redis 3.2 with its new
commands: `HSTRLEN`, `BITFIELD`, `GEOADD`, `GEOHASH`, `GEOPOS`, `GEODIST`,
`GEORADIUS`, `GEORADIUSBYMEMBER`. The default server profile for Predis is
still the one for Redis 3.0 you must set the `profile` client option to `3.2`
when initializing the client in order to be able to use them when connecting
to Redis 3.2. - Various improvements in the handling of redis-cluster: -
If the connection to a specific node fails when executing a command, the
client tries to connect to another node in order to refresh the slots map
and perform a new attempt to execute the command. - Connections to nodes
can be preassigned to non-contiguous slot ranges via the `slots` parameter
using a comma separator. This is how it looks like in practice:
`tcp://127.0.0.1:6379?slots=0-5460,5500-5600,11000`. - __FIX__: broken values
returned by `Predis\Collection\Iterator\HashKey` when iterating hash keys
containing integer fields (PR #330, ISSUE #331). - __FIX__: prevent failures
when `Predis\Connection\StreamConnection` serializes commands with holes in
their arguments (e.g. `[0 => 'key:0', 2 => 'key:2']`). The same fix has been
applied to `Predis\Protocol\Text\RequestSerializer`. (ISSUE #316).
--------------------------------------------------------------------------------
================================================================================
php-pear-PHP-CodeSniffer-2.6.1-1.fc24 (FEDORA-2016-4f6116fe9a)
PHP coding standards enforcement tool
--------------------------------------------------------------------------------
Update Information:
**Version 2.6.1** - The PHP-supplied T_COALESCE token has been replicated for
PHP versions before 7.0 - Function return types of self, parent and callable are
now tokenized as T_RETURN_TYPE - Thanks to Jaroslav Hansl��k for the patch -
The default_standard config setting now allows multiple standards to be listed,
like on the command line - Thanks to Michael Mayer for the patch -
Installations done via composer now only include the composer autoloader for PHP
5.3.2+ (request #942) - Added a rollbackChangeset() method to the Fixer class to
purposely rollback the active changeset - Fixed bug #940 : Auto-fixing issue
encountered with inconsistent use of braces - Fixed bug #943 :
Squiz.PHP.InnerFunctions.NotAllowed reported in anonymous classes - Fixed bug
#944 : PHP warning when running the latest phar - Fixed bug #951 :
InlineIfDeclaration: invalid error produced with UTF-8 string - Fixed bug #957 :
Operator spacing sniff errors when plus is used as part of a number - Thanks
to Klaus Purer for the patch - Fixed bug #959 : Call-time pass-by-reference
false positive if there is a square bracket before the ampersand - Thanks to
Konstantin Leboev for the patch - Fixed bug #962 : Null coalescing operator (??)
not detected as a token - Thanks to Joel Posti for the patch - Fixed bug
#973 : Anonymous class declaration and PSR1.Files.SideEffects.FoundWithSymbols -
Fixed bug #974 : Error when file ends with "function" - Fixed bug #979 :
Anonymous function with return type hint is not refactored as expected - Fixed
bug #983 : Squiz.WhiteSpace.MemberVarSpacing.AfterComment fails to fix error
when comment is not a docblock - Fixed bug #1010 : Squiz NonExectuableCode sniff
does not detect boolean OR - Thanks to Derek Henderson for the patch - Fixed
bug #1015 : The Squiz.Commenting.FunctionComment sniff doesn't allow description
in @return tag - Thanks to Alexander Obuhovich for the patch - Fixed bug
#1022 : Duplicate spaces after opening bracket error with PSR2 standard - Fixed
bug #1025 : Syntax error in JS file can cause undefined index for
parenthesis_closer
--------------------------------------------------------------------------------
================================================================================
php-zendframework-zend-router-3.0.1-1.fc24 (FEDORA-2016-4b3e129dff)
Zend Framework Router component
--------------------------------------------------------------------------------
Update Information:
zend-router provides flexible HTTP routing. Routing currently works against the
zend-http request and responses, and provides capabilities around: * Literal
path matches * Path segment matches (at path boundaries, and optionally
validated using regex) * Regular expression path matches * HTTP request scheme
* HTTP request method * Hostname Additionally, it supports combinations of
different route types in tree structures, allowing for fast, b-tree lookups.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328346 - Review Request: php-zendframework-zend-router - Zend Framework Router component
https://bugzilla.redhat.com/show_bug.cgi?id=1328346
--------------------------------------------------------------------------------
================================================================================
python-gammu-2.6-1.fc24 (FEDORA-2016-b702a12e01)
Python bindings for Gammu
--------------------------------------------------------------------------------
Update Information:
Update gammu to 1.37.3, python-gammu-2.6 and update wammu to 0.41
--------------------------------------------------------------------------------
================================================================================
radeontop-0.9-2.20160527git2047d13.fc24 (FEDORA-2016-202dd11a55)
View GPU utilization of AMD/ATI Radeon devices
--------------------------------------------------------------------------------
Update Information:
A text user interface application to view GPU utilization of AMD/ATI Radeon
devices
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1089962 - Review Request: radeontop - View GPU utilization of AMD/ATI Radeon devices
https://bugzilla.redhat.com/show_bug.cgi?id=1089962
--------------------------------------------------------------------------------
================================================================================
selinux-policy-3.13.1-190.fc24 (FEDORA-2016-f85aa7dd6b)
SELinux policy configuration
--------------------------------------------------------------------------------
