Fedora 25 Update: libcxxabi-3.9.1-1.fc25
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-34f3186fc2
2017-06-02 17:35:06.903499
--------------------------------------------------------------------------------
Name : libcxxabi
Product : Fedora 25
Version : 3.9.1
Release : 1.fc25
URL : http://libcxxabi.llvm.org/
Summary : Low level support for a standard C++ library
Description :
libcxxabi provides low level support for a standard C++ library.
--------------------------------------------------------------------------------
Update Information:
Sync with the rest of the llvm/clang stack.
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade libcxxabi' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora 25 Update: libcxx-3.9.1-1.fc25
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-34f3186fc2
2017-06-02 17:35:06.903499
--------------------------------------------------------------------------------
Name : libcxx
Product : Fedora 25
Version : 3.9.1
Release : 1.fc25
URL : http://libcxx.llvm.org/
Summary : C++ standard library targeting C++11
Description :
libc++ is a new implementation of the C++ standard library, targeting C++11.
--------------------------------------------------------------------------------
Update Information:
Sync with the rest of the llvm/clang stack.
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade libcxx' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora 25 Update: runc-1.0.0-6.git75f8da7.fc25.1
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-f4ccc7cb91
2017-06-02 17:35:06.903443
--------------------------------------------------------------------------------
Name : runc
Product : Fedora 25
Version : 1.0.0
Release : 6.git75f8da7.fc25.1
URL : https://github.com/opencontainers/runc
Summary : CLI for running Open Containers
Description :
The runc command can be used to start containers which are packaged
in accordance with the Open Container Initiative's specifications,
and to manage containers running under runc.
--------------------------------------------------------------------------------
Update Information:
bump to v1.0.0-rc3
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade runc' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
[SECURITY] Fedora 25 Update: squirrelmail-1.4.22-19.fc25
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-f85c37ae3d
2017-06-02 17:35:06.903270
--------------------------------------------------------------------------------
Name : squirrelmail
Product : Fedora 25
Version : 1.4.22
Release : 19.fc25
URL : http://www.squirrelmail.org/
Summary : webmail client written in php
Description :
SquirrelMail is a basic webmail package written in PHP4. It
includes built-in pure PHP support for the IMAP and SMTP protocols, and
all pages render in pure HTML 4.0 (with no JavaScript) for maximum
compatibility across browsers. It has very few requirements and is very
easy to configure and install.
--------------------------------------------------------------------------------
Update Information:
fix insufficient escaping of user-supplied data (CVE-2017-7692)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1445165 - CVE-2017-7692 squirrelmail: Insufficient escaping of user-supplied data
https://bugzilla.redhat.com/show_bug.cgi?id=1445165
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade squirrelmail' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora 24 Update: php-cs-fixer-2.2.4-1.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-89c2ef2e0a
2017-06-02 17:35:03.195677
--------------------------------------------------------------------------------
Name : php-cs-fixer
Product : Fedora 24
Version : 2.2.4
Release : 1.fc24
URL : https://github.com/FriendsOfPHP/PHP-CS-Fixer
Summary : A tool to automatically fix PHP code style
Description :
The PHP Coding Standards Fixer tool fixes most issues in your code when you
want to follow the PHP coding standards as defined in the PSR-1 and PSR-2
documents and many more.
If you are already using a linter to identify coding standards problems in
your code, you know that fixing them by hand is tedious, especially on large
projects. This tool does not only detect them, but also fixes them for you.
