The following Fedora 24 Security updates need testing:
Age URL
66
https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24
49
https://bodhi.fedoraproject.org/updates/FEDORA-2016-0ef628998f
chicken-4.11.0-3.fc24
9
https://bodhi.fedoraproject.org/updates/FEDORA-2016-d61c4f72da
chromium-53.0.2785.143-1.fc24
8
https://bodhi.fedoraproject.org/updates/FEDORA-2016-be779371b4
perl-Image-Info-1.38-6.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-53e8aa35f6
ghostscript-9.20-2.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-282507c3e9
libass-0.13.4-1.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-bc51f4636f
libgit2-0.24.2-2.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-7e57edc4cc
glibc-arm-linux-gnu-2.24-2.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f4b5897686
epiphany-3.20.4-1.fc24 webkitgtk4-2.14.1-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-990e2012ea
compat-guile18-1.8.8-14.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-57b72e526c
jasper-1.900.3-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-34209c3a8e
guile-2.0.13-1.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
4
https://bodhi.fedoraproject.org/updates/FEDORA-2016-f00a05d7b9
pungi-4.1.10-1.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2016-450a2b399f
kernel-4.7.7-200.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-e51ac2b4f5
thunderbird-45.4.0-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-57b72e526c
jasper-1.900.3-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8c47413113 libXi-1.7.7-2.fc24
The following builds have been pushed to Fedora 24 updates-testing
389-admin-console-1.1.12-1.fc24
389-adminutil-1.1.23-1.fc24
389-console-1.1.18-1.fc24
389-ds-console-1.2.15-1.fc24
GeoIP-GeoLite-data-2016.10-1.fc24
abi-compliance-checker-1.99.25-1.fc24
abi-tracker-1.9-1.fc24
ansible-inventory-grapher-2.3.2-1.fc24
bzflag-2.4.8-1.fc24
collectl-4.1.0-1.fc24
dc3dd-7.2.641-1.fc24
emacs-25.1-2.fc24
epiphany-3.20.4-1.fc24
fprintd-0.7.0-1.fc24
ghc-rpm-macros-1.4.16-1.fc24
glusterfs-3.8.5-1.fc24
guile-2.0.13-1.fc24
ibus-libzhuyin-1.7.10-1.fc24
idm-console-framework-1.1.17-1.fc24
jasper-1.900.3-1.fc24
libXi-1.7.7-2.fc24
libbson-1.3.5-3.fc24
libfaketime-0.9.6-3.fc24
mate-applet-softupd-0.4.3-1.fc24
mate-terminal-1.16.1-1.fc24
perl-CPAN-Perl-Releases-2.96-1.fc24
php-pear-phing-2.15.2-1.fc24
php-phpunit-PHPUnit-5.6.1-1.fc24
php-phpunit-PHPUnit-MockObject-3.4.0-1.fc24
pintail-0.4-1.fc24
python-GeoIP-1.3.2-3.fc24
python-flufl-bounce-2.3-1.fc24
python-flufl-i18n-1.1.3-1.fc24
python-flufl-lock-2.4.1-1.fc24
python-grapefruit-0.1a4-2.fc24
quodlibet-3.7.1-1.fc24
rtlsdr-scanner-1.0.22497.10311-1.fc24
shinken-2.4.3-3.fc24
sway-0.10-0.1.rc3.fc24
thunderbird-45.4.0-1.fc24
webkitgtk4-2.14.1-1.fc24
xapps-1.0.0-0.2.git0f28d18.fc24
xxdiff-4.0.1-1.fc24
zeal-0.3.1-1.fc24
Details about builds:
================================================================================
389-admin-console-1.1.12-1.fc24 (FEDORA-2016-0ea0ab2142)
389 Admin Server Management Console
--------------------------------------------------------------------------------
Update Information:
bump version to 1.1.12
--------------------------------------------------------------------------------
================================================================================
389-adminutil-1.1.23-1.fc24 (FEDORA-2016-e01c252a2a)
Utility library for 389 administration
--------------------------------------------------------------------------------
Update Information:
bump version to 1.1.23
--------------------------------------------------------------------------------
================================================================================
389-console-1.1.18-1.fc24 (FEDORA-2016-07d7111669)
389 Management Console
--------------------------------------------------------------------------------
Update Information:
Bump version to 1.1.18-1
--------------------------------------------------------------------------------
================================================================================
389-ds-console-1.2.15-1.fc24 (FEDORA-2016-e37b304df2)
389 Directory Server Management Console
--------------------------------------------------------------------------------
Update Information:
Bumped version to 1.2.15
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #48933 - None
https://bugzilla.redhat.com/show_bug.cgi?id=48933
[ 2 ] Bug #48417 - None
https://bugzilla.redhat.com/show_bug.cgi?id=48417
--------------------------------------------------------------------------------
================================================================================
GeoIP-GeoLite-data-2016.10-1.fc24 (FEDORA-2016-02c9ce0df4)
Free GeoLite IP geolocation country database
--------------------------------------------------------------------------------
Update Information:
Update to current databases.
