The following Fedora 24 Security updates need testing:
Age URL
161
https://bodhi.fedoraproject.org/updates/FEDORA-2016-32eaf0c41e redis-3.2.3-1.fc24
59
https://bodhi.fedoraproject.org/updates/FEDORA-2016-93679a91df
jenkins-1.651.3-2.fc24 jenkins-remoting-2.62.3-1.fc24
28
https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08
squid-3.5.23-1.fc24
21
https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24
17
https://bodhi.fedoraproject.org/updates/FEDORA-2016-76d9809fd4
w3m-0.5.3-27.git20161120.fc24
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2c2d1be16
docker-latest-1.12.6-1.git51ef5a8.fc24
5
https://bodhi.fedoraproject.org/updates/FEDORA-2017-19b0fe001d
runc-1.0.0-3.rc2.gitc91b5be.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8873ebdb43
ikiwiki-3.20170111-1.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-01c3288bef
wordpress-4.7.1-1.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a73bc7ac5d
fedmsg-0.18.2-1.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-5d0871e3fd
boomaga-0.8.0-6.git97f52c1.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-1ce2a05ff1
groovy-2.4.5-8.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8308bc2a6e
pdns-recursor-4.0.4-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-418398ce60
ansible-2.2.1.0-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-12394e2cc7 qemu-2.6.2-6.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
13
https://bodhi.fedoraproject.org/updates/FEDORA-2016-8b3063d71c
redhat-rpm-config-42-2.fc24
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-984be5f703
policycoreutils-2.5-16.fc24
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2153a45ba5
nautilus-3.20.4-1.fc24
7
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7585703fbe
selinux-policy-3.13.1-191.24.fc24
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-78a478cd32
NetworkManager-1.2.6-1.fc24
3
https://bodhi.fedoraproject.org/updates/FEDORA-2017-07cfb2b5de
python-2.7.13-1.fc24 python-docs-2.7.13-1.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-b1c53a8e08
perl-5.22.3-366.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2017-318fee62ab vim-8.0.194-1.fc24
1
https://bodhi.fedoraproject.org/updates/FEDORA-2016-cddf0ec383
nss-3.27.0-1.3.fc24
The following builds have been pushed to Fedora 24 updates-testing
ansible-2.2.1.0-1.fc24
cinnamon-screensaver-3.2.13-2.fc24
digikam-5.4.0-1.fc24
dspam-3.10.2-20.fc24
gnome-software-3.22.5-1.fc24
ibus-table-1.9.16-1.fc24
ibus-typing-booster-1.5.18-1.fc24
kdiagram-2.6.0-2.fc24
libappstream-glib-0.6.7-2.fc24
libfm-qt-0.11.2-1.fc24
liblxqt-0.11.1-2.fc24
lximage-qt-0.5.1-1.fc24
lxqt-about-0.11.1-1.fc24
lxqt-admin-0.11.1-1.fc24
lxqt-common-0.11.2-1.fc24
lxqt-config-0.11.1-2.fc24
lxqt-globalkeys-0.11.1-1.fc24
lxqt-notificationd-0.11.1-1.fc24
lxqt-openssh-askpass-0.11.1-1.fc24
lxqt-panel-0.11.1-1.fc24
lxqt-policykit-0.11.1-1.fc24
lxqt-powermanagement-0.11.1-1.fc24
lxqt-qtplugin-0.11.1-1.fc24
lxqt-runner-0.11.1-1.fc24
lxqt-session-0.11.1-1.fc24
lxqt-sudo-0.11.1-1.fc24
nvml-1.2-1.fc24
obconf-qt-0.11.1-1.fc24
pavucontrol-qt-0.2.0-1.fc24
pcmanfm-qt-0.11.3-1.fc24
perl-Image-ExifTool-10.40-1.fc24
php-bartlett-PHP-CompatInfo-5.0.4-1.fc24
php-zendframework-zend-mime-2.6.1-1.fc24
python-resultsdb_api-1.3.0-1.fc24
qemu-2.6.2-6.fc24
resultsdb_frontend-1.2.0-1.fc24
rpcbind-0.2.3-15.rc2.fc24
taskotron-trigger-0.4.3-1.fc24
tintin-2.01.2-1.fc24
vdr-epg2vdr-1.1.24-1.fc24
wine-2.0-0.1.rc5.fc24
Details about builds:
================================================================================
ansible-2.2.1.0-1.fc24 (FEDORA-2017-418398ce60)
SSH-based configuration management, deployment, and task execution system
--------------------------------------------------------------------------------
Update Information:
Update to ansible 2.2.1. Fixes several CVEs as well as a number of other
bugfixes. See:
https://github.com/ansible/ansible/blob/stable-2.2/CHANGELOG.md
for full changes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1412357 - CVE-2016-9587 Ansible: Compromised remote hosts can lead to running
commands on the Ansible controller [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1412357
[ 2 ] Bug #1403231 - ansible: Variables from vault are being output to console/log when
using with_items [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1403231
[ 3 ] Bug #1396176 - CVE-2016-8647 Ansible: in some circumstances the mysql_user module
may fail to correctly change a password [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1396176
--------------------------------------------------------------------------------
================================================================================
cinnamon-screensaver-3.2.13-2.fc24 (FEDORA-2017-eabca6c706)
Cinnamon Screensaver
--------------------------------------------------------------------------------
Update Information:
* Backport some upstream commits for bugfix
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1410549 - [abrt] cinnamon-screensaver
https://bugzilla.redhat.com/show_bug.cgi?id=1410549
[ 2 ] Bug #1399731 - [abrt] cinnamon-screensaver:
framedImage.py:103:on_file_written:TypeError: constructor returned NULL
https://bugzilla.redhat.com/show_bug.cgi?id=1399731
[ 3 ] Bug #1413706 - [abrt] cinnamon-screensaver:
cinnamon-screensaver-command.py:90:perform_action:GLib.GError: g-io-error-quark: ��asov��
limit vypr��el (24)
https://bugzilla.redhat.com/show_bug.cgi?id=1413706
--------------------------------------------------------------------------------
================================================================================
digikam-5.4.0-1.fc24 (FEDORA-2017-f395535152)
A digital camera accessing & photo management application
--------------------------------------------------------------------------------
Update Information:
New stable bugfix release, see also
https://www.digikam.org/node/764
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1411549 - digikam-5.4.0 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1411549
--------------------------------------------------------------------------------
================================================================================
dspam-3.10.2-20.fc24 (FEDORA-2017-42eb6a8070)
A library and Mail Delivery Agent for Bayesian SPAM filtering
--------------------------------------------------------------------------------
Update Information:
Update to use tmpfiles.d rpm macro.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1413267 - Move tmpfiles.d config to %{_tmpfilesdir}
https://bugzilla.redhat.com/show_bug.cgi?id=1413267
--------------------------------------------------------------------------------
================================================================================
gnome-software-3.22.5-1.fc24 (FEDORA-2017-0c22055bfa)
A software center for GNOME
--------------------------------------------------------------------------------
Update Information:
gnome-software 3.22.5 release. * Fix local package installation * Fix codec
and printer driver installation for packages without appdata * Fix update notes
to show up on the Updates page * Add support for "+" operator at the end of
SPDX license identifiers * Only show the scary firmware warning for removable
devices * Various fixes for flatpak support * Fix several potential crashers
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397925 - gnome-software: installing local RPM not possible
https://bugzilla.redhat.com/show_bug.cgi?id=1397925
--------------------------------------------------------------------------------
================================================================================
ibus-table-1.9.16-1.fc24 (FEDORA-2017-7ed4f7582b)
The Table engine for IBus platform
--------------------------------------------------------------------------------
Update Information:
update to 1.9.16 ---- update to 1.9.15 ---- update to 1.9.14; Fix bug in
Unihan_Variants.txt, ��� U+4E7E is both simplified and traditional Chinese (thanks
to Heiher <r(a)hev.cc>) ---- update to 1.9.13; When ignoring key release events,
���False��� should be returned, not ���True���; Some new translations
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1413580 - [abrt] ibus-table: __init__():
factory.py:96:do_create_engine:Exception: Cannot create engine wubi-jidian86
https://bugzilla.redhat.com/show_bug.cgi?id=1413580
[ 2 ] Bug #1369514 - When ibus-table is active the ���enter command��� dialog of Gnome
cannot be closed with ESC
https://bugzilla.redhat.com/show_bug.cgi?id=1369514
--------------------------------------------------------------------------------
================================================================================
ibus-typing-booster-1.5.18-1.fc24 (FEDORA-2017-003627ba96)
A completion input method
--------------------------------------------------------------------------------
Update Information:
update to 1.5.18 ---- update to 1.5.17 ---- update to 1.5.16
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1413082 - When emoji mode is off *and* the option ���Enable suggestions by
Tab key��� is off *and* one types very fast, ibus-typing-booster sometimes crashes
https://bugzilla.redhat.com/show_bug.cgi?id=1413082
[ 2 ] Bug #1411659 - ibus-typing-booster sometimes shows weird number after candidates
when using French
https://bugzilla.redhat.com/show_bug.cgi?id=1411659
[ 3 ] Bug #1411676 - Deleting candidates from the user database doesn���t work if the
candidate is typed with a prefix
https://bugzilla.redhat.com/show_bug.cgi?id=1411676
[ 4 ] Bug #1411688 - Backspace and delete don���t work well when reaching the end of the
pre��dit, making it hard to delete spaces between words when surrounding text is
supported
https://bugzilla.redhat.com/show_bug.cgi?id=1411688
--------------------------------------------------------------------------------
================================================================================
kdiagram-2.6.0-2.fc24 (FEDORA-2017-1ab1227718)
Powerful libraries (KChart, KGantt) for creating business diagrams
--------------------------------------------------------------------------------
Update Information:
Powerful libraries (KChart, KGantt) for creating business diagrams.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1409334 - Review Request: kdiagram - Powerful libraries (KChart, KGantt) for