Update Information:
More info: http://koji.fedoraproject.org/koji/buildinfo?buildID=769370
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1333106 - Server deployment fails due to SELinux policy changes on current Fedora Rawhide and F24 (2016-05-21)
https://bugzilla.redhat.com/show_bug.cgi?id=1333106
--------------------------------------------------------------------------------
================================================================================
wammu-0.41-2.fc24 (FEDORA-2016-b702a12e01)
Mobile Phone Manager - Gammu GUI
--------------------------------------------------------------------------------
Update Information:
Update gammu to 1.37.3, python-gammu-2.6 and update wammu to 0.41
--------------------------------------------------------------------------------
================================================================================
wildfly-elytron-1.0.2-1.fc24 (FEDORA-2016-dc4f42f41c)
Security, Authentication, and Authorization SPIs for the WildFly project
--------------------------------------------------------------------------------
Update Information:
Initial import (#1328064).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328064 - Review Request: wildfly-elytron - Security, Authentication, and Authorization SPIs for the WildFly project
https://bugzilla.redhat.com/show_bug.cgi?id=1328064
--------------------------------------------------------------------------------
The following Fedora 24 Security updates need testing:
Age URL
54 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e339a7779 optipng-0.7.6-1.fc24
10 https://bodhi.fedoraproject.org/updates/FEDORA-2016-95edf19d8a squid-3.5.19-2.fc24
7 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b86ae2068d openslp-2.0.0-9.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dfa325d31b community-mysql-5.7.12-1.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e3240782ec phpMyAdmin-4.6.2-1.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d23d2712de roundcubemail-1.2.0-1.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e5f722a9a7 docker-1.10.3-12.git4158ccc.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
13 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa49938267 pungi-4.0.15-2.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3d4c0d27b6 sqlite-3.12.2-1.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5f8a34340d systemd-229-8.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fa807cca6f nss-3.24.0-1.1.fc24 nss-softokn-3.24.0-1.0.fc24 nss-util-3.24.0-1.0.fc24
The following builds have been pushed to Fedora 24 updates-testing
NetworkManager-l2tp-1.2.2-1.fc24
bcm283x-firmware-20160513-1.c17fa41.fc24
cinnamon-menus-3.0.2-1.fc24
cinnamon-screensaver-3.0.1-1.fc24
compose-utils-0.1.6-1.fc24
dmidecode-3.0-3.fc24
docker-1.10.3-12.git4158ccc.fc24
gecode-4.4.0-11.fc24
gnome-gmail-2.1-1.fc24
gtengine-2.5-1.fc24
jboss-logging-3.3.0-1.fc24
jboss-logging-tools-2.0.1-1.fc24
jboss-logmanager-2.0.3-1.fc24
jboss-modules-1.5.1-1.fc24
jboss-parent-19-1.fc24
jdeparser-2.0.0-1.fc24
knot-2.2.1-1.fc24
libinput-1.3.1-1.fc24
libsolv-0.6.20-3.fc24
log4j-jboss-logmanager-1.1.2-1.fc24
lyx-2.2.0-1.fc24
mailcap-2.1.46-1.fc24
mozjs45-45.1.1-4.fc24
nfs-ganesha-2.4.0-0.6dev19.fc24
nss-3.24.0-1.1.fc24
nss-softokn-3.24.0-1.0.fc24
nss-util-3.24.0-1.0.fc24
openblas-0.2.18-1.fc24
php-guzzlehttp-promises-1.2.0-1.fc24
php-guzzlehttp-psr7-1.3.0-1.fc24
php-latte-2.3.12-1.fc24
php-pear-Net-SMTP-1.7.2-1.fc24
php-tracy-2.3.11-1.fc24
php-twig-1.24.1-1.fc24
python-copr-1.70-1.fc24
slapi-nis-0.55-3.fc24
slf4j-jboss-logmanager-1.0.3-1.fc24
systemd-229-8.fc24
texstudio-2.11.0-1.fc24
uboot-tools-2016.05-3.fc24
ugene-1.22.0-5.fc24
wildfly-build-tools-1.1.6-1.fc24
Details about builds:
================================================================================
NetworkManager-l2tp-1.2.2-1.fc24 (FEDORA-2016-6738cc1889)
NetworkManager VPN plugin for L2TP and L2TP/IPSec
--------------------------------------------------------------------------------
Update Information:
Update to 1.2.2.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1336282 - Update NetworkManager-l2tp to 1.2.2
https://bugzilla.redhat.com/show_bug.cgi?id=1336282
--------------------------------------------------------------------------------
================================================================================
bcm283x-firmware-20160513-1.c17fa41.fc24 (FEDORA-2016-d2c78abc06)
Broadcom bcm283x firmware for the Raspberry Pi
--------------------------------------------------------------------------------
Update Information:
Update to u-boot 2016.05 GA enabling new features and numerous new ARMv7 and
aarch64 devices
--------------------------------------------------------------------------------
================================================================================
cinnamon-menus-3.0.2-1.fc24 (FEDORA-2016-272da20d39)
A menu system for the Cinnamon project
--------------------------------------------------------------------------------
Update Information:
updates
--------------------------------------------------------------------------------
================================================================================
cinnamon-screensaver-3.0.1-1.fc24 (FEDORA-2016-272da20d39)
Cinnamon Screensaver
--------------------------------------------------------------------------------
Update Information:
updates
--------------------------------------------------------------------------------
================================================================================
compose-utils-0.1.6-1.fc24 (FEDORA-2016-9edc277e2e)
Utilities for working with composes
--------------------------------------------------------------------------------
Update Information:
* Fix getting SRPM summary * Add utility for listing composes (It allows
listing all composes in a directory in a sorted way, finding latest compose in a
directory, generating next compose id to be used, finding preceding compose for
a given compose etc.) * Add better error message on missing metadata ---- Add
image diff to changelog.