--------------------------------------------------------------------------------
================================================================================
abi-compliance-checker-1.99.25-1.fc24 (FEDORA-2016-54cc18c642)
An ABI Compliance Checker
--------------------------------------------------------------------------------
Update Information:
97ddab2 Added CheckObjects and SkipTypedefUncover options of the profile.
25c10ed Fixed GraphShortXTics option. Fixed detection of SO-version. Fixed style
of the report. b69c4a4 Move to secure HTTPS. 576863c Described cron job.
Generate compact headers diff. 8400069 (HEAD -> master, tag: 1.9,
origin/master, origin/HEAD) Released 1.9. Improved support for ABI Viewer and
ABI Dumper EE.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1384258 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1384258
--------------------------------------------------------------------------------
================================================================================
abi-tracker-1.9-1.fc24 (FEDORA-2016-54cc18c642)
Tool to visualize ABI changes timeline of a C/C++ library
--------------------------------------------------------------------------------
Update Information:
97ddab2 Added CheckObjects and SkipTypedefUncover options of the profile.
25c10ed Fixed GraphShortXTics option. Fixed detection of SO-version. Fixed style
of the report. b69c4a4 Move to secure HTTPS. 576863c Described cron job.
Generate compact headers diff. 8400069 (HEAD -> master, tag: 1.9,
origin/master, origin/HEAD) Released 1.9. Improved support for ABI Viewer and
ABI Dumper EE.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1384258 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1384258
--------------------------------------------------------------------------------
================================================================================
ansible-inventory-grapher-2.3.2-1.fc24 (FEDORA-2016-82b04bff1f)
Creates graphs representing ansible inventory
--------------------------------------------------------------------------------
Update Information:
Update to 2.3.2
--------------------------------------------------------------------------------
================================================================================
bzflag-2.4.8-1.fc24 (FEDORA-2016-9dd6c4ccfb)
3D multi-player tank battle game
--------------------------------------------------------------------------------
Update Information:
2.4.8
https://github.com/BZFlag-Dev/bzflag/releases
--------------------------------------------------------------------------------
================================================================================
collectl-4.1.0-1.fc24 (FEDORA-2016-9b51da9502)
A utility to collect various Linux performance data
--------------------------------------------------------------------------------
Update Information:
updated to 4.1.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1383847 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1383847
--------------------------------------------------------------------------------
================================================================================
dc3dd-7.2.641-1.fc24 (FEDORA-2016-cd5f88dce9)
Patched version of GNU dd for use in computer forensics
--------------------------------------------------------------------------------
Update Information:
Update to bugfix release.
--------------------------------------------------------------------------------
================================================================================
emacs-25.1-2.fc24 (FEDORA-2016-b839b149bf)
GNU Emacs text editor
--------------------------------------------------------------------------------
Update Information:
emacs leaves behind corrupted symlinks on CIFS share (#1271407)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1271407 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1271407
--------------------------------------------------------------------------------
================================================================================
epiphany-3.20.4-1.fc24 (FEDORA-2016-f4b5897686)
Web browser for GNOME
--------------------------------------------------------------------------------
Update Information:
Update WebKitGTK+ package to 2.14.1: * Threaded compositor is enabled by
default in both X11 and Wayland. * Accelerated compositing is now supported in
Wayland. * Clipboard works in Wayland too. * Memory pressure handler always
works even when cgroups is not present or not configured. * The HTTP disk cache
implements speculative revalidation of resources. * DRI3 is no longer a problem
when using the modesetting intel driver. * The amount of file descriptors that
are kept open has been drastically reduced. * MiniBrowser and jsc binaries are
now installed in pkglibexecdir instead of bindir. * Improve performance when
resizing a window with multiple web views in X11. * Check whether GDK can use GL
before using gdk_cairo_draw_from_gl() in Wayland. * Updated default UserAgent
string or better compatibility. * Fix a crash on
github.com in
IntlDateTimeFormat::resolvedOptions when using the C locale. * Fix BadDamage X
errors when closing the web view in X11. * Fix UIProcess crash when using
Japanese input method. * Fix build with clang due to missing header includes. *
Fix the build with USE_REDIRECTED_XCOMPOSITE_WINDOW disabled. * Fix several
crashes and rendering issues. * Translation updates: German. Update Epiphany to
be compatible with the new WebKitGTK+ package.