creating business diagrams
https://bugzilla.redhat.com/show_bug.cgi?id=1409334
--------------------------------------------------------------------------------
================================================================================
libappstream-glib-0.6.7-2.fc24 (FEDORA-2017-0c22055bfa)
Library for AppStream metadata
--------------------------------------------------------------------------------
Update Information:
gnome-software 3.22.5 release. * Fix local package installation * Fix codec
and printer driver installation for packages without appdata * Fix update notes
to show up on the Updates page * Add support for "+" operator at the end of
SPDX license identifiers * Only show the scary firmware warning for removable
devices * Various fixes for flatpak support * Fix several potential crashers
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1397925 - gnome-software: installing local RPM not possible
https://bugzilla.redhat.com/show_bug.cgi?id=1397925
--------------------------------------------------------------------------------
================================================================================
libfm-qt-0.11.2-1.fc24 (FEDORA-2017-a2c655ebb2)
Companion library for PCManFM
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
liblxqt-0.11.1-2.fc24 (FEDORA-2017-a2c655ebb2)
Core shared library for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lximage-qt-0.5.1-1.fc24 (FEDORA-2017-a2c655ebb2)
The image viewer and screenshot tool for LXQt
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-about-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
About application for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-admin-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
LXQt system administration tool
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-common-0.11.2-1.fc24 (FEDORA-2017-a2c655ebb2)
Common resources for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-config-0.11.1-2.fc24 (FEDORA-2017-a2c655ebb2)
Config tools for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-globalkeys-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
Global keys utility for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-notificationd-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
Notification daemon for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-openssh-askpass-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
Askpass openssh transition dialog for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-panel-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
Main panel bar for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-policykit-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
PolicyKit agent for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-powermanagement-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
Powermanagement daemon for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-qtplugin-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
Qt plugin framework for LXQt Desktop Suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-runner-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
Application runner agent for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-session-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
Main session for LXQt desktop suite
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
lxqt-sudo-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
GUI frontend for sudo/su
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
nvml-1.2-1.fc24 (FEDORA-2017-0022695e45)
Non-Volatile Memory Library
--------------------------------------------------------------------------------
Update Information:
- Update to NVML version 1.2 (RHBZ #1383467) - Add libpmemobj C++ bindings - Add
Device DAX support
--------------------------------------------------------------------------------
================================================================================
obconf-qt-0.11.1-1.fc24 (FEDORA-2017-a2c655ebb2)
A configuration editor for the OpenBox window manager
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
pavucontrol-qt-0.2.0-1.fc24 (FEDORA-2017-a2c655ebb2)
Qt port of volume control pavucontrol
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
pcmanfm-qt-0.11.3-1.fc24 (FEDORA-2017-a2c655ebb2)
LxQt file manager PCManFM
--------------------------------------------------------------------------------
Update Information:
LXQt 0.11.1 update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1403560 - obconf-qt-0.11.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1403560
[ 2 ] Bug #1289956 - pcmanfm-qt-0.11.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1289956
--------------------------------------------------------------------------------
================================================================================
perl-Image-ExifTool-10.40-1.fc24 (FEDORA-2017-b3c435737f)
Utility for reading and writing image meta info
--------------------------------------------------------------------------------
Update Information:
Update to latest stable (10.40).
