The following Fedora 23 Security updates need testing: Age URL 93 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12739 python-kdcproxy-0.3.2-1.fc23 75 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5eb2131441 conntrack-tools-1.4.2-9.fc23 71 https://bodhi.fedoraproject.org/updates/FEDORA-2015-14197 sblim-sfcb-1.4.9-4.fc23 46 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 33 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 33 https://bodhi.fedoraproject.org/updates/FEDORA-2015-e7712d6c32 cyrus-imapd-2.4.18-1.fc23 33 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c76c1c84cf mod_nss-1.0.12-1.fc23 22 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15291 ipsilon-1.1.1-2.fc23 20 https://bodhi.fedoraproject.org/updates/FEDORA-2015-66439aa9e2 openstack-glance-2015.1.2-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16ecacb90b openstack-ironic-discoverd-1.1.1-1.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2e7c06c639 php-ZendFramework-1.12.16-1.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-287c164df5 phpMyAdmin-4.5.1-1.fc23 php-udan11-sql-parser-3.0.4-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c045f2ab1a python-pygments-2.0.2-3.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-46afff8d90 dovecot-2.2.19-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-84a95e39d4 perl-HTML-Scrubber-0.15-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a931b02be2 xen-4.5.1-14.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-85bfa4ba56 icecat-38.3.0-10.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-36b145bd37 rpcbind-0.2.3-0.4.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6f16b5e39e wpa_supplicant-2.4-6.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0c153d3319 perl-IPTables-Parse-1.5-2.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-8cf7bff87b metis-5.1.0-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c2f6872886 drupal7-jquery_update-2.7-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-91585ff79b wildmagic5-5.13-12.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-e9fc7083f8 MUMPS-5.0.1-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-bae05abd06 snappy-player-1.0-7.20151010git166a98.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a4adb80fa7 libsedml-0.3.1-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a6be3a6810 owncloud-8.0.9-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-386863df8a sudo-1.8.15-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1dd5bc998f python-django-1.8.6-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-ca11983963 m2crypto-0.22.5-2.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-02b50fc058 perl-BSD-Resource-1.290.800-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-ca2350f1c4 perl-DBD-MySQL-4.033-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-efc60e7ba9 pulseaudio-7.1-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1a5e64c44c pinentry-0.9.6-4.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-288aeabcff libgphoto2-2.5.8-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b83c6d5cda mpfr-3.1.3-2.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3c2c75120a perl-Curses-1.33-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6f16b5e39e wpa_supplicant-2.4-6.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-0f80dc6c64 selinux-policy-3.13.1-153.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-aa41c4538a dbus-1.10.2-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-45a52e68c9 prison-1.1.1-3.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-444ebb1382 iscsi-initiator-utils-6.2.0.873-29.git4c9d6f9.fc23 isns-utils-0.94-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-fce70b3c70 lldpad-1.0.1-2.git986eb2e.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-bbc8935459 NetworkManager-1.0.6-8.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-aad2c8ec85 bind-9.10.3-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-50a3555b79 grep-2.22-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-386863df8a sudo-1.8.15-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-43e5625a23 xorg-x11-xkb-utils-7.7-16.fc23 The following builds have been pushed to Fedora 23 updates-testing MUMPS-5.0.1-4.fc23 NetworkManager-1.0.6-8.fc23 bind-9.10.3-2.fc23 drupal7-jquery_update-2.7-1.fc23 enblend-4.1.4-1.fc23 engine_pkcs11-0.2.0-1.fc23 fedfs-utils-0.10.5-2.fc23 fwupd-0.5.3-1.fc23 gajim-0.16.4-3.fc23 gnome-software-3.18.3-1.fc23 grep-2.22-2.fc23 heketi-1.0.1-1.fc23 layla-fonts-1.6-2.fc23 libappstream-glib-0.5.3-1.fc23 libntirpc-1.3.1-1.fc23 libp11-0.3.0-1.fc23 libsedml-0.3.1-4.fc23 libtirpc-0.3.2-4.rc3.fc23 m2crypto-0.22.5-2.fc23 menulibre-2.1.2-1.fc23 midori-0.5.11-1.fc23 mkbootdisk-1.5.5-15.fc23 nfs-ganesha-2.3.0-1.fc23 nfs-utils-1.3.3-1.rc1.fc23 owncloud-8.0.9-1.fc23 p7zip-15.09-1.fc23 php-composer-installers-1.0.22-1.fc23 php-deepend-Mockery-0.9.3-1.fc23 php-guzzlehttp-psr7-1.2.1-1.fc23 php-hamcrest-1.2.2-1.fc23 php-nette-tester-1.6.1-1.fc23 python-django-1.8.6-1.fc23 python-faker-0.5.3-4.fc23 python-gunicorn-19.3.0-3.fc23 python-nbxmpp-0.5.3-1.fc23 qemu-2.4.1-1.fc23 radicale-1.0.1-3.fc23 rubygem-sequel-4.27.0-1.fc23 snappy-player-1.0-7.20151010git166a98.fc23 source-to-image-1.0.3-2.fc23 spyder-2.3.7-4.fc23 statscache-0.0.4-1.fc23 