The following Fedora 24 Security updates need testing:
Age URL
99
https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df
jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24
68
https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08
squid-3.5.23-1.fc24
61
https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24
24
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba
runc-1.0.0-5.rc2.gitc91b5be.fc24
17
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9a5b89363f
libwmf-0.2.8.4-50.fc24
17
https://bodhi.fedoraproject.org/updates/FEDORA-2017-fa4e441e03
netpbm-10.77.00-3.fc24
17
https://bodhi.fedoraproject.org/updates/FEDORA-2017-404f1a29fc
mingw-gtk-vnc-0.7.0-1.fc24
17
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a9e6a5c249
gtk-vnc-0.7.0-1.fc24
15
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9b2cf468d5 vim-8.0.324-1.fc24
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-844445f2aa mupdf-1.10a-1.fc24
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f9f3a78148
suricata-3.2.1-1.fc24
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-19c5440abe
tomcat-8.0.41-1.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-05e32fe278 xrdp-0.9.1-5.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694 redis-3.2.8-1.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b11b460865
util-linux-2.28.2-2.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b9f61c68d
kernel-4.9.12-100.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1607a3a78e xen-4.6.4-8.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a513be0939 cacti-1.0.3-2.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
15
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9b2cf468d5 vim-8.0.324-1.fc24
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9f83ba7048
akonadi-calendar-tools-16.12.2-1.fc24 akonadi-import-wizard-16.12.2-1.fc24
akonadiconsole-16.12.2-1.fc24 akregator-16.12.2-1.fc24 balsa-2.5.2-3.fc24.1
blogilo-16.12.2-1.fc24 gpgme-1.8.0-10.fc24 grantlee-editor-16.12.2-1.fc24
kaddressbook-16.12.2-1.fc24 kalarm-16.12.2-1.fc24 kde-runtime-16.12.2-2.fc24.1
kdepim-addons-16.12.2-1.fc24 kdepim-apps-libs-16.12.2-1.fc24 kdepim-runtime-16.12.2-1.fc24
kdepimlibs-4.14.10-17.fc24 kf5-akonadi-calendar-16.12.2-1.fc24
kf5-akonadi-contacts-16.12.2-1.fc24 kf5-akonadi-mime-16.12.2-1.fc24
kf5-akonadi-notes-16.12.2-1.fc24 kf5-akonadi-search-16.12.2-1.fc24
kf5-akonadi-server-16.12.2-1.fc24 kf5-calendarsupport-16.12.2-1.fc24
kf5-eventviews-16.12.2-1.fc24 kf5-gpgmepp-16.08.3-3.fc24 kf5-grantleetheme-16.12.2-1.fc24
kf5-incidenceeditor-16.12.2-1.fc24 kf5-kalarmcal-16.12.2-1.fc24 kf5-kblog-16.12.2-1.fc24
kf5-kcalendarcore-16.12.2-1.fc24 kf5-kcalendarutils-16.12.2-1.fc24 kf5-kcontacts-16.12
.2-1.fc24 kf5-kholidays-16.12.2-1.fc24 kf5-kidentitymanagement-16.12.2-1.fc24
kf5-kimap-16.12.2-1.fc24 kf5-kldap-16.12.2-1.fc24 kf5-kmailtransport-16.12.2-1.fc24
kf5-kmbox-16.12.2-1.fc24 kf5-kmime-16.12.2-1.fc24 kf5-kontactinterface-16.12.2-1.fc24
kf5-kpimtextedit-16.12.2-1.fc24 kf5-ktnef-16.12.2-1.fc24 kf5-libgravatar-16.12.2-1.fc24
kf5-libkdepim-16.12.2-1.fc24 kf5-libkleo-16.12.2-1.fc24 kf5-libksieve-16.12.2-1.fc24
kf5-mailcommon-16.12.2-1.fc24 kf5-mailimporter-16.12.2-1.fc24
kf5-messagelib-16.12.2-1.fc24 kf5-pimcommon-16.12.2-1.fc24 kf5-syndication-16.12.2-1.fc24
kget-16.12.2-1.fc24.1 kleopatra-16.12.2-1.fc24 kmail-16.12.2-1.fc24
kmail-account-wizard-16.12.2-1.fc24 knotes-16.12.2-1.fc24 kontact-16.12.2-1.fc24
korganizer-16.12.2-1.fc24 mbox-importer-16.12.2-1.fc24 ostree-2017.2-2.fc24.1
pim-data-exporter-16.12.2-1.fc24 pim-sieve-editor-16.12.2-1.fc24
pim-storage-service-manager-16.12.2-1.fc24 trojita-0.7-3.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a244845fe3
gtk3-3.20.10-1.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b11b460865
util-linux-2.28.2-2.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-d89a48d8cc pcre-8.40-4.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a6183d9d27 lorax-24.22-1.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b9f61c68d
kernel-4.9.12-100.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-54078f9dd2
rpm-4.13.0.1-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-efd3683a66 audit-2.7.3-1.fc24
The following builds have been pushed to Fedora 24 updates-testing
GeoIP-1.6.9-4.fc24
awscli-1.11.55-1.fc24
blender-2.78b-2.fc24
cacti-1.0.3-2.fc24
coin-or-Ipopt-3.12.7-1.fc24
digikam-5.4.0-2.fc24
endless-sky-0.9.6-1.fc24
kf5-libkgeomap-16.12.2-1.fc24
libdivecomputer-subsurface-4.6.2-1.fc24
marble-16.12.2-1.fc24
marble-subsurface-4.6.2-1.fc24
mate-desktop-1.16.1-3.fc24
mp-3.1.0-7.20161124git1f3980.fc24
php-doctrine-orm-2.4.8-3.fc24
php-guzzle-Guzzle-3.9.3-11.fc24
pkgconf-1.3.0-1.fc24
python-botocore-1.5.18-1.fc24
subsurface-4.6.2-1.fc24
xen-4.6.4-8.fc24
yamllint-1.6.1-1.fc24
Details about builds:
================================================================================
GeoIP-1.6.9-4.fc24 (FEDORA-2017-d8033000d4)
Library for country/city/organization to IP address or hostname mapping
--------------------------------------------------------------------------------
Update Information:
Fix GeoIP_database_info truncation issue: *
https://github.com/maxmind/geoip-
api-c/issues/79 *
https://github.com/maxmind/geoip-api-c/pull/80
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1426853 - GeoIP_database_info is not returning full string from database
https://bugzilla.redhat.com/show_bug.cgi?id=1426853
--------------------------------------------------------------------------------