--------------------------------------------------------------------------------
================================================================================
php-bartlett-PHP-CompatInfo-5.0.4-1.fc24 (FEDORA-2017-8503aed266)
Find out version and the extensions required for a piece of code to run
--------------------------------------------------------------------------------
Update Information:
**Version 5.0.4** From git history, as upstream doesn't provide any ChangeLog:
- Fix gh#227 use trait requires PHP 5.4.0 ---- **Version 5.0.3** From git
history, as upstream doesn't provide any ChangeLog: * Fix gh#226 5.0.2 does
not detect yield / generators #226
--------------------------------------------------------------------------------
================================================================================
php-zendframework-zend-mime-2.6.1-1.fc24 (FEDORA-2017-bc306d8dd1)
Zend Framework Mime component
--------------------------------------------------------------------------------
Update Information:
**Version 2.6.1** - 2017-01-16 - [#22](https://github.com/zendframework/zend-
mime/pull/22) adds the ability to decode a single-part MIME message via
`Zend\Mime\Message::createFromMessage()` by omitting the `$boundary` argument.
- [#14](https://github.com/zendframework/zend-mime/pull/14) adds checks for
duplicate parts when adding them to a MIME message, and now throws an
`InvalidArgumentException` when detected. -
[#13](https://github.com/zendframework/zend-mime/pull/13) fixes issues with
qp-octets produced by Outlook. - [#17](https://github.com/zendframework/zend-
mime/pull/17) fixes a syntax error in how are thrown by
`Zend\Mime\Part::setContent()`. - [#18](https://github.com/zendframework/zend-
mime/pull/18) fixes how non-ASCII header values are encoded, ensuring that it
allows the first word to be of arbitrary length.
--------------------------------------------------------------------------------
================================================================================
python-resultsdb_api-1.3.0-1.fc24 (FEDORA-2016-55ed3764d6)
Interface api to ResultsDB
--------------------------------------------------------------------------------
Update Information:
With the release of ResultsDB 2.0, all of the things which use and interact with
ResultsDB should be updated. The 1.0 api should continue to function for all
known usecases
--------------------------------------------------------------------------------
================================================================================
qemu-2.6.2-6.fc24 (FEDORA-2017-12394e2cc7)
QEMU is a FAST! processor emulator
--------------------------------------------------------------------------------
Update Information:
* CVE-2016-6836: vmxnet: Information leakage in vmxnet3_complete_packet (bz
#1366370) * CVE-2016-7909: pcnet: Infinite loop in pcnet_rdra_addr (bz #1381196)
* CVE-2016-7994: virtio-gpu: memory leak in resource_create_2d (bz #1382667) *
CVE-2016-8577: 9pfs: host memory leakage in v9fs_read (bz #1383286) *
CVE-2016-8578: 9pfs: potential NULL dereferencein 9pfs routines (bz #1383292) *
CVE-2016-8668: OOB buffer access in rocker switch emulation (bz #1384898) *
CVE-2016-8669: divide by zero error in serial_update_parameters (bz #1384911) *
CVE-2016-8910: rtl8139: infinite loop while transmit in C+ mode (bz #1388047) *
CVE-2016-8909: intel-hda: infinite loop in dma buffer stream (bz #1388053) *
Infinite loop vulnerability in a9_gtimer_update (bz #1388300) * CVE-2016-9101:
eepro100: memory leakage at device unplug (bz #1389539) * CVE-2016-9103: 9pfs:
information leakage via xattr (bz #1389643) * CVE-2016-9102: 9pfs: memory
leakage when creating extended attribute (bz #1389551) * CVE-2016-9104: 9pfs:
integer overflow leading to OOB access (bz #1389687) * CVE-2016-9105: 9pfs:
memory leakage in v9fs_link (bz #1389704) * CVE-2016-9106: 9pfs: memory leakage
in v9fs_write (bz #1389713) * CVE-2016-9381: xen: incautious about shared ring
processing (bz #1397385) * CVE-2016-9921: Divide by zero vulnerability in
cirrus_do_copy (bz #1399054) * CVE-2016-9776: infinite loop while receiving data
in mcf_fec_receive (bz #1400830) * CVE-2016-9845: information leakage in
virgl_cmd_get_capset_info (bz #1402247) * CVE-2016-9846: virtio-gpu: memory