sudo-1.8.15-1.fc23 wildmagic5-5.13-12.fc23 wine-1.7.54-1.fc23 xorg-x11-xkb-utils-7.7-16.fc23 yad-0.31.3-1.fc23 zsh-5.1.1-3.fc23 Details about builds: ================================================================================ MUMPS-5.0.1-4.fc23 (FEDORA-2015-e9fc7083f8) A MUltifrontal Massively Parallel sparse direct Solver -------------------------------------------------------------------------------- Update Information: MUMPS-5.0.1-4.fc23 - Hardened builds on <F23 MUMPS-5.0.1-4.fc21 - Hardened builds on <F23 MUMPS-5.0.1-4.fc22 - Hardened builds on <F23 MUMPS-5.0.1-4.el6 - Hardened builds on <F23 MUMPS-5.0.1-4.el7 - Hardened builds on <F23 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-1.0.6-8.fc23 (FEDORA-2015-bbc8935459) Network connection manager and user applications -------------------------------------------------------------------------------- Update Information: NetworkManager-1.0.6-8.fc23 - vpn: increase vpn service timeout to 180 seconds (rh #1277693) - policy: fix looping through list while removing elements (rh #1175446) NetworkManager-1.0.6-8.fc22 - vpn: increase vpn service timeout to 180 seconds (rh #1277693) - policy: fix looping through list while removing elements (rh #1175446) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1175446 - [abrt] NetworkManager: process_secondaries(): NetworkManager killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1175446 [ 2 ] Bug #1277693 - NetworkManager-openconnect fails https://bugzilla.redhat.com/show_bug.cgi?id=1277693 -------------------------------------------------------------------------------- ================================================================================ bind-9.10.3-2.fc23 (FEDORA-2015-aad2c8ec85) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information: - Fixed named-checkconf call in *-chroot.service files (#1277820) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277820 - bind doesn't start to due wrong systemd startup script https://bugzilla.redhat.com/show_bug.cgi?id=1277820 -------------------------------------------------------------------------------- ================================================================================ drupal7-jquery_update-2.7-1.fc23 (FEDORA-2015-c2f6872886) Upgrades the version of jQuery in Drupal core to a newer version of jQuery -------------------------------------------------------------------------------- Update Information: See [jQuery Update - Less Critical - Open Redirect - SA- CONTRIB-2015-158](https://www.drupal.org/node/2598426) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1273670 - drupal7-jquery_update-2.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=1273670 -------------------------------------------------------------------------------- ================================================================================ enblend-4.1.4-1.fc23 (FEDORA-2015-11d4632b14) Image Blending with Multiresolution Splines -------------------------------------------------------------------------------- Update Information: stable bugfix release -------------------------------------------------------------------------------- ================================================================================ engine_pkcs11-0.2.0-1.fc23 (FEDORA-2015-b911ae7eb4) A PKCS#11 engine for use with OpenSSL -------------------------------------------------------------------------------- Update Information: Updated to lastest upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1278323 - Can't load pkcs11 engine into openssl https://bugzilla.redhat.com/show_bug.cgi?id=1278323 -------------------------------------------------------------------------------- ================================================================================ fedfs-utils-0.10.5-2.fc23 (FEDORA-2015-b8e2ee28e7) Utilities for mounting and managing FedFS -------------------------------------------------------------------------------- Update Information: - Remove inappropriate nfs-utils version Requires from fedfs-utils-lib. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277666 - Avoid circular dependencies nfs-utils and fedfs-utils https://bugzilla.redhat.com/show_bug.cgi?id=1277666 -------------------------------------------------------------------------------- ================================================================================ fwupd-0.5.3-1.fc23 (FEDORA-2015-a78ef2369a) Firmware update daemon -------------------------------------------------------------------------------- Update Information: libappstream-glib-0.5.3-1.fc23 - New upstream release - Return the correct error when the desktop file has no group - Strip Win32 and Linux paths when decompressing firmware fwupd-0.5.3-1.fc23 - New upstream release - Avoid seeking when reading the file magic during refresh - Do not assume that the compressed XML data will be NUL terminated - Use the correct user agent string for fwupdmgr gnome-software-3.18.3-1.fc23 - Update to 3.18.3 - Use the correct user agent string when downloading firmware - Fix a crash in the limba plugin - Fix installing web applications ---- - New upstream releases - Clear the in-memory firmware store only after parsing a valid XML file - Ensure D-Bus remote errors are registered at fwupdmgr startup - Fix verify-update to produce components with