--------------------------------------------------------------------------------
================================================================================
fprintd-0.7.0-1.fc24 (FEDORA-2016-4af46f1c4d)
D-Bus service for Fingerprint reader access
--------------------------------------------------------------------------------
Update Information:
This new version fixes a crash when fingerprint authentication is enabled.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1294103 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1294103
--------------------------------------------------------------------------------
================================================================================
ghc-rpm-macros-1.4.16-1.fc24 (FEDORA-2016-5aff32e509)
RPM macros for building packages for GHC
--------------------------------------------------------------------------------
Update Information:
Backports from F25 including: - support for subpackaging with ghc_libs_build
and ghc_libs_install - new ghc_fix_rpath macro - ghc_gen_filelists now handles
license files automatically - set Cabal docdir to licensedir so licenses end up
in right place - ghc_lib_subpackage now takes name-version
--------------------------------------------------------------------------------
================================================================================
glusterfs-3.8.5-1.fc24 (FEDORA-2016-92697ef2b9)
Distributed File System
--------------------------------------------------------------------------------
Update Information:
3.8.5 GA
--------------------------------------------------------------------------------
================================================================================
guile-2.0.13-1.fc24 (FEDORA-2016-34209c3a8e)
A GNU implementation of Scheme for application extensibility
--------------------------------------------------------------------------------
Update Information:
Update to the latest stable release, which fixes CVE-2016-8605 and
CVE-2016-8606.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1383966 - CVE-2016-8605 guile: Thread-unsafe umask modification
https://bugzilla.redhat.com/show_bug.cgi?id=1383966
[ 2 ] Bug #1383972 - CVE-2016-8606 guile: REPL server vulnerable to HTTP inter-protocol
attacks
https://bugzilla.redhat.com/show_bug.cgi?id=1383972
--------------------------------------------------------------------------------
================================================================================
ibus-libzhuyin-1.7.10-1.fc24 (FEDORA-2016-62c2ab75e7)
New Zhuyin engine based on libzhuyin for IBus
--------------------------------------------------------------------------------
Update Information:
new upstream release.
--------------------------------------------------------------------------------
================================================================================
idm-console-framework-1.1.17-1.fc24 (FEDORA-2016-f2af3ec61a)
Identity Management Console Framework
--------------------------------------------------------------------------------
Update Information:
Bump version to 1.1.17
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #48811 - None
https://bugzilla.redhat.com/show_bug.cgi?id=48811
--------------------------------------------------------------------------------
================================================================================
jasper-1.900.3-1.fc24 (FEDORA-2016-57b72e526c)
Implementation of the JPEG-2000 standard, Part 1
--------------------------------------------------------------------------------
Update Information:
New version of jasper is available (1.900.3) ---- Security fix for
CVE-2016-2089 ---- New version of jasper is available.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1302636 - CVE-2016-2089 jasper: matrix rows_ NULL pointer dereference in
jas_matrix_clip()
https://bugzilla.redhat.com/show_bug.cgi?id=1302636
--------------------------------------------------------------------------------
================================================================================
libXi-1.7.7-2.fc24 (FEDORA-2016-8c47413113)
X.Org X11 libXi runtime library
--------------------------------------------------------------------------------
Update Information:
Fix crash when calling XListInputDevices on devices without classes
--------------------------------------------------------------------------------
================================================================================
libbson-1.3.5-3.fc24 (FEDORA-2016-aafde97a01)
Building, parsing, and iterating BSON documents
--------------------------------------------------------------------------------
Update Information:
This release fixes allocating zero bytes that could lead to an execution abort.