--------------------------------------------------------------------------------
================================================================================
dmidecode-3.0-3.fc24 (FEDORA-2016-1215cc6d1d)
Tool to analyse BIOS DMI data
--------------------------------------------------------------------------------
Update Information:
Hide irrelevant fixup message
--------------------------------------------------------------------------------
================================================================================
docker-1.10.3-12.git4158ccc.fc24 (FEDORA-2016-e5f722a9a7)
Automates deployment of containerized applications
--------------------------------------------------------------------------------
Update Information:
built docker @projectatomic/fedora-1.10.3 commit 4158ccc ---- Resolves:
#1335649 - enable Red Hat subscription use in Docker containers on Fedora ----
built docker @projectatomic/fedora-1.10.3 commit 8ecd47f
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1335649 - Enable use of Red Hat subscriptions in docker containers on Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=1335649
[ 2 ] Bug #1329454 - CVE-2016-3697 docker: privilege escalation via confusion of usernames and UIDs [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1329454
[ 3 ] Bug #1340921 - "Failed to get pwuid struct: user: unknown userid " log spam
https://bugzilla.redhat.com/show_bug.cgi?id=1340921
--------------------------------------------------------------------------------
================================================================================
gecode-4.4.0-11.fc24 (FEDORA-2016-ebdb7d840b)
Generic constraint development environment
--------------------------------------------------------------------------------
Update Information:
fix the typo bug which causes the build failure on powerpc
--------------------------------------------------------------------------------
================================================================================
gnome-gmail-2.1-1.fc24 (FEDORA-2016-4f865d88e0)
Integrate GMail into the GNOME desktop
--------------------------------------------------------------------------------
Update Information:
Update to 2.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1340600 - gnome-gmail-2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1340600
--------------------------------------------------------------------------------
================================================================================
gtengine-2.5-1.fc24 (FEDORA-2016-7ba517b15a)
Library for computations in mathematics, graphics, image analysis, and physics
--------------------------------------------------------------------------------
Update Information:
- Update to 2.5
--------------------------------------------------------------------------------
================================================================================
jboss-logging-3.3.0-1.fc24 (FEDORA-2016-f252af26c6)
The JBoss Logging Framework
--------------------------------------------------------------------------------
Update Information:
update to 3.3.0.Final
--------------------------------------------------------------------------------
================================================================================
jboss-logging-tools-2.0.1-1.fc24 (FEDORA-2016-6a2a052517)
JBoss Logging I18n Annotation Processor
--------------------------------------------------------------------------------
Update Information:
update to 2.0.1.Final
--------------------------------------------------------------------------------
================================================================================
jboss-logmanager-2.0.3-1.fc24 (FEDORA-2016-2c2aab6b63)
JBoss Log Manager
--------------------------------------------------------------------------------
Update Information:
update to 2.0.3.Final
--------------------------------------------------------------------------------
================================================================================
jboss-modules-1.5.1-1.fc24 (FEDORA-2016-c7e0a4c060)
A Modular Classloading System
--------------------------------------------------------------------------------
Update Information:
update to 1.5.1.Final
--------------------------------------------------------------------------------
================================================================================
jboss-parent-19-1.fc24 (FEDORA-2016-c077837b04)
JBoss Parent POM
--------------------------------------------------------------------------------
Update Information:
update to 19
--------------------------------------------------------------------------------
================================================================================
jdeparser-2.0.0-1.fc24 (FEDORA-2016-3699105670)
Source generator library for Java
--------------------------------------------------------------------------------
Update Information:
update to 2.0.0.Final
--------------------------------------------------------------------------------
================================================================================
knot-2.2.1-1.fc24 (FEDORA-2016-069f2b911b)
High-performance authoritative DNS server
--------------------------------------------------------------------------------
Update Information:
new upstream release ---- Fix default configuration file.