the correct provide values - Support cabinet archives files with more than one firmware -------------------------------------------------------------------------------- ================================================================================ gajim-0.16.4-3.fc23 (FEDORA-2015-072f67963a) Jabber client written in PyGTK -------------------------------------------------------------------------------- Update Information: Gajim 0.16.4 is an upstream bugfix release. To see the changelog and the list of fixed bugs, visit http://gajim.org/. -------------------------------------------------------------------------------- ================================================================================ gnome-software-3.18.3-1.fc23 (FEDORA-2015-a78ef2369a) A software center for GNOME -------------------------------------------------------------------------------- Update Information: libappstream-glib-0.5.3-1.fc23 - New upstream release - Return the correct error when the desktop file has no group - Strip Win32 and Linux paths when decompressing firmware fwupd-0.5.3-1.fc23 - New upstream release - Avoid seeking when reading the file magic during refresh - Do not assume that the compressed XML data will be NUL terminated - Use the correct user agent string for fwupdmgr gnome-software-3.18.3-1.fc23 - Update to 3.18.3 - Use the correct user agent string when downloading firmware - Fix a crash in the limba plugin - Fix installing web applications ---- - New upstream releases - Clear the in-memory firmware store only after parsing a valid XML file - Ensure D-Bus remote errors are registered at fwupdmgr startup - Fix verify-update to produce components with the correct provide values - Support cabinet archives files with more than one firmware -------------------------------------------------------------------------------- ================================================================================ grep-2.22-2.fc23 (FEDORA-2015-50a3555b79) Pattern matching utilities -------------------------------------------------------------------------------- Update Information: This is an update disabling performance related tests which were run during build. They are known to fail on builders with variable load. The fix was backported from upstream an should resolve problems with koji rebuilds. There is no other user visible change. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1278428 - FTBFS: FAIL mb-non-UTF8-performance check https://bugzilla.redhat.com/show_bug.cgi?id=1278428 -------------------------------------------------------------------------------- ================================================================================ heketi-1.0.1-1.fc23 (FEDORA-2015-4c8a9e5f52) RESTful based volume management framework for GlusterFS -------------------------------------------------------------------------------- Update Information: Heketi 1.0.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1272248 - Review Request: heketi - RESTful based volume management framework for GlusterFS https://bugzilla.redhat.com/show_bug.cgi?id=1272248 -------------------------------------------------------------------------------- ================================================================================ layla-fonts-1.6-2.fc23 (FEDORA-2015-9136639791) A collection of traditional Arabic fonts -------------------------------------------------------------------------------- Update Information: Added Digital font -------------------------------------------------------------------------------- ================================================================================ libappstream-glib-0.5.3-1.fc23 (FEDORA-2015-a78ef2369a) Library for AppStream metadata -------------------------------------------------------------------------------- Update Information: libappstream-glib-0.5.3-1.fc23 - New upstream release - Return the correct error when the desktop file has no group - Strip Win32 and Linux paths when decompressing firmware fwupd-0.5.3-1.fc23 - New upstream release - Avoid seeking when reading the file magic during refresh - Do not assume that the compressed XML data will be NUL terminated - Use the correct user agent string for fwupdmgr gnome-software-3.18.3-1.fc23 - Update to 3.18.3 - Use the correct user agent string when downloading firmware - Fix a crash in the limba plugin - Fix installing web applications ---- - New upstream releases - Clear the in-memory firmware store only after parsing a valid XML file - Ensure D-Bus remote errors are registered at fwupdmgr startup - Fix verify-update to produce components with the correct provide values - Support cabinet archives files with more than one firmware -------------------------------------------------------------------------------- ================================================================================ libntirpc-1.3.1-1.fc23 (FEDORA-2015-ec9ac2ffe3) New Transport Independent RPC Library -------------------------------------------------------------------------------- Update Information: libntirpc 1.3.1 GA -------------------------------------------------------------------------------- ================================================================================ libp11-0.3.0-1.fc23 (FEDORA-2015-b911ae7eb4) Library for using PKCS#11 modules -------------------------------------------------------------------------------- Update Information: Updated to lastest upstream release -------------------------------------------------------------------------------- References: [ 1 ] Bug #1278323 - Can't load pkcs11 engine into openssl https://bugzilla.redhat.com/show_bug.cgi?id=1278323 -------------------------------------------------------------------------------- ================================================================================ libsedml-0.3.1-4.fc23 (FEDORA-2015-a4adb80fa7) Library that fully supports SED-ML for SBML -------------------------------------------------------------------------------- Update Information: libsedml-0.3.1-4.fc22 - Hardened builds on <F23 libsedml-0.3.1-4.fc23 - Hardened builds on <F23 -------------------------------------------------------------------------------- ================================================================================ libtirpc-0.3.2-4.rc3.fc23 (FEDORA-2015-b4da63dacc) Transport Independent RPC Library -------------------------------------------------------------------------------- Update Information: libtirpc-0.3.2-4.rc3.fc22 - Add missing rwlock_unlocks in xprt_register (bz 1278149) - Fix memory leak on failure in svc_vc_create (bz 1276857) libtirpc-0.3.2-4.rc3.fc23 - Add missing rwlock_unlocks in xprt_register (bz 1278149) - Fix memory leak on failure in svc_vc_create (bz 1276857) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276857 - Fix memory leak on failure in svc_vc_create https://bugzilla.redhat.com/show_bug.cgi?id=1276857 [ 2 ] Bug #1278149 - Add missing rwlock_unlocks in xprt_register https://bugzilla.redhat.com/show_bug.cgi?id=1278149 -------------------------------------------------------------------------------- ================================================================================ m2crypto-0.22.5-2.fc23 (FEDORA-2015-ca11983963) Support for using OpenSSL in python scripts -------------------------------------------------------------------------------- Update Information: Fixes a buffer overflow in EVP.pbkdf2. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1271165 - m2crypto: pbkdf2 function crashes when given 74 byte result as argument https://bugzilla.redhat.com/show_bug.cgi?id=1271165 -------------------------------------------------------------------------------- ================================================================================ menulibre-2.1.2-1.fc23 (FEDORA-2015-528271d2e7) FreeDesktop.org compliant menu editor -------------------------------------------------------------------------------- Update Information: Update to 2.1.2 -------------------------------------------------------------------------------- ================================================================================ midori-0.5.11-1.fc23 (FEDORA-2015-292d9823fc) A lightweight GTK+ web browser -------------------------------------------------------------------------------- Update Information: Update to 0.5.11 Fixes bug #1258227 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1258227 - midori-0.5.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1258227 -------------------------------------------------------------------------------- ================================================================================ mkbootdisk-1.5.5-15.fc23 (FEDORA-2015-52ba593456) Creates a boot floppy disk for booting a system -------------------------------------------------------------------------------- Update Information: This is an update adding support for syslinux-5+. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1141496 - mkbootdisk doesn't work with the current version of syslinux https://bugzilla.redhat.com/show_bug.cgi?id=1141496 -------------------------------------------------------------------------------- ================================================================================ nfs-ganesha-2.3.0-1.fc23 (FEDORA-2015-26e3cbecbf) NFS-Ganesha is a NFS Server running in user space -------------------------------------------------------------------------------- Update Information: 2.3.0 GA -------------------------------------------------------------------------------- ================================================================================ nfs-utils-1.3.3-1.rc1.fc23 (FEDORA-2015-1ad4dfca0c) NFS utilities and supporting clients and daemons for the kernel NFS server -------------------------------------------------------------------------------- Update Information: nfs-utils-1.3.3-1.rc1.fc23 - Updated to the latest RC release: nfs- utils-1-3-4-rc1 nfs-utils-1.3.3-1.rc1.fc22 - Updated to the latest RC release: nfs-utils-1-3-4-rc1 ---- nfs-utils-1.3.3-1.fc23 - Updated to latest upstream version 1.3.3 nfs-utils-1.3.3-0.0.fc22 - Updated to latest upstream version 1.3.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1266725 - nfs-utils-1.3.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1266725 -------------------------------------------------------------------------------- ================================================================================ owncloud-8.0.9-1.fc23 (FEDORA-2015-a6be3a6810) Private file sync and share server -------------------------------------------------------------------------------- Update Information: This update provides the latest upstream release of ownCloud in the current minor series - 8.0.9 for all releases but EPEL 6, 7.0.11 for EPEL 6. These releases come with unspecified "security improvements", so updating quickly is recommended. As usual, a minor update should apply smoothly, but we advise you back up user data, configuration, and database contents before applying the update. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1278121 - owncloud: Unspecified security issues fixed in owncloud 7.0.11, 8.0.9 and 8.1.4 https://bugzilla.redhat.com/show_bug.cgi?id=1278121 -------------------------------------------------------------------------------- ================================================================================ p7zip-15.09-1.fc23 (FEDORA-2015-8cf7ca1785) Very high compression ratio file archiver -------------------------------------------------------------------------------- Update Information: Update to p7zip_15.09 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1190771 - p7zip-15.09 is available https://bugzilla.redhat.com/show_bug.cgi?id=1190771 -------------------------------------------------------------------------------- ================================================================================ php-composer-installers-1.0.22-1.fc23 (FEDORA-2015-fb51485645) A multi-framework Composer library installer -------------------------------------------------------------------------------- Update Information: 1.0.21 to 1.0.22 diff: https://github.com/composer/installers/compare/v1.0.21...v1.0.22 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276816 - php-composer-installers-v1.0.22 is available https://bugzilla.redhat.com/show_bug.cgi?id=1276816 -------------------------------------------------------------------------------- ================================================================================ php-deepend-Mockery-0.9.3-1.fc23 (FEDORA-2015-416b35726d) Mockery is a simple but flexible PHP mock object framework -------------------------------------------------------------------------------- Update Information: **Version 0.9.3** (2014-12-22) * Added a basic spy implementation * Added Mockery\Adapter\Phpunit\MockeryTestCase for more reliable PHPUnit integration **Version 0.9.2** (2014-09-03) * Some workarounds for the serilisation problems created by changes to PHP in 5.5.13, 5.4.29, 5.6. * Demeter chains attempt to reuse doubles as they see fit, so for foo->bar and foo->baz, we'll attempt to use the same foo Package changelog: - Update to 0.9.3 - add autoloader using symfony/class-loader - add dependency on hamcrest/hamcrest-php - run test suite - use github archive from commit reference - add explicit spec license header -------------------------------------------------------------------------------- ================================================================================ php-guzzlehttp-psr7-1.2.1-1.fc23 (FEDORA-2015-18dab2307d) PSR-7 message implementation -------------------------------------------------------------------------------- Update Information: ### 1.2.1 - 2015-11-02 * Now supporting negative offsets when seeking to SEEK_END. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277467 - php-guzzlehttp-psr7-1.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1277467 -------------------------------------------------------------------------------- ================================================================================ php-hamcrest-1.2.2-1.fc23 (FEDORA-2015-532291cc10) PHP port of Hamcrest Matchers -------------------------------------------------------------------------------- Update Information: Hamcrest is a matching library originally written for Java, but subsequently ported to many other languages. php-hamcrest is the official PHP port of Hamcrest and essentially follows a literal translation of the original Java API for Hamcrest, with a few Exceptions, mostly down to PHP language barriers. To use this library, you just have to add, in your project: require_once '/usr/share/php/Hamcrest/autoload.php'; -------------------------------------------------------------------------------- References: [ 1 ] Bug #1271954 - Review Request: php-hamcrest - PHP port of Hamcrest Matchers https://bugzilla.redhat.com/show_bug.cgi?id=1271954 -------------------------------------------------------------------------------- ================================================================================ php-nette-tester-1.6.1-1.fc23 (FEDORA-2015-b374df2780) An easy-to-use PHP unit testing framework -------------------------------------------------------------------------------- Update Information: Nette Tester is a productive and enjoyable unit testing framework. It's used by the Nette Framework and is capable of testing any PHP code. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277375 - Review Request: php-nette-tester - An easy-to-use PHP unit testing framework https://bugzilla.redhat.com/show_bug.cgi?id=1277375 -------------------------------------------------------------------------------- ================================================================================ python-django-1.8.6-1.fc23 (FEDORA-2015-1dd5bc998f) A high-level Python Web framework -------------------------------------------------------------------------------- Update Information: rebase to 1.8.6 (rhbz#1276914) ---- rebase to 1.8.5 (rhbz#1276914) ---- python-django-1.8.4-1.fc23 - Do not install bash completion for python executables (Ville Skyttä, rhbz#1253076) - CVE-2015-5963 Denial-of-service possibility in logout() view by filling session store (rhbz#1254911) - CVE-2015-5964 Denial-of-service possibility in logout() view by filling session store (rhbz#1252891) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276914 - Django 1.8.