The following Fedora 24 Security updates need testing:
Age URL
132
https://bodhi.fedoraproject.org/updates/FEDORA-2016-26f9817b08
squid-3.5.23-1.fc24
125
https://bodhi.fedoraproject.org/updates/FEDORA-2016-eaaa9c4a08 exim-4.87.1-1.fc24
88
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ece16ba6ba
runc-1.0.0-5.rc2.gitc91b5be.fc24
68
https://bodhi.fedoraproject.org/updates/FEDORA-2017-4b176c1694 redis-3.2.8-1.fc24
38
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0f5fe1913f
sane-backends-1.0.25-7.fc24
31
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ec01954fe9
chromium-57.0.2987.133-1.fc24
24
https://bodhi.fedoraproject.org/updates/FEDORA-2017-8330a48ca2
python-XStatic-jquery-ui-1.12.0.1-1.fc24
15
https://bodhi.fedoraproject.org/updates/FEDORA-2017-374389c196 qemu-2.6.2-8.fc24
13
https://bodhi.fedoraproject.org/updates/FEDORA-2017-edce28f24b
bind99-9.9.9-4.P8.fc24
12
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a5363b41d
libnl3-3.2.28-5.fc24
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2cefcc2b3 icu-56.1-8.fc24
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3b367c896f pcre-8.40-7.fc24
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7a7d2044c9
libreoffice-5.1.6.2-8.fc24
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-2ccfbd650a log4j-2.5-3.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0b6da97aa5
squirrelmail-1.4.22-19.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-7de130a80d tnef-1.4.14-2.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c8448d0cad
roundcubemail-1.2.5-1.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-aff3dd3101 batik-1.8-9.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0aa0f69e0c
kernel-4.10.13-100.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3849af4477
libplist-2.0.0-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a6a053fc05
java-1.8.0-openjdk-aarch32-1.8.0.131-1.170420.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-9ccef781a6
weechat-1.7.1-1.fc24
The following Fedora 24 Critical Path updates have yet to be approved:
Age URL
24
https://bodhi.fedoraproject.org/updates/FEDORA-2017-a90e43dc1b
thunderbird-52.0-1.fc24
20
https://bodhi.fedoraproject.org/updates/FEDORA-2017-ae0e285fc1
libdrm-2.4.79-1.fc24
11
https://bodhi.fedoraproject.org/updates/FEDORA-2017-e1905fd566 koji-1.12.0-2.fc24
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3b367c896f pcre-8.40-7.fc24
9
https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2cefcc2b3 icu-56.1-8.fc24
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0768d64843 nss-3.30.2-1.0.fc24
nss-softokn-3.30.2-1.0.fc24 nss-util-3.30.2-1.0.fc24 nspr-4.14.0-2.fc24
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-dc35d35e92 vim-8.0.586-1.fc24
6
https://bodhi.fedoraproject.org/updates/FEDORA-2017-f808fd0be7
menu-cache-1.0.2-3.D20170419gitdffb1314ec.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-508fd2b9ca
json-c-0.12.1-1.fc24
4
https://bodhi.fedoraproject.org/updates/FEDORA-2017-878927210f
ca-certificates-2017.2.14-1.0.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-162308e82b llvm-3.8.1-3.fc24
cargo-0.18.0-1.fc24 rust-1.17.0-1.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-fb8bb34a62
coreutils-8.25-9.fc24
2
https://bodhi.fedoraproject.org/updates/FEDORA-2017-0aa0f69e0c
kernel-4.10.13-100.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-6cbcdc4571
xorg-x11-drv-nouveau-1.0.15-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3849af4477
libplist-2.0.0-1.fc24
0
https://bodhi.fedoraproject.org/updates/FEDORA-2017-3a209288cf audit-2.7.6-1.fc24
The following builds have been pushed to Fedora 24 updates-testing
audit-2.7.6-1.fc24
duplicity-0.7.12-2.fc24
haproxy-1.6.11-2.fc24
java-1.8.0-openjdk-aarch32-1.8.0.131-1.170420.fc24
libplist-2.0.0-1.fc24
lzip-1.19-1.fc24
php-google-recaptcha-1.1.3-1.fc24
php-phpmyadmin-sql-parser-4.1.3-2.fc24
python-markdown2-2.3.4-1.fc24
python-prompt_toolkit-1.0.14-1.fc24
shogun-data-0.12-0.2.git20170322.c877521.fc24
sssd-1.15.2-3.fc24
tint2-0.14.4-1.fc24
weechat-1.7.1-1.fc24
x509viewer-0.1.0-1.fc24
xorg-x11-drv-nouveau-1.0.15-1.fc24
Details about builds:
================================================================================
audit-2.7.6-1.fc24 (FEDORA-2017-3a209288cf)
User space tools for 2.6 kernel auditing
--------------------------------------------------------------------------------
Update Information:
This update continues adjusting the auparse_normalize mappings. It also has
robustness fixes against corrupted logs. It also fixes a bug where the enriched
event information was not being loaded in the auparse_feed API.