================================================================================
awscli-1.11.55-1.fc24 (FEDORA-2017-1488c1413d)
Universal Command Line Environment for AWS
--------------------------------------------------------------------------------
Update Information:
update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1415344 - awscli-1.11.55 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1415344
[ 2 ] Bug #1422295 - python-botocore-1.5.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1422295
--------------------------------------------------------------------------------
================================================================================
blender-2.78b-2.fc24 (FEDORA-2017-e827f09c86)
3D modeling, animation, rendering and post-production
--------------------------------------------------------------------------------
Update Information:
This update fixes an flickering issues on user interface from hardware running
on AMD graphic cards.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1425146 - Blender UI flickering on viewport updates
https://bugzilla.redhat.com/show_bug.cgi?id=1425146
--------------------------------------------------------------------------------
================================================================================
cacti-1.0.3-2.fc24 (FEDORA-2017-a513be0939)
An rrd based graphing tool
--------------------------------------------------------------------------------
Update Information:
- Update to 1.0.3 Release notes:
http://www.cacti.net/release_notes_1_0_0.php
http://www.cacti.net/release_notes_1_0_1.php
http://www.cacti.net/release_notes_1_0_2.php
http://www.cacti.net/release_notes_1_0_3.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1417604 - CVE-2014-4000 cacti: Multiple issues fixed in 1.0.0 version
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1417604
[ 2 ] Bug #1422854 - cacti-1.0.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1422854
[ 3 ] Bug #1417494 - cacti-1.0.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1417494
--------------------------------------------------------------------------------
================================================================================
coin-or-Ipopt-3.12.7-1.fc24 (FEDORA-2017-674955f4c4)
Interior Point OPTimizer
--------------------------------------------------------------------------------
Update Information:
- Update to 3.12.7 (bz#1426828) - Build on Fedora >= 26 s390x - Update patch0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1426828 - coin-or-Ipopt-3.12.7 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1426828
--------------------------------------------------------------------------------
================================================================================
digikam-5.4.0-2.fc24 (FEDORA-2017-85147e6ae2)
A digital camera accessing & photo management application
--------------------------------------------------------------------------------
Update Information:
Update to latest marble and subsurface releases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1271883 - subsurface-4.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1271883
--------------------------------------------------------------------------------
================================================================================
endless-sky-0.9.6-1.fc24 (FEDORA-2017-8902ad38a5)
Space exploration, trading, and combat game
--------------------------------------------------------------------------------
Update Information:
* Ship and outfit values now depreciate over time, which makes it harder to
become absurdly wealthy. * The main view's zoom can now be adjusted between 25%
and 200%, independent of the UI zoom. * Commands can now be given to groups of
escorts instead of to your whole fleet. * New Wanderer missions, doubling the
length of their story line and introducing a new ship. * New alien faction, the
Coalition, with 16 new ships and about 70 systems and planets. * Scanning now
takes time, to make dodging scans more interesting and less impossible. *
Systems and planets can now specify MP3s to play as music or ambient audio.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1414396 - endless-sky-0.9.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1414396
--------------------------------------------------------------------------------
================================================================================
kf5-libkgeomap-16.12.2-1.fc24 (FEDORA-2017-85147e6ae2)
A wrapper around different world-map components, to browse and arrange photos over a map
--------------------------------------------------------------------------------
Update Information:
Update to latest marble and subsurface releases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1271883 - subsurface-4.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1271883
--------------------------------------------------------------------------------
================================================================================
libdivecomputer-subsurface-4.6.2-1.fc24 (FEDORA-2017-85147e6ae2)
Library for communication with dive computers
--------------------------------------------------------------------------------
Update Information:
Update to latest marble and subsurface releases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1271883 - subsurface-4.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1271883
--------------------------------------------------------------------------------
================================================================================