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1276914 [ 2 ] Bug #1242721 - CVE-2015-5144 python-django: Django: possible header injection due to validators accepting newlines in input [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1242721 [ 3 ] Bug #1242720 - CVE-2015-5144 python-django: Django: possible header injection due to validators accepting newlines in input [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1242720 [ 4 ] Bug #1242715 - CVE-2015-5143 python-django: Django: possible DoS by filling session store [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1242715 [ 5 ] Bug #1254921 - CVE-2015-5964 python-django: Denial-of-service possibility in logout() view by filling session store [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1254921 [ 6 ] Bug #1254911 - CVE-2015-5963 python-django: Denial-of-service possibility in logout() view by filling session store [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1254911 [ 7 ] Bug #1253076 - Do not install bash completion for python executables https://bugzilla.redhat.com/show_bug.cgi?id=1253076 -------------------------------------------------------------------------------- ================================================================================ python-faker-0.5.3-4.fc23 (FEDORA-2015-132b971842) Faker is a Python package that generates fake data for you -------------------------------------------------------------------------------- Update Information: First release of the python-faker package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1274645 - Review Request: python-faker - Faker is a Python package that generates fake data for you https://bugzilla.redhat.com/show_bug.cgi?id=1274645 -------------------------------------------------------------------------------- ================================================================================ python-gunicorn-19.3.0-3.fc23 (FEDORA-2015-90b539e46d) Python WSGI application server -------------------------------------------------------------------------------- Update Information: python-gunicorn-19.3.0-3.fc23 - handle expected HaltServer exception in manage_workers (RHBZ#1200041) python-gunicorn-19.3.0-3.fc22 - handle expected HaltServer exception in manage_workers (RHBZ#1200041) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1200041 - [abrt] python-gunicorn: arbiter.py:459:reap_workers:HaltServer: <HaltServer 'Worker failed to boot.' 3> https://bugzilla.redhat.com/show_bug.cgi?id=1200041 -------------------------------------------------------------------------------- ================================================================================ python-nbxmpp-0.5.3-1.fc23 (FEDORA-2015-072f67963a) Python library for non-blocking use of Jabber/XMPP -------------------------------------------------------------------------------- Update Information: Gajim 0.16.4 is an upstream bugfix release. To see the changelog and the list of fixed bugs, visit http://gajim.org/. -------------------------------------------------------------------------------- ================================================================================ qemu-2.4.1-1.fc23 (FEDORA-2015-8dde131ce0) QEMU is a FAST! processor emulator -------------------------------------------------------------------------------- Update Information: * Rebased to version 2.4.1 -------------------------------------------------------------------------------- ================================================================================ radicale-1.0.1-3.fc23 (FEDORA-2015-c10347d45f) A simple CalDAV (calendar) and CardDAV (contact) server -------------------------------------------------------------------------------- Update Information: Fix radicale-httpd for python3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1278268 - radicale has been ported to python3, but requires the python2 mod_wsgi, so does not work https://bugzilla.redhat.com/show_bug.cgi?id=1278268 -------------------------------------------------------------------------------- ================================================================================ rubygem-sequel-4.27.0-1.fc23 (FEDORA-2015-8f5b810f11) The Database Toolkit for Ruby -------------------------------------------------------------------------------- Update Information: Update to sequel 4.27.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1238506 - rubygem-sequel-4.28.