The following Fedora 24 Security updates need testing: Age URL 17 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b3f93ead5b moin-1.9.8-1.fc24 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-07e9059072 lighttpd-1.4.41-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-432f067a80 cryptobone-1.0.5-1.fc24 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5b05ca41dd drupal7-features-2.10-1.fc24 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-40d5f1d3c2 pagure-2.3.4-1.fc24 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8fd0599b02 drupal7-entity_translation-1.0-0.9.beta5.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4373f7d32a pulp-2.8.6-1.fc24 pulp-docker-2.0.2-1.fc24 pulp-ostree-1.1.2-1.fc24 pulp-puppet-2.8.6-2.fc24 pulp-python-1.1.2-1.fc24 pulp-rpm-2.8.6-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-472cdecb18 mingw-xz-5.2.2-3.fc24 mingw-libarchive-3.2.1-2.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fef6925d48 drupal7-theme-zen-5.6-1.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a3debc3a6 openssh-7.2p2-12.fc24
The following Fedora 24 Critical Path updates have yet to be approved: Age URL 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-494a721a73 ModemManager-1.6.0-1.fc24 libmbim-1.14.0-1.fc24 libqmi-1.16.0-1.fc24 usb_modeswitch-2.4.0-4.fc24 usb_modeswitch-data-20160612-3.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4a3debc3a6 openssh-7.2p2-12.fc24 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5dd9a9ae41 avahi-0.6.32-4.fc24
The following builds have been pushed to Fedora 24 updates-testing
clufter-0.59.5-1.fc24 compose-utils-0.1.7-1.fc24 dogtag-pki-10.3.5-1.fc24 drush-8.1.3-1.fc24 golang-1.6.3-2.fc24 golang-github-gosexy-gettext-0-0.2.git305f360.fc24 ibus-libpinyin-1.7.92-2.fc24 kdevelop-5.0.0-0.3.20160808git.fc24 kdevplatform-5.0.0-0.2.20160808git.fc24 libpinyin-1.5.92-2.fc24 opensaml-java-2.5.3-11.fc24 openssh-7.2p2-12.fc24 pdc-client-1.1.0-1.fc24 perl-ExtUtils-MakeMaker-7.10-5.fc24 php-behat-mink-1.7.1-1.fc24 php-behat-mink-browserkit-driver-1.3.2-1.fc24 php-consolidation-annotated-command-1.2.1-1.fc24 php-zendframework-zend-http-2.5.5-1.fc24 pki-console-10.3.5-1.fc24 pki-core-10.3.5-1.fc24 radamsa-0.5-1.fc24 sen-0.4.0-1.fc24 vavoom-1.33-19.fc24
Details about builds:
================================================================================ clufter-0.59.5-1.fc24 (FEDORA-2016-3e8aec249d) Tool/library for transforming/analyzing cluster configuration formats -------------------------------------------------------------------------------- Update Information:
- bump upstream package, see https://pagure.io/clufter/releases --------------------------------------------------------------------------------
================================================================================ compose-utils-0.1.7-1.fc24 (FEDORA-2016-228f59169a) Utilities for working with composes -------------------------------------------------------------------------------- Update Information:
* Add a command to copy (possibly part of) a compose to another location via `rsync`. * Add a command to check if packages moved between variants. --------------------------------------------------------------------------------
================================================================================ dogtag-pki-10.3.5-1.fc24 (FEDORA-2016-059eb8aaee) Dogtag Public Key Infrastructure (PKI) Suite -------------------------------------------------------------------------------- Update Information:
PKI TRAC Ticket #2392 - Release Dogtag 10.3.5 --------------------------------------------------------------------------------
================================================================================ drush-8.1.3-1.fc24 (FEDORA-2016-1bb8681637) Command line shell and scripting interface for Drupal -------------------------------------------------------------------------------- Update Information:
**MAJOR UPDATE** `6.7.0` => `8.1.3` See https://github.com/drush- ops/drush/releases for change information -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1357097 - drush-8.1.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1357097 --------------------------------------------------------------------------------
================================================================================ golang-1.6.3-2.fc24 (FEDORA-2016-2b545e01f4) The Go Programming Language -------------------------------------------------------------------------------- Update Information:
Obsolete golang-vet and golang-cover from golang-googlecode-tools package. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1268206 - golang-bin-1.5.1-0 file conflict with golang-vet-0.2.0 https://bugzilla.redhat.com/show_bug.cgi?id=1268206 --------------------------------------------------------------------------------
================================================================================ golang-github-gosexy-gettext-0-0.2.git305f360.fc24 (FEDORA-2016-5b459e3543) Gettext support for the Go language -------------------------------------------------------------------------------- Update Information:
Build and install go-xgettext to a separate binary package -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1359802 - Review Request: golang-github-gosexy-gettext - Gettext support for the Go language https://bugzilla.redhat.com/show_bug.cgi?id=1359802 --------------------------------------------------------------------------------
================================================================================ ibus-libpinyin-1.7.92-2.fc24 (FEDORA-2016-2cd5442e7a) Intelligent Pinyin engine based on libpinyin for IBus -------------------------------------------------------------------------------- Update Information:
Fixes crashes for Full Pinyin and Bopomofo. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1365183 - [abrt] ibus-libpinyin: PY::PinyinEditor::updatePreeditText(): ibus-engine-libpinyin killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1365183 [ 2 ] Bug #1364642 - [abrt] ibus-libpinyin: pinyin_get_character_offset(): ibus-engine-libpinyin killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1364642 --------------------------------------------------------------------------------