--------------------------------------------------------------------------------
================================================================================
libinput-1.3.1-1.fc24 (FEDORA-2016-d8355f57d3)
Input device library
--------------------------------------------------------------------------------
Update Information:
libinput 1.3.1, we already had most of the fixes anyway
--------------------------------------------------------------------------------
================================================================================
libsolv-0.6.20-3.fc24 (FEDORA-2016-f0fdbfc2e4)
Package dependency solver
--------------------------------------------------------------------------------
Update Information:
Enable/Disable some options. Shouldn't affect anyone
--------------------------------------------------------------------------------
================================================================================
log4j-jboss-logmanager-1.1.2-1.fc24 (FEDORA-2016-58e2182359)
JBoss Log4j Emulation
--------------------------------------------------------------------------------
Update Information:
update to 1.1.2.Final
--------------------------------------------------------------------------------
================================================================================
lyx-2.2.0-1.fc24 (FEDORA-2016-c5a1e5369a)
WYSIWYM (What You See Is What You Mean) document processor
--------------------------------------------------------------------------------
Update Information:
Update to the latest stable release. Among the most important of these are: *
HiDPI display support * Qt5 support * New text display algorithm * Horizontal
scrolling for large insets * Improved control of paragraph breaks * Improved
text color support * Reworked instant preview
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1249411 - [abrt] lyx: lyx::error_handler(): lyx killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1249411
[ 2 ] Bug #1208209 - [abrt] lyx-common: configure.py:1289:checkLatexConfig:IOError: [Errno 2] No such file or directory: 'chkconfig.vars'
https://bugzilla.redhat.com/show_bug.cgi?id=1208209
[ 3 ] Bug #1297051 - [abrt] lyx: lyx::error_handler(): lyx killed by SIGABRT
https://bugzilla.redhat.com/show_bug.cgi?id=1297051
--------------------------------------------------------------------------------
================================================================================
mailcap-2.1.46-1.fc24 (FEDORA-2016-273c1fcd94)
Helper application and MIME type associations for file types
--------------------------------------------------------------------------------
Update Information:
Update to 2.1.46
--------------------------------------------------------------------------------
================================================================================
mozjs45-45.1.1-4.fc24 (FEDORA-2016-7c6aef3b6c)
JavaScript interpreter and libraries
--------------------------------------------------------------------------------
Update Information:
fix build on s390 ---- New package mozjs45 - contains JS engine from Firefox
45.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1336728 - Review Request: mozjs45 - JavaScript interpreter and libraries
https://bugzilla.redhat.com/show_bug.cgi?id=1336728
--------------------------------------------------------------------------------
================================================================================
nfs-ganesha-2.4.0-0.6dev19.fc24 (FEDORA-2016-5ddb4fa649)
NFS-Ganesha is a NFS Server running in user space
--------------------------------------------------------------------------------
Update Information:
2.4-dev-19
--------------------------------------------------------------------------------
================================================================================
nss-3.24.0-1.1.fc24 (FEDORA-2016-fa807cca6f)
Network Security Services
--------------------------------------------------------------------------------
Update Information:
Updates the nss family of packages to upstream NSS 3.24. For details about new
functionality and a list of bugs fixed in this release please see the upstream
releases notes https://developer.mozilla.org/en-
US/docs/Mozilla/Projects/NSS/NSS_3.24_release_notes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1336849 - nss-3.24 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1336849
--------------------------------------------------------------------------------
================================================================================
nss-softokn-3.24.0-1.0.fc24 (FEDORA-2016-fa807cca6f)
Network Security Services Softoken Module
--------------------------------------------------------------------------------
Update Information:
Updates the nss family of packages to upstream NSS 3.24. For details about new
functionality and a list of bugs fixed in this release please see the upstream
releases notes https://developer.mozilla.org/en-
US/docs/Mozilla/Projects/NSS/NSS_3.24_release_notes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1336849 - nss-3.24 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1336849
--------------------------------------------------------------------------------
================================================================================
nss-util-3.24.0-1.0.fc24 (FEDORA-2016-fa807cca6f)
Network Security Services Utilities Library
--------------------------------------------------------------------------------
Update Information:
Updates the nss family of packages to upstream NSS 3.24. For details about new
functionality and a list of bugs fixed in this release please see the upstream
releases notes https://developer.mozilla.org/en-
US/docs/Mozilla/Projects/NSS/NSS_3.24_release_notes
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1336849 - nss-3.24 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1336849
--------------------------------------------------------------------------------
================================================================================
openblas-0.2.18-1.fc24 (FEDORA-2016-e2ff7a908d)
An optimized BLAS library based on GotoBLAS2
--------------------------------------------------------------------------------
Update Information:
Optimizations on ARM and Power architectures.
