The following Fedora 23 Security updates need testing: Age URL 39 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12739 python-kdcproxy-0.3.2-1.fc23 23 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13824 python-django-1.8.4-1.fc23 22 https://bodhi.fedoraproject.org/updates/conntrack-tools-1.4.2-9.fc23 conntrack-tools-1.4.2-9.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14197 sblim-sfcb-1.4.9-4.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14213 ntp-4.2.6p5-33.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14475 smuxi-1.0-2.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14900 ipython-3.2.1-2.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14951 pdns-3.4.6-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15200 php-doctrine-cache-1.4.2-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15202 php-doctrine-annotations-1.2.7-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15205 php-doctrine-doctrine-bundle-1.5.2-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13919 ipsilon-1.0.0-5.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15291 ipsilon-1.1.0-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15273 php-pecl-zip-1.13.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15590 jakarta-commons-httpclient-3.1-23.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14420 pl-7.2.3-1.fc23 perl-Language-Prolog-Yaswi-0.21-30.fc23 ppl-1.1-12.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14741 perl-IO-Socket-SSL-2.019-1.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14826 selinux-policy-3.13.1-146.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15127 nautilus-3.17.91-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15358 cryptsetup-1.6.8-2.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15336 attr-2.4.47-13.fc23 acl-2.2.52-10.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15262 python-pycurl-7.19.5.1-3.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15487 xdg-user-dirs-0.15-7.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15477 libgcrypt-1.6.4-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15462 polkit-gnome-0.105-9.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15456 openssh-7.1p1-2.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15444 gnome-online-accounts-3.17.91-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15412 gdb-7.10-18.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15394 python-2.7.10-8.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15348 fedora-release-23-0.17 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-13372 lvm2-2.02.130-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15563 enca-1.16-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15562 python-blivet-1.12.3-1.fc23 anaconda-23.19.3-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15544 mesa-11.0.0-0.rc2.2.20150902.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15525 filesystem-3.2-35.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15515 perl-HTTP-Message-6.11-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15703 xfce4-session-4.12.1-6.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15675 lorax-23.18-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15661 krb5-1.13.2-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15644 perl-Glib-1.313-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15623 gmp-6.0.0-12.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15601 pinentry-0.9.6-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15596 hunspell-1.3.3-8.fc23 The following builds have been pushed to Fedora 23 updates-testing calligra-2.9.7-1.fc23 calligra-l10n-2.9.7-1.fc23 dd_rescue-1.99-1.fc23 ddrescue-1.20-1.fc23 eclipse-webtools-3.7.0-1.fc23 fail2ban-0.9.3-1.fc23 golang-github-golang-sys-0-0.1.git9c60d1c.fc23 golang-github-rakyll-pb-0-0.1.gitdc507ad.fc23 golang-github-xiang90-probing-0-0.1.git6a0cc1a.fc23 help2man-1.47.2-1.fc23 jpype-0.6.1-1.fc23 monit-5.14-1.fc23 php-pimple-3.0.2-1.fc23 php-twig-1.21.2-1.fc23 plank-0.10.0-2.fc23 progress-0.9-2.fc23 rubygem-byebug-6.0.2-1.fc23 rubygem-cairo-1.14.3-1.fc23 rubygem-hoe-3.14.0-1.fc23 rubygem-rabbit-2.1.8-1.fc23 uboot-tools-2015.07-5.fc23 xfce4-session-4.12.1-6.fc23 Details about builds: ================================================================================ calligra-2.9.7-1.fc23 (FEDORA-2015-15737) An integrated office suite -------------------------------------------------------------------------------- Update Information: New stable bugfix upstream release, see also https://www.calligra.org/news/calligra-2-9-7-released/ -------------------------------------------------------------------------------- ================================================================================ calligra-l10n-2.9.7-1.fc23 (FEDORA-2015-15737) Language files for calligra -------------------------------------------------------------------------------- Update Information: New stable bugfix upstream release, see also https://www.calligra.org/news/calligra-2-9-7-released/ -------------------------------------------------------------------------------- ================================================================================ dd_rescue-1.99-1.fc23 (FEDORA-2015-15708) Fault tolerant "dd" utility for rescuing data from bad media -------------------------------------------------------------------------------- Update Information: bump to latest upstream release 1.99 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1261675 - dd_rescue-1.99 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261675 -------------------------------------------------------------------------------- ================================================================================ ddrescue-1.20-1.fc23 (FEDORA-2015-15710) Data recovery tool trying hard to rescue data in case of read errors -------------------------------------------------------------------------------- Update Information: Update to 1.20. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262501 - ddrescue-1.20 is available https://bugzilla.redhat.com/show_bug.cgi?id=1262501 -------------------------------------------------------------------------------- ================================================================================ eclipse-webtools-3.7.0-1.fc23 (FEDORA-2015-15741) Eclipse Webtools Projects -------------------------------------------------------------------------------- Update Information: This updates to the latest stable version of the webtools platform, 3.7.0, which is aimed at Eclipse Mars. It also fixes the FTBFS that was pointed out in the f23 mass rebuild. -------------------------------------------------------------------------------- ================================================================================ fail2ban-0.9.3-1.fc23 (FEDORA-2015-15714) Daemon to ban hosts that cause multiple authentication errors -------------------------------------------------------------------------------- Update Information: Update to 0.9.3 ============ IMPORTANT incompatible changes ---------------------------------------------- * filter.d/roundcube-auth.conf - Changed logpath to 'errors' log (was 'userlogins') * action.d/iptables- common.conf - All calls to iptables command now use -w switch introduced in iptables 1.4.20 (some distribution could have patched their earlier base version as well) to provide this locking mechanism useful under heavy load to avoid contesting on iptables calls. If you need to disable, define 'action.d/iptables-common.local' with empty value for 'lockingopt' in `[Init]` section. * mail-whois-lines, sendmail-geoip-lines and sendmail- whois-lines actions now include by default only the first 1000 log lines in the emails. Adjust <grepopts> to augment the behavior. Fixes ------ * reload in interactive mode appends all the jails twice (gh-825) * reload server/jail failed if database used (but was not changed) and some jail active (gh-1072) * filter.d/dovecot.conf - also match unknown user in passwd- file. Thanks Anton Shestakov * Fix fail2ban-regex not parsing journalmatch correctly from filter config * filter.d/asterisk.conf - fix security log support for Asterisk 12+ * filter.d/roundcube-auth.conf - Updated regex to work with 'errors' log (1.0.5 and 1.1.1) - Added regex to work with 'userlogins' log * action.d/sendmail*.conf - use LC_ALL (superseeding LC_TIME) to override locale on systems with customized LC_ALL * performance fix: minimizes connection overhead, close socket only at communication end (gh-1099) * unbanip always deletes ip from database (independent of bantime, also if currently not banned or persistent) * guarantee order of dbfile to be before dbpurgeage (gh-1048) * always set 'dbfile' before other database options (gh-1050) * kill the entire process group of the child process upon timeout (gh-1129). Otherwise could lead to resource exhaustion due to hanging whois processes. * resolve /var/run/fail2ban path in setup.py to help installation on platforms with /var/run -> /run symlink (gh-1142) New Features ------------------ * RETURN iptables target is now a variable: <returntype> * New type of operation: pass2allow, use fail2ban for "knocking", opening a closed port by swapping blocktype and returntype * New filters: - froxlor-auth - Thanks Joern Muehlencord - apache-pass - filter Apache access log for successful authentication * New actions: - shorewall-ipset-proto6 - using proto feature of the Shorewall. Still requires manual pre-configuration of the shorewall. See the action file for detail. * New jails: - pass2allow-ftp - allows FTP traffic after successful HTTP authentication Enhancements ------------------- * action.d/cloudflare.conf - improved documentation on how to allow multiple CF accounts, and jail.conf got new compound action definition action_cf_mwl to submit cloudflare report. * Check access to socket for more detailed logging on error (gh-595) * fail2ban-testcases man page * filter.d/apache-badbots.conf, filter.d/nginx-botsearch.conf - add HEAD method verb * Revamp of Travis and coverage automated testing * Added a space between IP address and the following colon in notification emails for easier text selection * Character detection heuristics for whois output via optional setting in mail-whois*.conf. Thanks Thomas Mayer. Not enabled by default, if _whois_command is set to be %(_whois_convert_charset)s (e.g. in action.d/mail-whois-common.local), it - detects character set of whois output (which is undefined by RFC 3912) via heuristics of the file command - converts whois data to UTF-8 character set with iconv - sends the whois output in UTF-8 character set to mail program - avoids that heirloom mailx creates binary attachment for input with unknown character set -------------------------------------------------------------------------------- ================================================================================ golang-github-golang-sys-0-0.1.git9c60d1c.fc23 (FEDORA-2015-15727) Go packages for low-level interaction with the operating system -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1246277 - Review Request: golang-github-golang-sys - Go packages for low-level interaction with the operating system https://bugzilla.redhat.com/show_bug.cgi?id=1246277 -------------------------------------------------------------------------------- ================================================================================ golang-github-rakyll-pb-0-0.1.gitdc507ad.fc23 (FEDORA-2015-15729) Console progress bar for Golang -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262350 - Review Request: golang-github-rakyll-pb - Console progress bar for Golang https://bugzilla.redhat.com/show_bug.cgi?id=1262350 -------------------------------------------------------------------------------- ================================================================================ golang-github-xiang90-probing-0-0.1.git6a0cc1a.fc23 (FEDORA-2015-15725) Golang project for probing -------------------------------------------------------------------------------- Update Information: First package for Fedora -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262351 - Review Request: golang-github-xiang90-probing - Golang project for probing https://bugzilla.redhat.com/show_bug.cgi?id=1262351 -------------------------------------------------------------------------------- ================================================================================ help2man-1.47.2-1.fc23 (FEDORA-2015-15744) Create simple man pages from --help output -------------------------------------------------------------------------------- Update Information: help2man-1.47.2-1.fc21 - Upstream update. help2man-1.47.2-1.fc22 - Upstream update. help2man-1.47.2-1.fc23 - Upstream update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262318 - help2man-1.47.