leakage while updating cursor data (bz #1402258) * CVE-2016-9907: usbredir:
memory leakage when destroying redirector (bz #1402266) * CVE-2016-9911: usb:
ehci: memory leakage in ehci_init_transfer (bz #1402273) * CVE-2016-9913: 9pfs:
memory leakage via proxy/handle callbacks (bz #1402277) * CVE-2016-10028:
virtio-gpu-3d: OOB access while reading virgl capabilities (bz #1406368) *
CVE-2016-9908: virtio-gpu: information leakage in virgl_cmd_get_capset (bz
#1402263) * CVE-2016-9912: virtio-gpu: memory leakage when destroying gpu
resource (bz #1402285)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1366369 - CVE-2016-6836 Qemu: net: vmxnet: Information leakage in
vmxnet3_complete_packet
https://bugzilla.redhat.com/show_bug.cgi?id=1366369
[ 2 ] Bug #1329538 - CVE-2016-7909 Qemu: net: pcnet: infinite loop in pcnet_rdra_addr()
https://bugzilla.redhat.com/show_bug.cgi?id=1329538
[ 3 ] Bug #1382666 - CVE-2016-7994 Qemu: virtio-gpu: memory leak in
virtio_gpu_resource_create_2d
https://bugzilla.redhat.com/show_bug.cgi?id=1382666
[ 4 ] Bug #1383285 - CVE-2016-8577 Qemu: 9pfs: host memory leakage in v9fs_read
https://bugzilla.redhat.com/show_bug.cgi?id=1383285
[ 5 ] Bug #1383291 - CVE-2016-8578 Qemu: 9pfs: potential NULL dereferencein 9pfs
routines
https://bugzilla.redhat.com/show_bug.cgi?id=1383291
[ 6 ] Bug #1384896 - CVE-2016-8668 Qemu: net: OOB buffer access in rocker switch
emulation
https://bugzilla.redhat.com/show_bug.cgi?id=1384896
[ 7 ] Bug #1384909 - CVE-2016-8669 Qemu: char: divide by zero error in
serial_update_parameters
https://bugzilla.redhat.com/show_bug.cgi?id=1384909
[ 8 ] Bug #1388046 - CVE-2016-8910 Qemu: net: rtl8139: infinite loop while transmit in
C+ mode
https://bugzilla.redhat.com/show_bug.cgi?id=1388046
[ 9 ] Bug #1388052 - CVE-2016-8909 Qemu: audio: intel-hda: infinite loop in processing
dma buffer stream
https://bugzilla.redhat.com/show_bug.cgi?id=1388052
[ 10 ] Bug #1389538 - CVE-2016-9101 Qemu: net: eepro100 memory leakage at device unplug
https://bugzilla.redhat.com/show_bug.cgi?id=1389538
[ 11 ] Bug #1389642 - CVE-2016-9103 Qemu: 9pfs: information leakage via xattr
https://bugzilla.redhat.com/show_bug.cgi?id=1389642
[ 12 ] Bug #1389550 - CVE-2016-9102 Qemu: 9pfs: memory leakage when creating extended
attribute
https://bugzilla.redhat.com/show_bug.cgi?id=1389550
[ 13 ] Bug #1389686 - CVE-2016-9104 Qemu: 9pfs: integer overflow leading to OOB access
https://bugzilla.redhat.com/show_bug.cgi?id=1389686
[ 14 ] Bug #1389702 - CVE-2016-9105 Qemu: 9pfs: memory leakage in v9fs_link
https://bugzilla.redhat.com/show_bug.cgi?id=1389702
[ 15 ] Bug #1389712 - CVE-2016-9106 Qemu: 9pfs: memory leakage in v9fs_write
https://bugzilla.redhat.com/show_bug.cgi?id=1389712
[ 16 ] Bug #1392938 - CVE-2016-9381 xsa197 xen: qemu incautious about shared ring
processing (XSA-197)
https://bugzilla.redhat.com/show_bug.cgi?id=1392938
[ 17 ] Bug #1334398 - CVE-2016-9921 CVE-2016-9922 Qemu: display: cirrus_vga: a divide by
zero in cirrus_do_copy
https://bugzilla.redhat.com/show_bug.cgi?id=1334398
[ 18 ] Bug #1400829 - CVE-2016-9776 Qemu: net: mcf_fec: infinite loop while receiving
data in mcf_fec_receive
https://bugzilla.redhat.com/show_bug.cgi?id=1400829
[ 19 ] Bug #1402245 - CVE-2016-9845 Qemu: display: virtio-gpu-3d: information leakage in
virgl_cmd_get_capset_info
https://bugzilla.redhat.com/show_bug.cgi?id=1402245
[ 20 ] Bug #1402255 - CVE-2016-9846 Qemu: display: virtio-gpu: memory leakage while
updating cursor data
https://bugzilla.redhat.com/show_bug.cgi?id=1402255
[ 21 ] Bug #1402265 - CVE-2016-9907 Qemu: usb: redirector: memory leakage when
destroying redirector
https://bugzilla.redhat.com/show_bug.cgi?id=1402265
[ 22 ] Bug #1402272 - CVE-2016-9911 Qemu: usb: ehci: memory leakage in
ehci_init_transfer
https://bugzilla.redhat.com/show_bug.cgi?id=1402272
[ 23 ] Bug #1402276 - CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 Qemu:
9pfs: memory leakage via proxy/handle callbacks
https://bugzilla.redhat.com/show_bug.cgi?id=1402276
[ 24 ] Bug #1406367 - CVE-2016-10028 Qemu: display: virtio-gpu-3d: OOB access while
reading virgl capabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1406367
[ 25 ] Bug #1402262 - CVE-2016-9908 Qemu: display: virtio-gpu: information leakage in