--------------------------------------------------------------------------------
================================================================================
php-guzzlehttp-promises-1.2.0-1.fc24 (FEDORA-2016-4dea6beb61)
Guzzle promises library
--------------------------------------------------------------------------------
Update Information:
## 1.2.0 - 2016-05-18 * Update to now catch `\Throwable` on PHP 7+
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1337366 - php-guzzlehttp-promises-1.2.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1337366
--------------------------------------------------------------------------------
================================================================================
php-guzzlehttp-psr7-1.3.0-1.fc24 (FEDORA-2016-1911def7e5)
PSR-7 message implementation
--------------------------------------------------------------------------------
Update Information:
## 1.3.0 - 2016-04-13 * Added remaining interfaces needed for full PSR7
compatibility (ServerRequestInterface, UploadedFileInterface, etc.). * Added
support for stream_for from scalars. * Can now extend Uri. * Fixed a bug in
validating request methods by making it more permissive.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1326975 - php-guzzlehttp-psr7-1.3.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1326975
--------------------------------------------------------------------------------
================================================================================
php-latte-2.3.12-1.fc24 (FEDORA-2016-a009f1421b)
Latte: the amazing template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Released version 2.3.12** * Filter strip: fixed bug when input begins with
`<pre> <script>` or `<textarea>` * Filters::escapeHtml escapes all entities *
Compiler: pretty whitespace around comments * MacroTokens: added new
operators <=> ** ... * Compiler: improved error messages
--------------------------------------------------------------------------------
================================================================================
php-pear-Net-SMTP-1.7.2-1.fc24 (FEDORA-2016-e30bb66a1b)
Provides an implementation of the SMTP protocol
--------------------------------------------------------------------------------
Update Information:
**Version 1.7.2** - Fix size calculation when headers are provided (#27)
--------------------------------------------------------------------------------
================================================================================
php-tracy-2.3.11-1.fc24 (FEDORA-2016-3a97cf2876)
Tracy: useful PHP debugger
--------------------------------------------------------------------------------
Update Information:
**Released version 2.3.11** * Dumper: fixed missing escape for & (#187) *
bar.js: fixed evaluating script tags in panels in window-mode (#174) *
Bluescreen: rel=noopener for target=_blank * BlueScreen::highlightLine() line
may be out of range #148 * Bar: versioning of data in session #146 #149
--------------------------------------------------------------------------------
================================================================================
php-twig-1.24.1-1.fc24 (FEDORA-2016-798e6cdb5c)
The flexible, fast, and secure template engine for PHP
--------------------------------------------------------------------------------
Update Information:
**Version 1.24.1** (2016-05-30) * fixed reserved keywords (forbids true,
false, null and none keywords for variables names) * fixed support for PHP7
(Throwable support) * marked the following methods as being internals on
Twig_Environment: getFunctions(), getFilters(), getTests(), getFunction(),
getFilter(), getTest(), getTokenParsers(), getTags(), getNodeVisitors(),
getUnaryOperators(), getBinaryOperators(), getFunctions(), getFilters(),
getGlobals(), initGlobals(), initExtensions(), and initExtension()
--------------------------------------------------------------------------------
================================================================================
python-copr-1.70-1.fc24 (FEDORA-2016-bcc2133857)
Python interface for Copr
--------------------------------------------------------------------------------
Update Information:
This release mainly fixes bug Bug 1340650 - SRPM builds submitted from CLI fail:
"invalid request".
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1335163 - Add fork subcommand to Copr CLI
https://bugzilla.redhat.com/show_bug.cgi?id=1335163
[ 2 ] Bug #1340650 - SRPM builds submitted from CLI fail: "invalid request"
https://bugzilla.redhat.com/show_bug.cgi?id=1340650
--------------------------------------------------------------------------------
================================================================================
slapi-nis-0.55-3.fc24 (FEDORA-2016-66da0c4188)
NIS Server and Schema Compatibility plugins for Directory Server
--------------------------------------------------------------------------------
Update Information:
Support shutdown for priming data thread. Required for FreeIPA trust to Active
Directory feature support for legacy clients (Compat tree).