--------------------------------------------------------------------------------
Update Information:
Changelog for **version 2.2.4** * bug #2682 DoctrineAnnotationIndentationFixer
- fix handling nested annotations (edhgoose, julienfalque) * bug #2700 Fix
Doctrine Annotation end detection (julienfalque) * bug #2715 OrderedImportsFixer
- handle indented groups (pilgerone) * bug #2732 HeaderCommentFixer - fix
handling blank lines (s7b4) * bug #2745 Fix Doctrine Annotation newlines
(julienfalque) * bug #2752 FixCommand - fix typo in warning message (mnapoli) *
bug #2757 GeckoPHPUnit is not dev dependency (keradus) * bug #2759 Update
gitattributes (SpacePossum) * bug #2763 Fix describe command with PSR-0 fixer
(julienfalque) * bug #2768 Tokens::ensureWhitespaceAtIndex - clean up comment
check, add check for T_OPEN (SpacePossum) * bug #2783
Tokens::ensureWhitespaceAtIndex - Fix handling line endings (SpacePossum) *
minor #2663 Use colors for keywords in commands output (julienfalque, keradus) *
minor #2706 Update README (SpacePossum) * minor #2714 README.rst - fix wrong
value in example (mleko) * minor #2721 Update phpstorm article link to a fresh
blog post (valeryan) * minor #2727 PHPUnit - use speedtrap (keradus) * minor
#2728 SelfUpdateCommand - verify that it's possible to replace current file
(keradus) * minor #2729 DescribeCommand - add decorated output test
(julienfalque) * minor #2731 BracesFixer - properly pass config in utest
dataProvider (keradus) * minor #2738 Upgrade tests to use new, namespaced
PHPUnit TestCase class (keradus) * minor #2743 Fixing example and description
for GeneralPhpdocAnnotationRemoveFixer (kubawerlos) * minor #2744
AbstractDoctrineAnnotationFixerTestCase - split fixers test cases (julienfalque)
* minor #2755 Fix compatibility with PHPUnit 5.4.x (keradus) * minor #2758
Readme - improve CI integration guidelines (keradus) * minor #2769 Psr0Fixer -
remove duplicated example (julienfalque) * minor #2775
NoExtraConsecutiveBlankLinesFixer - remove duplicate code sample. (SpacePossum)
* minor #2778 AutoReview - watch that code samples are unique (keradus) * minor
#2787 Add warnings about missing dom ext and require json ext (keradus) * minor
#2792 Use composer-require-checker (keradus) * minor #2796 Update .gitattributes
(SpacePossum) * minor #2800 PhpdocTypesFixerTest - Fix typo in covers annotation
(SpacePossum)
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade php-cs-fixer' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora 24 Update: awscli-1.11.90-1.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-4e6c760c94
2017-06-02 17:35:03.195612
--------------------------------------------------------------------------------
Name : awscli
Product : Fedora 24
Version : 1.11.90
Release : 1.fc24
URL : http://aws.amazon.com/cli
Summary : Universal Command Line Environment for AWS
Description :
This package provides a unified
command line interface to Amazon Web Services.
--------------------------------------------------------------------------------
Update Information:
update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435219 - awscli-1.11.90 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1435219
[ 2 ] Bug #1437278 - python-botocore-1.5.53 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1437278
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade awscli' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora 24 Update: python-botocore-1.5.53-1.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-4e6c760c94
2017-06-02 17:35:03.195612
--------------------------------------------------------------------------------
Name : python-botocore
Product : Fedora 24
Version : 1.5.53
Release : 1.fc24
URL : https://github.com/boto/botocore
Summary : Low-level, data-driven core of boto 3
Description :
A low-level interface to a growing number of Amazon Web Services. The
botocore package is the foundation for the AWS CLI as well as boto3.
--------------------------------------------------------------------------------
Update Information:
update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1435219 - awscli-1.11.90 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1435219
[ 2 ] Bug #1437278 - python-botocore-1.5.53 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1437278
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade python-botocore' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
Fedora 24 Update: jitterentropy-rngd-1.0.6-1.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-26299e00d4
2017-06-02 17:35:03.195556
--------------------------------------------------------------------------------
Name : jitterentropy-rngd
Product : Fedora 24
Version : 1.0.6
Release : 1.fc24
URL : http://www.chronox.de/jent.html
Summary : RNGD based on CPU Jitter RNG
Description :
The CPU Jitter Random Number Generator provides a non-physical true
random number generator that works equally in kernel and user land. The
only prerequisite is the availability of a high-resolution timer that
is available in modern CPUs.
Upon starting as a service, it will block until it has written 256 bytes
of entropy (which happens almost immediately)
A whitepaper is available at:
http://www.chronox.de/jent/doc/CPU-Jitter-NPTRNG.pdf
--------------------------------------------------------------------------------
Update Information:
Updated to 1.0.6, fixup After target in service file, patches merged upstream
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade jitterentropy-rngd' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
[SECURITY] Fedora 24 Update: chromium-native_client-58.0.3029.81-1.20170421gitc948e9b.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-7d698eba8b
2017-06-02 17:35:03.195487
--------------------------------------------------------------------------------
Name : chromium-native_client
Product : Fedora 24
Version : 58.0.3029.81
Release : 1.20170421gitc948e9b.fc24
URL : http://src.chromium.org/viewvc/native_client/
Summary : Google Native Client Toolchain
Description :
Google's "pnacl" toolchain for native client support in Chromium. Depends on
their older "nacl" toolchain, packaged separately.
--------------------------------------------------------------------------------
Update Information:
Update to chromium 58. Move chrome-remote-desktop to user systemd service.
Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,
CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,
CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069 ---- Security fix
for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443850
[ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443849
[ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1443848
[ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443847
[ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443845
[ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia
https://bugzilla.redhat.com/show_bug.cgi?id=1443841
[ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps
https://bugzilla.redhat.com/show_bug.cgi?id=1443840
[ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443839
[ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443838
[ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443837
[ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview
https://bugzilla.redhat.com/show_bug.cgi?id=1443836
[ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1443835
[ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc
https://bugzilla.redhat.com/show_bug.cgi?id=1448031
[ 14 ] Bug #1437353 - CVE-2017-5053 chromium-browser: out of bounds memory access in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1437353
[ 15 ] Bug #1437352 - CVE-2017-5056 chromium-browser: use after free in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1437352
[ 16 ] Bug #1437351 - CVE-2017-5052 chromium-browser: bad cast in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1437351
[ 17 ] Bug #1437350 - CVE-2017-5054 chromium-browser: heap buffer overflow in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1437350
[ 18 ] Bug #1437348 - CVE-2017-5055 chromium-browser: use after free in printing
https://bugzilla.redhat.com/show_bug.cgi?id=1437348
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade chromium-native_client' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months
[SECURITY] Fedora 24 Update: chromium-58.0.3029.110-2.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-7d698eba8b
2017-06-02 17:35:03.195487
--------------------------------------------------------------------------------
Name : chromium
Product : Fedora 24
Version : 58.0.3029.110
Release : 2.fc24
URL : http://www.chromium.org/Home
Summary : A WebKit (Blink) powered web browser
Description :
Chromium is an open-source web browser, powered by WebKit (Blink).
--------------------------------------------------------------------------------
Update Information:
Update to chromium 58. Move chrome-remote-desktop to user systemd service.
Security fixes for CVE-2017-5068, CVE-2017-5057, CVE-2017-5058, CVE-2017-5059,
CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064,
CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069 ---- Security fix
for CVE-2017-5055, CVE-2017-5054, CVE-2017-5052, CVE-2017-5056, CVE-2017-5053
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1443850 - CVE-2017-5069 chromium-browser: cross-origin bypass in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443850
[ 2 ] Bug #1443849 - CVE-2017-5067 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443849
[ 3 ] Bug #1443848 - CVE-2017-5066 chromium-browser: incorrect signature handing in networking
https://bugzilla.redhat.com/show_bug.cgi?id=1443848
[ 4 ] Bug #1443847 - CVE-2017-5065 chromium-browser: incorrect ui in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443847
[ 5 ] Bug #1443845 - CVE-2017-5064 chromium-browser: use after free in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443845
[ 6 ] Bug #1443841 - CVE-2017-5063 chromium-browser: heap overflow in skia
https://bugzilla.redhat.com/show_bug.cgi?id=1443841
[ 7 ] Bug #1443840 - CVE-2017-5062 chromium-browser: use after free in chrome apps
https://bugzilla.redhat.com/show_bug.cgi?id=1443840
[ 8 ] Bug #1443839 - CVE-2017-5061 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443839
[ 9 ] Bug #1443838 - CVE-2017-5060 chromium-browser: url spoofing in omnibox
https://bugzilla.redhat.com/show_bug.cgi?id=1443838
[ 10 ] Bug #1443837 - CVE-2017-5059 chromium-browser: type confusion in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1443837
[ 11 ] Bug #1443836 - CVE-2017-5058 chromium-browser: heap use after free in print preview
https://bugzilla.redhat.com/show_bug.cgi?id=1443836
[ 12 ] Bug #1443835 - CVE-2017-5057 chromium-browser: type confusion in pdfium
https://bugzilla.redhat.com/show_bug.cgi?id=1443835
[ 13 ] Bug #1448031 - CVE-2017-5068 chromium-browser: race condition in webrtc
https://bugzilla.redhat.com/show_bug.cgi?id=1448031
[ 14 ] Bug #1437353 - CVE-2017-5053 chromium-browser: out of bounds memory access in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1437353
[ 15 ] Bug #1437352 - CVE-2017-5056 chromium-browser: use after free in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1437352
[ 16 ] Bug #1437351 - CVE-2017-5052 chromium-browser: bad cast in blink
https://bugzilla.redhat.com/show_bug.cgi?id=1437351
[ 17 ] Bug #1437350 - CVE-2017-5054 chromium-browser: heap buffer overflow in v8
https://bugzilla.redhat.com/show_bug.cgi?id=1437350
[ 18 ] Bug #1437348 - CVE-2017-5055 chromium-browser: use after free in printing
https://bugzilla.redhat.com/show_bug.cgi?id=1437348
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade chromium' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
6 years, 11 months