--------------------------------------------------------------------------------
================================================================================
duplicity-0.7.12-2.fc24 (FEDORA-2017-26e1afb19f)
Encrypted bandwidth-efficient backup using rsync algorithm
--------------------------------------------------------------------------------
Update Information:
Fix gpg agent.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1439455 - update to duplicity 7.12 breaks gpg agent
https://bugzilla.redhat.com/show_bug.cgi?id=1439455
--------------------------------------------------------------------------------
================================================================================
haproxy-1.6.11-2.fc24 (FEDORA-2017-fb889a8983)
HAProxy reverse proxy for high availability environments
--------------------------------------------------------------------------------
Update Information:
Use KillMode=mixed in systemd service file to avoid incorrect exist code when
stopping haproxy service.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1447085 - Use KillMode=mixed in systemd service file
https://bugzilla.redhat.com/show_bug.cgi?id=1447085
--------------------------------------------------------------------------------
================================================================================
java-1.8.0-openjdk-aarch32-1.8.0.131-1.170420.fc24 (FEDORA-2017-a6a053fc05)
OpenJDK Runtime Environment in a preview of the OpenJDK AArch32 project
--------------------------------------------------------------------------------
Update Information:
jdk8u131 security update
--------------------------------------------------------------------------------
================================================================================
libplist-2.0.0-1.fc24 (FEDORA-2017-3849af4477)
Library for manipulating Apple Binary and XML Property Lists
--------------------------------------------------------------------------------
Update Information:
Version 2.0.0 Changes: * New light-weight custom XML parser * Remove
libxml2 dependency * Refactor binary plist parsing * Improved malformed XML
and binary plist detection and error handling * Add parser debug/error output
(when compiled with --enable-debug), controlled via environment variables *
Fix unicode character handling * Add PLIST_IS_* helper macros for the
different node types * Extend date/time range and date conversion issues *
Add plist_is_binary() and plist_from_memory() functions to the interface *
Plug several memory leaks * Speed improvements for handling large plist files
Includes security fixes for: * CVE-2017-6440 * CVE-2017-6439 *
CVE-2017-6438 * CVE-2017-6437 * CVE-2017-6436 * CVE-2017-6435 *
CVE-2017-5836 * CVE-2017-5835 * CVE-2017-5834 * CVE-2017-5545 *
CVE-2017-5209 ... and several others that didn't receive any CVE (yet).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1432965 - CVE-2017-6440 libplist: Memory allocation error in parse_data_node
https://bugzilla.redhat.com/show_bug.cgi?id=1432965
[ 2 ] Bug #1432959 - CVE-2017-6439 libplist: Heap-based buffer overflow in
parse_string_node
https://bugzilla.redhat.com/show_bug.cgi?id=1432959
[ 3 ] Bug #1432956 - CVE-2017-6438 libplist: Heap-based buffer overflow in
parse_unicode_node
https://bugzilla.redhat.com/show_bug.cgi?id=1432956
[ 4 ] Bug #1432954 - CVE-2017-6437 libplist: Out-of-bounds heap read in base64encode
function
https://bugzilla.redhat.com/show_bug.cgi?id=1432954
[ 5 ] Bug #1432951 - CVE-2017-6436 libplist: Integer overflow in parse_string_node
https://bugzilla.redhat.com/show_bug.cgi?id=1432951
[ 6 ] Bug #1412613 - CVE-2017-5209 libplist: base64decode buffer over-read via split
encoded Apple Property List data
https://bugzilla.redhat.com/show_bug.cgi?id=1412613
--------------------------------------------------------------------------------
================================================================================
lzip-1.19-1.fc24 (FEDORA-2017-941e4820a0)
LZMA compressor with integrity checking
--------------------------------------------------------------------------------
Update Information:
1.19
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1446834 - lzip-1.19 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1446834
--------------------------------------------------------------------------------
================================================================================
php-google-recaptcha-1.1.3-1.fc24 (FEDORA-2017-0e64bfa153)
reCAPTCHA PHP client library
--------------------------------------------------------------------------------
Update Information:
reCAPTCHA PHP client library. reCAPTCHA is a free CAPTCHA service that protect
websites from spam and abuse. This is Google authored code that provides plugins
for third-party integration with reCAPTCHA. Autoloader:
/usr/share/php/ReCaptcha/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1415394 - Review Request: php-google-recaptcha - reCAPTCHA PHP client
library
https://bugzilla.redhat.com/show_bug.cgi?id=1415394
--------------------------------------------------------------------------------
================================================================================
php-phpmyadmin-sql-parser-4.1.3-2.fc24 (FEDORA-2017-b74532eb9f)
A validating SQL lexer and parser with a focus on MySQL dialect
--------------------------------------------------------------------------------
Update Information:
A validating SQL lexer and parser with a focus on MySQL dialect. This library
was originally developed for phpMyAdmin during the Google Summer of Code 2015.