--------------------------------------------------------------------------------
================================================================================
slf4j-jboss-logmanager-1.0.3-1.fc24 (FEDORA-2016-8386afb678)
SLF4J backend for JBoss LogManager
--------------------------------------------------------------------------------
Update Information:
Upstream 1.0.3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1340406 - slf4j-jboss-logmanager-1.0.3.GA is available
https://bugzilla.redhat.com/show_bug.cgi?id=1340406
--------------------------------------------------------------------------------
================================================================================
systemd-229-8.fc24 (FEDORA-2016-5f8a34340d)
A System and Service Manager
--------------------------------------------------------------------------------
Update Information:
Patches for linked bugs
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1316964 - .../include/systemd/sd-login.h:241:1: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'void'
https://bugzilla.redhat.com/show_bug.cgi?id=1316964
[ 2 ] Bug #1317928 - nspawn does not set SELinux label correctly (/dev/console)
https://bugzilla.redhat.com/show_bug.cgi?id=1317928
[ 3 ] Bug #1338823 - certain udev properties getting bad data (the data starts with a '\n' among other things)
https://bugzilla.redhat.com/show_bug.cgi?id=1338823
[ 4 ] Bug #1333998 - After Russian install, console keymap is 'us', not 'ru'
https://bugzilla.redhat.com/show_bug.cgi?id=1333998
[ 5 ] Bug #1206936 - Laptop does not resume from hibernate, boots instead
https://bugzilla.redhat.com/show_bug.cgi?id=1206936
--------------------------------------------------------------------------------
================================================================================
texstudio-2.11.0-1.fc24 (FEDORA-2016-dcbddc10c1)
A feature-rich editor for LaTeX documents
--------------------------------------------------------------------------------
Update Information:
- update to 2.11.0 -
http://texstudio.sourceforge.net/manual/current/CHANGELOG.txt
--------------------------------------------------------------------------------
================================================================================
uboot-tools-2016.05-3.fc24 (FEDORA-2016-d2c78abc06)
U-Boot utilities
--------------------------------------------------------------------------------
Update Information:
Update to u-boot 2016.05 GA enabling new features and numerous new ARMv7 and
aarch64 devices
--------------------------------------------------------------------------------
================================================================================
ugene-1.22.0-5.fc24 (FEDORA-2016-54554f20d4)
Integrated bioinformatics toolkit
--------------------------------------------------------------------------------
Update Information:
* Fixes FTBFS in Rawhide / F24.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1308203 - ugene: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1308203
[ 2 ] Bug #1306561 - ugene cannot be updated due to broken dependencies
https://bugzilla.redhat.com/show_bug.cgi?id=1306561
[ 3 ] Bug #1107023 - ugene: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1107023
[ 4 ] Bug #890427 - ugene-1.22.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=890427
--------------------------------------------------------------------------------
================================================================================
wildfly-build-tools-1.1.6-1.fc24 (FEDORA-2016-4edc2565b1)
Wildfly build and provisioning tools
--------------------------------------------------------------------------------
Update Information:
Initial import (#1328065).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1328065 - Review Request: wildfly-build-tools - Wildfly build and provisioning tools
https://bugzilla.redhat.com/show_bug.cgi?id=1328065
--------------------------------------------------------------------------------
Hi folks! The Final freeze kicks in soon, so time for another blocker
bug update.
1. https://bugzilla.redhat.com/show_bug.cgi?id=1318045 - anaconda - NEW
  Incorrect keymap when decrypting encrypted partitions
This one still needs some investigation, we know the proximate cause
but not what's ultimately causing *that*. I spent last week on the
other keyboard bug, so if no-one else gets to this one this week, I
guess that's what I'll be doing.
2. https://bugzilla.redhat.com/show_bug.cgi?id=1320273 - grub2 - NEW
  chainloading bootmgr.efi on UEFI results in error: out of memory
I know pjones has been working on this one from IRC chat, but obviously
he's not all of the way there yet. There aren't really many other
people who can help with this, unfortunately...
3. https://bugzilla.redhat.com/show_bug.cgi?id=1333106 - selinux-policy - MODIFIED
Server deployment fails due to SELinux policy changes on current Fedora Rawhide and F24 (2016-05-21)
An update has just appeared for this, so we (Server WG folks and QA
folks) will need to test it.
4. https://bugzilla.redhat.com/show_bug.cgi?id=1333998 - systemd - MODIFIED
After Russian install, console keymap is 'us', not 'ru'
I more or less worked this one out last week; I've sent a PR that should
improve things from the anaconda end, and systemd has also improved
things on their end. We'll need a new compose containing the updated
systemd to verify that fix.
5. https://bugzilla.redhat.com/show_bug.cgi?id=1293167 - kf5-kinit - NEW
[abrt] kf5-kinit: qt_message_fatal(): kdeinit5 killed by SIGABRT
This was previously an accepted blocker, but at today's blocker review
meeting we agreed to kick it back to proposed, because the impact seems
to be less broad than was initially thought (it may be graphics driver-
dependent). We would like the QA folks who've been active on this -
kparal and pschindl - to re-test based on the findings of other people
who've posted in the bug, then we can re-consider the blocker status.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
I'm not a tester, but I thought I would note
that sendmail-8.15.2-6.fc24.x86_64 does not appear to work for me
under Fedora-24 beta.
If anyone else is using it without problem, please ignore this report.
I was running KMail with the sendmail option for sending email,
and this failed with the error "Failed to transmit message".
When I changed to using a remote email server, KMail worked fine,
so I assume the problem was with sendmail.
I'm afraid I didn't study the problem seriously.
I simply observed that journalctl had the entry
------------------------------
sendmail.service: PID file /run/sendmail.pid not readable (yet?)