marble-16.12.2-1.fc24 (FEDORA-2017-85147e6ae2)
Virtual globe and world atlas
--------------------------------------------------------------------------------
Update Information:
Update to latest marble and subsurface releases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1271883 - subsurface-4.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1271883
--------------------------------------------------------------------------------
================================================================================
marble-subsurface-4.6.2-1.fc24 (FEDORA-2017-85147e6ae2)
Marble Subsurface branch
--------------------------------------------------------------------------------
Update Information:
Update to latest marble and subsurface releases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1271883 - subsurface-4.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1271883
--------------------------------------------------------------------------------
================================================================================
mate-desktop-1.16.1-3.fc24 (FEDORA-2017-7627a542e7)
Shared code for mate-panel, mate-session, mate-file-manager, etc
--------------------------------------------------------------------------------
Update Information:
- update gsettings override file - remove dock from required-components-list
--------------------------------------------------------------------------------
================================================================================
mp-3.1.0-7.20161124git1f3980.fc24 (FEDORA-2017-cf95c023d1)
An open-source library for mathematical programming
--------------------------------------------------------------------------------
Update Information:
- Fix environment-modules required on epel7 - Skip gsl-test always (upstream
issue #103)
--------------------------------------------------------------------------------
================================================================================
php-doctrine-orm-2.4.8-3.fc24 (FEDORA-2017-a81a5b877b)
Doctrine Object-Relational-Mapper (ORM)
--------------------------------------------------------------------------------
Update Information:
RPM-only release: Use Fedora autoloader
--------------------------------------------------------------------------------
================================================================================
php-guzzle-Guzzle-3.9.3-11.fc24 (FEDORA-2017-4b0827b025)
PHP HTTP client library and framework for building RESTful web service clients
--------------------------------------------------------------------------------
Update Information:
RPM-only release: Use Fedora autoloader
--------------------------------------------------------------------------------
================================================================================
pkgconf-1.3.0-1.fc24 (FEDORA-2017-02c5410c0e)
Package compiler and linker metadata toolkit
--------------------------------------------------------------------------------
Update Information:
Update to 1.3.0
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1419685 - pkgconf emits extraneous whitespace
https://bugzilla.redhat.com/show_bug.cgi?id=1419685
--------------------------------------------------------------------------------
================================================================================
python-botocore-1.5.18-1.fc24 (FEDORA-2017-1488c1413d)
Low-level, data-driven core of boto 3
--------------------------------------------------------------------------------
Update Information:
update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1415344 - awscli-1.11.55 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1415344
[ 2 ] Bug #1422295 - python-botocore-1.5.16 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1422295
--------------------------------------------------------------------------------
================================================================================
subsurface-4.6.2-1.fc24 (FEDORA-2017-85147e6ae2)
A feature-full divelog in Qt
--------------------------------------------------------------------------------
Update Information:
Update to latest marble and subsurface releases.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1271883 - subsurface-4.6.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1271883
--------------------------------------------------------------------------------
================================================================================
xen-4.6.4-8.fc24 (FEDORA-2017-1607a3a78e)
Xen is a virtual machine monitor
--------------------------------------------------------------------------------
Update Information:
cirrus_bitblt_cputovideo does not check if memory region is safe [XSA-209,
CVE-2017-2620] (#1425420)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1420484 - CVE-2017-2620 Qemu: display: cirrus: potential arbitrary code
execution via cirrus_bitblt_cputovideo
https://bugzilla.redhat.com/show_bug.cgi?id=1420484
--------------------------------------------------------------------------------
================================================================================
yamllint-1.6.1-1.fc24 (FEDORA-2017-4e9d79f17e)
A linter for YAML files
--------------------------------------------------------------------------------
Update Information:
Update to latest upstream version
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1426873 - yamllint-1.6.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1426873
--------------------------------------------------------------------------------