virgl_cmd_get_capset
https://bugzilla.redhat.com/show_bug.cgi?id=1402262
[ 26 ] Bug #1402284 - CVE-2016-9912 Qemu: display: virtio-gpu: memory leakage when
destroying gpu resource
https://bugzilla.redhat.com/show_bug.cgi?id=1402284
--------------------------------------------------------------------------------
================================================================================
resultsdb_frontend-1.2.0-1.fc24 (FEDORA-2016-55ed3764d6)
Frontend for the ResultsDB
--------------------------------------------------------------------------------
Update Information:
With the release of ResultsDB 2.0, all of the things which use and interact with
ResultsDB should be updated. The 1.0 api should continue to function for all
known usecases
--------------------------------------------------------------------------------
================================================================================
rpcbind-0.2.3-15.rc2.fc24 (FEDORA-2017-ae8bb3b08f)
Universal Addresses to RPC Program Number Mapper
--------------------------------------------------------------------------------
Update Information:
Document /run/rpcbind is the state directory
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1401561 - rpcbind-0.2.4-1.fc25 fails to start at boot
https://bugzilla.redhat.com/show_bug.cgi?id=1401561
--------------------------------------------------------------------------------
================================================================================
taskotron-trigger-0.4.3-1.fc24 (FEDORA-2017-3eab8acf22)
Triggering Taskotron jobs via fedmsg
--------------------------------------------------------------------------------
Update Information:
Bugfixes and additional features for supporting dist-git task storage with
multiple namespaces ---- This fixes an issue with assumptions made about how
koji uses tags which are no longer valid. See [the upstream
issue](https://phab.qadevel.cloud.fedoraproject.org/T862) for details ---- Add
docker support. Remove mongoquery bundle. ---- Initial build of taskotron-
trigger in Fedora repos
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1341099 - Review Request: taskotron-trigger - Triggering Taskotron jobs on
fedmsgs
https://bugzilla.redhat.com/show_bug.cgi?id=1341099
--------------------------------------------------------------------------------
================================================================================
tintin-2.01.2-1.fc24 (FEDORA-2017-628227cdfb)
TinTin++, aka tt++, is a free MUD client
--------------------------------------------------------------------------------
Update Information:
A new version of the tintin++ MUD client is available for Fedora. See
http://tintin.sourceforge.net/board/viewtopic.php?t=2430 for the summary of
changes in this release.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1413572 - tintin-2.01.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1413572
--------------------------------------------------------------------------------
================================================================================
vdr-epg2vdr-1.1.24-1.fc24 (FEDORA-2017-63f14cef76)
A plugin to retrieve EPG data from a mysql database into VDR
--------------------------------------------------------------------------------
Update Information:
Update to 1.1.24 ---- Update to 1.1.23 ---- Update to 1.1.21 ---- Update
to 1.1.20
--------------------------------------------------------------------------------
================================================================================
wine-2.0-0.1.rc5.fc24 (FEDORA-2017-802e5908b5)
A compatibility layer for windows applications
--------------------------------------------------------------------------------
Update Information:
https://www.winehq.org/announce/2.0-rc5 - Bug fixes only, we are in code
freeze. - Add Iris Haswell PCI ids and descriptions.
https://wine-
staging.com/news/2017-01-15-release-2.0-rc5.html - Initial support for
Mandatory Integrity Control. - PE loader improvements. - Removal of 32GB memory
limit on 64 bit. - Initial support for Trust Info inside manifest files. - Fixes
and improvements for 13 smaller Wine bugs.
--------------------------------------------------------------------------------