after start: No such file or directory
and the following, repeated several times
May 25 23:14:52 william.gayleard.com ksmserver[1395]:
QXcbWindow: Unhandled client message: "_NET_CURRENT_DESKTOP"
------------------------------
--
Timothy Murphy
gayleard /at/ eircom.net
School of Mathematics, Trinity College, Dublin
The following Fedora 24 Security updates need testing:
Age URL
53 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2e339a7779 optipng-0.7.6-1.fc24
25 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a4d504509 obs-signd-2.2.1-8.fc24
8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-95edf19d8a squid-3.5.19-2.fc24
5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b86ae2068d openslp-2.0.0-9.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dfa325d31b community-mysql-5.7.12-1.fc24
3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b967ac1a74 php-5.6.22-1.fc24
1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e21eeb4202 docker-1.10.3-11.git8ecd47f.fc24
1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e3240782ec phpMyAdmin-4.6.2-1.fc24
1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d23d2712de roundcubemail-1.2.0-1.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cfea37952b xen-4.6.1-10.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa49938267 pungi-4.0.15-2.fc24
1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3d4c0d27b6 sqlite-3.12.2-1.fc24
0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c36f610022 krb5-1.14.1-6.fc24
The following builds have been pushed to Fedora 24 updates-testing
atoum-2.7.0-1.fc24
chck-0-1.20160408git5275403.fc24
edgar-1.24-1.fc24
gnome-software-3.20.3-1.fc24
knot-2.2.0-3.fc24
kubernetes-1.2.0-0.22.git4a3f9c5.fc24
ndctl-53.1-1.fc24
nvml-1.0-2.fc24
pcsc-cyberjack-3.99.5final.SP09-1.fc24
perl-MCE-1.708-1.fc24
php-bartlett-php-compatinfo-db-1.9.0-1.fc24
php-phpunit-git-2.1.2-1.fc24
python-hypothesis-3.4.0-1.fc24
python-shapely-1.5.16-1.fc24
python-werkzeug-0.11.10-1.fc24
xemacs-21.5.34-16.20160507hgd5b51c618ef8.fc24
xen-4.6.1-10.fc24
Details about builds:
================================================================================
atoum-2.7.0-1.fc24 (FEDORA-2016-72c43f8365)
PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:
**Version 2.7.0** - 2016-06-20 *
[#594](https://github.com/atoum/atoum/pull/594) Add telemtry report to CI builds
([jubianchi]) * [#600](https://github.com/atoum/atoum/pull/600) Reports override
correctly when using -ulr/-utr ([jubianchi]) *
[#593](https://github.com/atoum/atoum/pull/593) Assertions on PHP 7
exceptions/throwables/errors are now working correctly ([jubianchi])
--------------------------------------------------------------------------------
================================================================================
chck-0-1.20160408git5275403.fc24 (FEDORA-2016-c1c4dd94aa)
Collection of C utilities
--------------------------------------------------------------------------------
Update Information:
Update to more recent git commit
--------------------------------------------------------------------------------
================================================================================
edgar-1.24-1.fc24 (FEDORA-2016-9458a607e5)
A platform game
--------------------------------------------------------------------------------
Update Information:
* Updated Brazilian Portuguese and German translations * The ice blocks dropped
by the large blue book's third form now shatter if they land on lifts
--------------------------------------------------------------------------------
================================================================================
gnome-software-3.20.3-1.fc24 (FEDORA-2016-2be09c9861)
A software center for GNOME
--------------------------------------------------------------------------------
Update Information:
gnome-software 3.20.3. This stable release fixes the following bugs: * Fix
several issues with system upgrades * Fix several issues with the Ubuntu
reviews dialog * Fix an issue that caused incorrect package versions to be
shown in the update panel * Fix an issue that caused offline updates to not
start under certain conditions This release also updates translations.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1337336 - gnome-software shows updates but "Restart & Install" button doesn't install them
https://bugzilla.redhat.com/show_bug.cgi?id=1337336
[ 2 ] Bug #1336482 - Change label "Installing" to "Downloading"
https://bugzilla.redhat.com/show_bug.cgi?id=1336482
[ 3 ] Bug #1335414 - Graphical upgrade failed with error with no details
https://bugzilla.redhat.com/show_bug.cgi?id=1335414
[ 4 ] Bug #1336459 - installing a package between Download and Install actions of graphical upgrade breaks graphical upgrade
https://bugzilla.redhat.com/show_bug.cgi?id=1336459
--------------------------------------------------------------------------------
================================================================================
knot-2.2.0-3.fc24 (FEDORA-2016-13d3faa3f0)
High-performance authoritative DNS server
--------------------------------------------------------------------------------
Update Information:
Fix default configuration file.
--------------------------------------------------------------------------------
================================================================================
kubernetes-1.2.0-0.22.git4a3f9c5.fc24 (FEDORA-2016-d79a8ed83c)
Container cluster management
--------------------------------------------------------------------------------
Update Information:
Bump to origin v1.2.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1340643 - Update to origin v1.2.0
https://bugzilla.redhat.com/show_bug.cgi?id=1340643
--------------------------------------------------------------------------------
================================================================================
ndctl-53.1-1.fc24 (FEDORA-2016-8505baabe1)
Manage "libnvdimm" subsystem devices (Non-volatile Memory)
--------------------------------------------------------------------------------
Update Information:
- Fix up tag format vs source url confusion - add daxctl-libs + daxctl-devel
packages - add bash completion
--------------------------------------------------------------------------------
================================================================================
nvml-1.0-2.fc24 (FEDORA-2016-1ba843f879)
Non-Volatile Memory Library
--------------------------------------------------------------------------------
Update Information:
Exclude PPC architecture
--------------------------------------------------------------------------------
================================================================================
pcsc-cyberjack-3.99.5final.SP09-1.fc24 (FEDORA-2016-e672c38dd8)
PC/SC driver for REINER SCT cyberjack USB chip card reader
--------------------------------------------------------------------------------
Update Information:
New upstream, which fixes an usb-bug. Gui finally removed by upstream, was not
build/packaged anyway. The cyberjack binary, used for troubleshooting the
install, was also removed upstream.