================================================================================ kdevelop-5.0.0-0.3.20160808git.fc24 (FEDORA-2016-41a3e28496) Integrated Development Environment for C++/C -------------------------------------------------------------------------------- Update Information:
Update to latest git snapshot. --------------------------------------------------------------------------------
================================================================================ kdevplatform-5.0.0-0.2.20160808git.fc24 (FEDORA-2016-41a3e28496) Libraries for use by KDE development tools -------------------------------------------------------------------------------- Update Information:
Update to latest git snapshot. --------------------------------------------------------------------------------
================================================================================ libpinyin-1.5.92-2.fc24 (FEDORA-2016-2cd5442e7a) Library to deal with pinyin -------------------------------------------------------------------------------- Update Information:
Fixes crashes for Full Pinyin and Bopomofo. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1365183 - [abrt] ibus-libpinyin: PY::PinyinEditor::updatePreeditText(): ibus-engine-libpinyin killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1365183 [ 2 ] Bug #1364642 - [abrt] ibus-libpinyin: pinyin_get_character_offset(): ibus-engine-libpinyin killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1364642 --------------------------------------------------------------------------------
================================================================================ opensaml-java-2.5.3-11.fc24 (FEDORA-2016-56a929b4aa) Java OpenSAML library -------------------------------------------------------------------------------- Update Information:
adapt to current guideline --------------------------------------------------------------------------------
================================================================================ openssh-7.2p2-12.fc24 (FEDORA-2016-4a3debc3a6) An open source implementation of SSH protocol versions 1 and 2 -------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2016-6515 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1364936 - CVE-2016-6515 openssh: Denial of service via very long passwords [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1364936 --------------------------------------------------------------------------------
================================================================================ pdc-client-1.1.0-1.fc24 (FEDORA-2016-49e76a5dda) Console client for interacting with Product Definition Center -------------------------------------------------------------------------------- Update Information:
- When page_size <= 0; the pagination will be disabled. (bliu@redhat.com) - Handle page_size in mocked API calls. (nils@redhat.com) - Move necessary arguments to required argument list. (ycheng@redhat.com) - Make format strings compatible with python 2.6 (chuzhang@redhat.com) - Fix failure with requests- kerberos 0.9+ and Python 3 (drop monkey_patch.py) (mzibrick@redhat.com) - Add FILES section and fix issue link in manpage (sochotnicky@redhat.com) --------------------------------------------------------------------------------
================================================================================ perl-ExtUtils-MakeMaker-7.10-5.fc24 (FEDORA-2016-f8d2b9945c) Create a module Makefile -------------------------------------------------------------------------------- Update Information:
Avoid loading optional modules from default . (CVE-2016-1238) --------------------------------------------------------------------------------
================================================================================ php-behat-mink-1.7.1-1.fc24 (FEDORA-2016-ec5c81bd79) Browser controller/emulator abstraction for PHP -------------------------------------------------------------------------------- Update Information:
# php-behat-mink ## 1.7.1 / 2016-03-05 Bug fixes: * Refactored the CssSelector to use the new API of the Symfony CssSelector component to be compatible with Symfony 3 Testsuite: * Disallowed failures on PHP 7 on Travis (tests were passing since a long time) Driver testsuite: * Fixed the driver testsuite to account for driver inheritance when checking recommended practices * Added a test for cookie values with semicolon, to ensure all drivers support it * Improved the window resize test to consider headless browsers * Fixed the compatibility of the testsuite with PHPUnit 5 * Added a test ensuring that `wait()` always return a boolean even when the JS expression does not cast the value * Added HTML escaping of submitted values in the driver testsuite web- fixtures Misc: * Removed the Mink testsuite from archives generated by Github to make them smaller # php-behat-mink-browserkit-driver ## 1.3.2 / 2016-03-05 Testsuite: * Disallowed failures on PHP 7 on Travis (tests were passing since a long time) * Added HTML escaping of submitted values in the driver testsuite web-fixtures ## 1.3.1 / 2016-01-19 * Added Symfony 3.0 compatibility -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1314987 - php-behat-mink-1.7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1314987 [ 2 ] Bug #1300118 - php-behat-mink-browserkit-driver-1.3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1300118 --------------------------------------------------------------------------------
================================================================================ php-behat-mink-browserkit-driver-1.3.2-1.fc24 (FEDORA-2016-ec5c81bd79) Symfony BrowserKit driver for Mink framework -------------------------------------------------------------------------------- Update Information:
# php-behat-mink ## 1.7.1 / 2016-03-05 Bug fixes: * Refactored the CssSelector to use the new API of the Symfony CssSelector component to be compatible with Symfony 3 Testsuite: * Disallowed failures on PHP 7 on Travis (tests were passing since a long time) Driver testsuite: * Fixed the driver testsuite to account for driver inheritance when checking recommended practices * Added a test for cookie values with semicolon, to ensure all drivers support it * Improved the window resize test to consider headless browsers * Fixed the compatibility of the testsuite with PHPUnit 5 * Added a test ensuring that `wait()` always return a boolean even when the JS expression does not cast the value * Added HTML escaping of submitted values in the driver testsuite web- fixtures Misc: * Removed the Mink testsuite from archives generated by Github to make them smaller # php-behat-mink-browserkit-driver ## 1.3.2 / 2016-03-05 Testsuite: * Disallowed failures on PHP 7 on Travis (tests were passing since a long time) * Added HTML escaping of submitted values in the driver testsuite web-fixtures ## 1.3.1 / 2016-01-19 * Added Symfony 3.0 compatibility -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1314987 - php-behat-mink-1.7.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1314987 [ 2 ] Bug #1300118 - php-behat-mink-browserkit-driver-1.3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1300118 --------------------------------------------------------------------------------
================================================================================ php-consolidation-annotated-command-1.2.1-1.fc24 (FEDORA-2016-cf49e414f4) Initialize Symfony Console commands from annotated command class methods -------------------------------------------------------------------------------- Update Information:
### 1.2.1 Fix unit tests for php 5.4. ### 1.2.0 Support both the 2.x and 3.x versions of phpdocumentor/reflection-docblock. ### 1.1.1 Do not allow a `@param` docblock comment for the options to change the meaning of the options. ### 1.1.0 Factor createSelectedCommandsFromClassInfo out of createCommandsFromClassInfo in AnnotatedCommandFactory, to give clients more control over command method selection. -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1359450 - php-consolidation-annotated-command-1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1359450 --------------------------------------------------------------------------------
================================================================================ php-zendframework-zend-http-2.5.5-1.fc24 (FEDORA-2016-db0c0a26b2) Zend Framework Http component -------------------------------------------------------------------------------- Update Information:
**Version 2.5.5** - 2016-08-08 - [#44](https://github.com/zendframework/zend- http/pull/44), [#45](https://github.com/zendframework/zend-http/pull/45), [#46](https://github.com/zendframework/zend-http/pull/46), [#47](https://github.com/zendframework/zend-http/pull/47), [#48](https://github.com/zendframework/zend-http/pull/48), and [#49](https://github.com/zendframework/zend-http/pull/49) prepare the documentation for publication at https://zendframework.github.io/zend-http/ - [#87](https://github.com/zendframework/zend-http/pull/87) fixes the `ContentLength` constructor to test for a non null value (vs a falsy value) before validating the value; this ensures 0 values may be specified for the length. - [#85](https://github.com/zendframework/zend-http/pull/85) fixes infinite recursion on AbstractAccept. If you create a new Accept and try to call getFieldValue(), an infinite recursion and a fatal error happens. - [#58](https://github.com/zendframework/zend-http/pull/58) avoid triggering a notice with special crafted accept headers. In the case the value of an accept header does not contain an equal sign, an "Undefined offset" notice is triggered. --------------------------------------------------------------------------------
================================================================================ pki-console-10.3.5-1.fc24 (FEDORA-2016-dd16599bc7) Certificate System - PKI Console -------------------------------------------------------------------------------- Update Information:
PKI TRAC Ticket #2392 - Release Dogtag 10.3.5 --------------------------------------------------------------------------------
================================================================================ pki-core-10.3.5-1.fc24 (FEDORA-2016-4d226a5f7e) Certificate System - PKI Core Components -------------------------------------------------------------------------------- Update Information:
PKI TRAC Ticket #2392 - Release Dogtag 10.3.5 --------------------------------------------------------------------------------
================================================================================ radamsa-0.5-1.fc24 (FEDORA-2016-33cc24e388) Test case generator for robustness testing -------------------------------------------------------------------------------- Update Information:
Updating radamsa to 0.5 --------------------------------------------------------------------------------
================================================================================ sen-0.4.0-1.fc24 (FEDORA-2016-6b8656a879) Terminal User Interface for docker engine -------------------------------------------------------------------------------- Update Information:
new upstream release: 0.4.0 --------------------------------------------------------------------------------
================================================================================ vavoom-1.33-19.fc24 (FEDORA-2016-0e673d6885) Enhanced Doom, Heretic, Hexen and Strife source port - meta package -------------------------------------------------------------------------------- Update Information:
- Fix crash on exit: https://retrace.fedoraproject.org/faf/reports/1192370/ --------------------------------------------------------------------------------