--------------------------------------------------------------------------------
================================================================================
libfaketime-0.9.6-3.fc24 (FEDORA-2016-df16b2b758)
Manipulate system time per process for testing purposes
--------------------------------------------------------------------------------
Update Information:
Add support for CLOCK_BOOTTIME (patch by Mario Pareja <pareja.mario(a)gmail.com>)
--------------------------------------------------------------------------------
================================================================================
mate-applet-softupd-0.4.3-1.fc24 (FEDORA-2016-5f1ae53e13)
MATE Software Update Applet
--------------------------------------------------------------------------------
Update Information:
New upstream release. Use dnf backend when available. Use gtk3 for >= f25.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1384318 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1384318
--------------------------------------------------------------------------------
================================================================================
mate-terminal-1.16.1-1.fc24 (FEDORA-2016-b6c00a7aad)
Terminal emulator for MATE
--------------------------------------------------------------------------------
Update Information:
-update to 1.16.1
--------------------------------------------------------------------------------
================================================================================
perl-CPAN-Perl-Releases-2.96-1.fc24 (FEDORA-2016-b6aa760e76)
Mapping Perl releases on CPAN to the location of the tarballs
--------------------------------------------------------------------------------
Update Information:
This release provides data for perl 5.22.3-RC4 and 5.24.1-RC4.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1384495 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1384495
--------------------------------------------------------------------------------
================================================================================
php-pear-phing-2.15.2-1.fc24 (FEDORA-2016-43a97fff66)
A project build system based on Apache Ant
--------------------------------------------------------------------------------
Update Information:
Oct. 13, 2016 - **Phing 2.15.2** This release fixes a regression introduced in
2.15.1: * [#593](https://github.com/phingofficial/phing/issues/593) - Changed
behavior in fileset filtering in 2.15.1 ---- Oct. 11, 2016 - **Phing 2.15.1**
This release fixes a missing include and two bugs: *
[#1264](https://www.phing.info/trac/ticket/1264) delete fileset /foo.php deletes
/baz.foo.php * [#1038](https://www.phing.info/trac/ticket/1038) PhingFile
getPathWithoutBase does not work for files outside basedir
--------------------------------------------------------------------------------
================================================================================
php-phpunit-PHPUnit-5.6.1-1.fc24 (FEDORA-2016-a94e7c5db3)
The PHP Unit Testing framework
--------------------------------------------------------------------------------
Update Information:
Update to latest version 5.x as older are now unmaintained. * [Release
Announcement for PHPUnit
5.6.0](https://github.com/sebastianbergmann/phpunit/wiki/Release-Announce...
for-PHPUnit-5.6.0) * [Release Announcement for PHPUnit
5.5.0](https://github.com/sebastianbergmann/phpunit/wiki/Release-Announce...
for-PHPUnit-5.5.0)
--------------------------------------------------------------------------------
================================================================================
php-phpunit-PHPUnit-MockObject-3.4.0-1.fc24 (FEDORA-2016-a94e7c5db3)
Mock Object library for PHPUnit
--------------------------------------------------------------------------------
Update Information:
Update to latest version 5.x as older are now unmaintained. * [Release
Announcement for PHPUnit
5.6.0](https://github.com/sebastianbergmann/phpunit/wiki/Release-Announce...
for-PHPUnit-5.6.0) * [Release Announcement for PHPUnit
5.5.0](https://github.com/sebastianbergmann/phpunit/wiki/Release-Announce...
for-PHPUnit-5.5.0)
--------------------------------------------------------------------------------
================================================================================
pintail-0.4-1.fc24 (FEDORA-2016-63df0d180f)
Build web sites from Mallard sources
--------------------------------------------------------------------------------
Update Information:
Update to v0.4 release
--------------------------------------------------------------------------------
================================================================================
python-GeoIP-1.3.2-3.fc24 (FEDORA-2016-10edd49754)
Python bindings for the GeoIP geographical lookup libraries
--------------------------------------------------------------------------------
Update Information:
Created python2 and 3 subpackages
--------------------------------------------------------------------------------
================================================================================
python-flufl-bounce-2.3-1.fc24 (FEDORA-2016-79cf0c1494)
Email bounce detectors
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
================================================================================
python-flufl-i18n-1.1.3-1.fc24 (FEDORA-2016-ce7ce36506)
A high level API for Python internationalization
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
================================================================================
python-flufl-lock-2.4.1-1.fc24 (FEDORA-2016-96395a200a)
NFS-safe file locking with timeouts for POSIX systems
--------------------------------------------------------------------------------
Update Information:
Initial package.