--------------------------------------------------------------------------------
================================================================================
perl-MCE-1.708-1.fc24 (FEDORA-2016-ff73f4e786)
Many-core Engine for Perl providing parallel processing capabilities
--------------------------------------------------------------------------------
Update Information:
Current upstream maintenance release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1339851 - perl-MCE-1.707 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1339851
--------------------------------------------------------------------------------
================================================================================
php-bartlett-php-compatinfo-db-1.9.0-1.fc24 (FEDORA-2016-8b44a1f34e)
Reference Database to be used with php-compatinfo library
--------------------------------------------------------------------------------
Update Information:
**Version 1.9.0** - 2016-05-27 - Support to PHP 7.0.7 - Support to PHP 5.6.22 -
Support to PHP 5.5.36
--------------------------------------------------------------------------------
================================================================================
php-phpunit-git-2.1.2-1.fc24 (FEDORA-2016-7055fb1db1)
Simple wrapper for Git
--------------------------------------------------------------------------------
Update Information:
**Version 2.1.2** * Fix getCurrentBranch() to support branches with slashes
--------------------------------------------------------------------------------
================================================================================
python-hypothesis-3.4.0-1.fc24 (FEDORA-2016-e14755683c)
A library for property based testing
--------------------------------------------------------------------------------
Update Information:
Latest release, see https://hypothesis.readthedocs.io/en/latest/changes.html for
changelog
--------------------------------------------------------------------------------
================================================================================
python-shapely-1.5.16-1.fc24 (FEDORA-2016-6763413e23)
Manipulation and analysis of geometric objects in the Cartesian plane
--------------------------------------------------------------------------------
Update Information:
- Bug fix: eliminate memory leak when unpickling geometry objects (#384, #385).
- Bug fix: prevent crashes when attempting to pickle a prepared geometry,
raising ``PicklingError`` instead (#386).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1340577 - python-shapely-1.5.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1340577
--------------------------------------------------------------------------------
================================================================================
python-werkzeug-0.11.10-1.fc24 (FEDORA-2016-d8698f4a8d)
The Swiss Army knife of Python web development
--------------------------------------------------------------------------------
Update Information:
Upstream 0.11.10 ---- Upstream 0.11.6 (upstream #822)
--------------------------------------------------------------------------------
================================================================================
xemacs-21.5.34-16.20160507hgd5b51c618ef8.fc24 (FEDORA-2016-d104d3608c)
Different version of Emacs
--------------------------------------------------------------------------------
Update Information:
This update fixes a problem that prevents M-x shell from working under tcsh.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1222897 - Warning: no access to tty (Inappropriate ioctl for device). When opening a shell
https://bugzilla.redhat.com/show_bug.cgi?id=1222897
[ 2 ] Bug #1260785 - TCSH shells have process control problems in Xemacs
https://bugzilla.redhat.com/show_bug.cgi?id=1260785
--------------------------------------------------------------------------------
================================================================================
xen-4.6.1-10.fc24 (FEDORA-2016-cfea37952b)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
cleaner way to set kernel module load list Unrestricted qemu logging [XSA-180,
CVE-2014-3672] (#1339125) Qemu: scsi: esp: OOB write while writing to
's->cmdbuf' in esp_reg_write [CVE-2016-4439] (#1337502) Qemu: scsi: esp: OOB
write while writing to 's->cmdbuf' in get_cmd [CVE-2016-4441] (#1337505) Qemu:
scsi: megasas: out-of-bounds write while setting controller properties
[CVE-2016-5106] (#1339578) Qemu: scsi: megasas: stack information leakage while
reading configuration [CVE-2016-5105] (#1339583)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1337502 - CVE-2016-4439 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in esp_reg_write
https://bugzilla.redhat.com/show_bug.cgi?id=1337502
[ 2 ] Bug #1337505 - CVE-2016-4441 Qemu: scsi: esp: OOB write while writing to 's->cmdbuf' in get_cmd
https://bugzilla.redhat.com/show_bug.cgi?id=1337505
[ 3 ] Bug #1339578 - CVE-2016-5106 Qemu: scsi: megasas: out-of-bounds write while setting controller properties
https://bugzilla.redhat.com/show_bug.cgi?id=1339578
[ 4 ] Bug #1339583 - CVE-2016-5105 Qemu: scsi: megasas: stack information leakage while reading configuration
https://bugzilla.redhat.com/show_bug.cgi?id=1339583
[ 5 ] Bug #1339123 - CVE-2014-3672 xen: Unrestricted qemu logging
https://bugzilla.redhat.com/show_bug.cgi?id=1339123
--------------------------------------------------------------------------------