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1262318 -------------------------------------------------------------------------------- ================================================================================ jpype-0.6.1-1.fc23 (FEDORA-2015-15701) Full access for Python programs to Java class libraries -------------------------------------------------------------------------------- Update Information: Initial package (rhbz#1234905) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1234905 - Review Request: jpype - Full access for Python programs to Java class libraries https://bugzilla.redhat.com/show_bug.cgi?id=1234905 -------------------------------------------------------------------------------- ================================================================================ monit-5.14-1.fc23 (FEDORA-2015-15707) Manages and monitors processes, files, directories and devices -------------------------------------------------------------------------------- Update Information: monit-5.14-1.fc23 - Upgrading to new upstream release 5.14.0 -------------------------------------------------------------------------------- ================================================================================ php-pimple-3.0.2-1.fc23 (FEDORA-2015-15700) A simple dependency injection container for PHP (extension) -------------------------------------------------------------------------------- Update Information: ### 3.0.2 (2015-09-11) * refactored the C extension * minor non-significant changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262507 - php-pimple-v3.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1262507 -------------------------------------------------------------------------------- ================================================================================ php-twig-1.21.2-1.fc23 (FEDORA-2015-15696) The flexible, fast, and secure template engine for PHP -------------------------------------------------------------------------------- Update Information: ### 1.21.2 (2015-09-09) * fixed variable names for the deprecation triggering code * fixed escaping strategy detection based on filename * added Traversable support for replace, merge, and sort * deprecated support for character by character replacement for the "replace" filter ### 1.21.1 (2015-08-26) * fixed regression when using the deprecated Twig_Test_* classes ### 1.21.0 (2015-08-24) * added deprecation notices for deprecated features * added a deprecation "framework" for filters/functions/tests and test fixtures -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256767 - php-twig-v1.21.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1256767 -------------------------------------------------------------------------------- ================================================================================ plank-0.10.0-2.fc23 (FEDORA-2015-15711) A port of docky to Vala -------------------------------------------------------------------------------- Update Information: plank-0.10.0-2.fc23 - Updated to latest upstream plank-0.10.0-2.fc22 - Updated to latest upstream -------------------------------------------------------------------------------- ================================================================================ progress-0.9-2.fc23 (FEDORA-2015-15740) Coreutils Viewer -------------------------------------------------------------------------------- Update Information: Update to new Version -------------------------------------------------------------------------------- ================================================================================ rubygem-byebug-6.0.2-1.fc23 (FEDORA-2015-15733) Ruby 2.0 fast debugger - base + CLI -------------------------------------------------------------------------------- Update Information: New version 6.0.2 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-cairo-1.14.3-1.fc23 (FEDORA-2015-15716) Ruby bindings for cairo -------------------------------------------------------------------------------- Update Information: New version 1.14.3 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-hoe-3.14.0-1.fc23 (FEDORA-2015-15722) Hoe is a simple rake/rubygems helper for project Rakefiles -------------------------------------------------------------------------------- Update Information: New version 2.14.0 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-rabbit-2.1.8-1.fc23 (FEDORA-2015-15719) RD-document-based presentation application -------------------------------------------------------------------------------- Update Information: New version 2.1.8 is released. -------------------------------------------------------------------------------- ================================================================================ uboot-tools-2015.07-5.fc23 (FEDORA-2015-15704) U-Boot utilities -------------------------------------------------------------------------------- Update Information: Add patch to fix detection of Panda ES/A4 -------------------------------------------------------------------------------- ================================================================================ xfce4-session-4.12.1-6.fc23 (FEDORA-2015-15703) Xfce session manager -------------------------------------------------------------------------------- Update Information: Adjust xfce-mimeapps.list to use exo for preferred applications. Fixes bug #1256442 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1256442 - clicking on links in Terminal results in wrong browser being used https://bugzilla.redhat.com/show_bug.cgi?id=1256442 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