--------------------------------------------------------------------------------
================================================================================
python-grapefruit-0.1a4-2.fc24 (FEDORA-2016-7cacb84cd7)
Python module for easy manipulation of color information
--------------------------------------------------------------------------------
Update Information:
Fix rpmlint errors
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1308557 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1308557
--------------------------------------------------------------------------------
================================================================================
quodlibet-3.7.1-1.fc24 (FEDORA-2016-8ec3549b73)
A music management program
--------------------------------------------------------------------------------
Update Information:
- update to 3.7.1 -
http://quodlibet.readthedocs.io/en/latest/changelog.html
#and-then-you-re-doomed-doomed-to-to-have-not-ill-effects-that-is
--------------------------------------------------------------------------------
================================================================================
rtlsdr-scanner-1.0.22497.10311-1.fc24 (FEDORA-2016-f5f29a57d5)
Frequency scanning GUI for RTL2832 based DVB-T dongles
--------------------------------------------------------------------------------
Update Information:
This is new version of the package and it also fixes local imports to be
relative to prevent potential conflicts with other Python packages.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1383513 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1383513
--------------------------------------------------------------------------------
================================================================================
shinken-2.4.3-3.fc24 (FEDORA-2016-9c1a581061)
Python Monitoring tool
--------------------------------------------------------------------------------
Update Information:
Add doc directory.
--------------------------------------------------------------------------------
================================================================================
sway-0.10-0.1.rc3.fc24 (FEDORA-2016-49487eef45)
i3-compatible window manager for Wayland
--------------------------------------------------------------------------------
Update Information:
update to rc3
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1380075 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1380075
--------------------------------------------------------------------------------
================================================================================
thunderbird-45.4.0-1.fc24 (FEDORA-2016-e51ac2b4f5)
Mozilla Thunderbird mail/newsgroup client
--------------------------------------------------------------------------------
Update Information:
For changes see:
https://www.mozilla.org/en-US/thunderbird/45.4.0/releasenotes/
--------------------------------------------------------------------------------
================================================================================
webkitgtk4-2.14.1-1.fc24 (FEDORA-2016-f4b5897686)
GTK+ Web content engine library
--------------------------------------------------------------------------------
Update Information:
Update WebKitGTK+ package to 2.14.1: * Threaded compositor is enabled by
default in both X11 and Wayland. * Accelerated compositing is now supported in
Wayland. * Clipboard works in Wayland too. * Memory pressure handler always
works even when cgroups is not present or not configured. * The HTTP disk cache
implements speculative revalidation of resources. * DRI3 is no longer a problem
when using the modesetting intel driver. * The amount of file descriptors that
are kept open has been drastically reduced. * MiniBrowser and jsc binaries are
now installed in pkglibexecdir instead of bindir. * Improve performance when
resizing a window with multiple web views in X11. * Check whether GDK can use GL
before using gdk_cairo_draw_from_gl() in Wayland. * Updated default UserAgent
string or better compatibility. * Fix a crash on
github.com in
IntlDateTimeFormat::resolvedOptions when using the C locale. * Fix BadDamage X
errors when closing the web view in X11. * Fix UIProcess crash when using
Japanese input method. * Fix build with clang due to missing header includes. *
Fix the build with USE_REDIRECTED_XCOMPOSITE_WINDOW disabled. * Fix several
crashes and rendering issues. * Translation updates: German. Update Epiphany to
be compatible with the new WebKitGTK+ package.
--------------------------------------------------------------------------------
================================================================================
xapps-1.0.0-0.2.git0f28d18.fc24 (FEDORA-2016-e90c290f6e)
Common files for XApp desktop apps
--------------------------------------------------------------------------------
Update Information:
New package providing common components for cinnamon.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1382908 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1382908
--------------------------------------------------------------------------------
================================================================================
xxdiff-4.0.1-1.fc24 (FEDORA-2016-ebe64040bd)
Graphical file and directories comparator and merge tool
--------------------------------------------------------------------------------
Update Information:
Update to release 4.0.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1336254 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1336254
--------------------------------------------------------------------------------
================================================================================
zeal-0.3.1-1.fc24 (FEDORA-2016-226fa7194c)
Offline documentation browser inspired by Dash
--------------------------------------------------------------------------------
Update Information:
New features and fixes; see
https://github.com/zealdocs/zeal/releases for
details
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1381134 - None
https://bugzilla.redhat.com/show_bug.cgi?id=1381134
--------------------------------------------------------------------------------