Autoloader: /usr/share/php/PhpMyAdmin/SqlParser/autoload.php
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1415686 - Review Request: php-phpmyadmin-sql-parser - A validating SQL lexer
and parser with a focus on MySQL dialect
https://bugzilla.redhat.com/show_bug.cgi?id=1415686
--------------------------------------------------------------------------------
================================================================================
python-markdown2-2.3.4-1.fc24 (FEDORA-2017-0ea7935fc4)
A fast and complete Python implementation of Markdown
--------------------------------------------------------------------------------
Update Information:
#### python-markdown2 2.3.4 - [pull #243] task list extra visual changes -
[pull #245] Don't let "target-blank-lines" break footnotes - [pull #247]
Translatable footnote titles - [pull #252] Add pipe escaping in table extension
#### python-markdown2 2.3.3 - [pull #236] Fix for safe_mode links regression -
[pull #235] Fix for overgreedy regex in metadata - [pull #237] Fix for header-
ids extra non-alpha character issue #### python-markdown2 2.3.2 - [pull #204]
toc extra Python 3 error - [pull #207] Performance improvements - [pull #210]
Leading paragraph with fenced code blocks - [pull #212] Target blank links extra
- [pull #215] Optional metadata fences - [pull #218] Github style task list -
[pull #220] Numbering extra - [pull #224] Metadata in blocks - [pull #230]
safe_mode changes
--------------------------------------------------------------------------------
================================================================================
python-prompt_toolkit-1.0.14-1.fc24 (FEDORA-2017-b37c7f5a48)
Library for building powerful interactive command lines in Python
--------------------------------------------------------------------------------
Update Information:
update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1442489 - [prompt_toolkit] update to 1.0.14
https://bugzilla.redhat.com/show_bug.cgi?id=1442489
--------------------------------------------------------------------------------
================================================================================
shogun-data-0.12-0.2.git20170322.c877521.fc24 (FEDORA-2017-8338109e0f)
Data-files for the SHOGUN machine learning toolbox
--------------------------------------------------------------------------------
Update Information:
* Update to new snapshot
--------------------------------------------------------------------------------
================================================================================
sssd-1.15.2-3.fc24 (FEDORA-2017-2b18f89e47)
System Security Services Daemon
--------------------------------------------------------------------------------
Update Information:
Resolves: rhbz#1445680 - Properly fall back to local Smartcard authentication
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1445680 - Properly fall back to local Smartcard authentication
https://bugzilla.redhat.com/show_bug.cgi?id=1445680
[ 2 ] Bug #1437199 - sssd-nfs-idmap-1.15.2-1.fc25.x86_64 conflicts with file from
package sssd-common-1.15.1-1.fc25.x86_64
https://bugzilla.redhat.com/show_bug.cgi?id=1437199
[ 3 ] Bug #1063278 - sss_ssh_knownhostsproxy doesn't fall back to ipv4
https://bugzilla.redhat.com/show_bug.cgi?id=1063278
--------------------------------------------------------------------------------
================================================================================
tint2-0.14.4-1.fc24 (FEDORA-2017-557fa1cd73)
A lightweight X11 desktop panel and task manager
--------------------------------------------------------------------------------
Update Information:
Update
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1446837 - tint2-0.14.4 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1446837
--------------------------------------------------------------------------------
================================================================================
weechat-1.7.1-1.fc24 (FEDORA-2017-9ccef781a6)
Portable, fast, light and extensible IRC client
--------------------------------------------------------------------------------
Update Information:
Fix for CVE-2017-0873 and various other changes. See
https://weechat.org/files/changelog/ChangeLog-devel.html#v1.7.1 for full
changelog.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1297198 - weechat-1.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1297198
[ 2 ] Bug #1444881 - CVE-2017-8073 weechat: Buffer overflow in the
irc_ctcp_dcc_filename_without_quotes function [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1444881
[ 3 ] Bug #1413366 - weechat-1.7.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1413366
--------------------------------------------------------------------------------
================================================================================
x509viewer-0.1.0-1.fc24 (FEDORA-2017-5f4029a8f2)
Simple tool to decode X.509 certificates
--------------------------------------------------------------------------------
Update Information:
x509viewer is a simple command line application, written in Perl, that can be
used to decode one or multiple X.509 certificates per given file, such as e.g.
SSL certificates, CSRs (certificate signing requests), but also private keys.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1446916 - Review Request: x509viewer - Simple tool to decode X.509
certificates
https://bugzilla.redhat.com/show_bug.cgi?id=1446916
--------------------------------------------------------------------------------
================================================================================
xorg-x11-drv-nouveau-1.0.15-1.fc24 (FEDORA-2017-6cbcdc4571)
Xorg X11 nouveau video driver for NVIDIA graphics chipsets
--------------------------------------------------------------------------------
Update Information:
Update to 1.0.15.
--------------------------------------------------------------------------------