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1238506 -------------------------------------------------------------------------------- ================================================================================ snappy-player-1.0-7.20151010git166a98.fc23 (FEDORA-2015-bae05abd06) A Gnome media player -------------------------------------------------------------------------------- Update Information: snappy-player-1.0-7.20151010git166a98.fc23 - Update to commit #166a98 - Hardened build activated on <F23 snappy-player-1.0-7.20151010git166a98.fc21 - Update to commit #166a98 - Hardened build activated on <F23 snappy- player-1.0-7.20151010git166a98.fc22 - Update to commit #166a98 - Hardened build activated on <F23 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1242179 - [abrt] snappy-player: __pthread_mutex_lock(): snappy killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1242179 -------------------------------------------------------------------------------- ================================================================================ source-to-image-1.0.3-2.fc23 (FEDORA-2015-a8857fc508) A tool for building artifacts from source and injecting into docker images -------------------------------------------------------------------------------- Update Information: Rebase to new upstream version -------------------------------------------------------------------------------- ================================================================================ spyder-2.3.7-4.fc23 (FEDORA-2015-967b0ff0b0) Scientific Python Development Environment -------------------------------------------------------------------------------- Update Information: Fix spyder3 desktop file python3 build can be installed using python3-spyder -------------------------------------------------------------------------------- References: [ 1 ] Bug #1197389 - Spyder update to 2.3.3 https://bugzilla.redhat.com/show_bug.cgi?id=1197389 [ 2 ] Bug #1167040 - [abrt] spyder: zmqrelated.py:37:check_for_zmq:ImportError: IPython.kernel.zmq requires pyzmq >= 2.1.11 https://bugzilla.redhat.com/show_bug.cgi?id=1167040 -------------------------------------------------------------------------------- ================================================================================ statscache-0.0.4-1.fc23 (FEDORA-2015-2637c5b8e2) A daemon to build and keep fedmsg statistics -------------------------------------------------------------------------------- Update Information: Latest upstream. ---- Latest upstream. https://github.com/fedora- infra/statscache/blob/develop/CHANGELOG.rst ---- Initial packaging. ---- Move requirements to the statscache-common subpackage. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1234605 - Review Request: statscache - A daemon to build and keep fedmsg statistics https://bugzilla.redhat.com/show_bug.cgi?id=1234605 -------------------------------------------------------------------------------- ================================================================================ sudo-1.8.15-1.fc23 (FEDORA-2015-386863df8a) Allows restricted root access for specified users -------------------------------------------------------------------------------- Update Information: sudo-1.8.15-1.fc21 - update to 1.8.15 - fixes CVE-2015-5602 sudo-1.8.15-1.fc22 - update to 1.8.15 - fixes CVE-2015-5602 sudo-1.8.15-1.fc23 - update to 1.8.15 - fixes CVE-2015-5602 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277426 - CVE-2015-5602 sudo: Unauthorized privilege escalation in sudoedit https://bugzilla.redhat.com/show_bug.cgi?id=1277426 -------------------------------------------------------------------------------- ================================================================================ wildmagic5-5.13-12.fc23 (FEDORA-2015-91585ff79b) Wild Magic libraries -------------------------------------------------------------------------------- Update Information: wildmagic5-5.13-12.fc23 - Rebuild with -fPIC - Hardened builds on <F23 wildmagic5-5.13-12.fc21 - Rebuild with -fPIC - Hardened builds on <F23 wildmagic5-5.13-12.fc22 - Rebuild with -fPIC - Hardened builds on <F23 wildmagic5-5.13-12.el6 - Rebuild with -fPIC - Hardened builds on <F23 wildmagic5-5.13-12.el7 - Rebuild with -fPIC - Hardened builds on <F23 -------------------------------------------------------------------------------- ================================================================================ wine-1.7.54-1.fc23 (FEDORA-2015-96bb2148b2) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: - Implementation of the TransmitFile function. - More implementation of the Web Services DLL. - Improved video decoding. - Alternative for the deprecated prelink tool. - Major Turkish translation update. - Various bug fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276826 - wine-1.7.54 is available https://bugzilla.redhat.com/show_bug.cgi?id=1276826 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-xkb-utils-7.7-16.fc23 (FEDORA-2015-43e5625a23) X.Org X11 xkb utilities -------------------------------------------------------------------------------- Update Information: Silence warning about shortening a key type to ONE_LEVEL (#1010592) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1010592 - Type "ONE_LEVEL" has 1 levels, but <RALT> has 2 symbols https://bugzilla.redhat.com/show_bug.cgi?id=1010592 -------------------------------------------------------------------------------- ================================================================================ yad-0.31.3-1.fc23 (FEDORA-2015-ab98ded427) Display graphical dialogs from shell scripts or command line -------------------------------------------------------------------------------- Update Information: yad-0.31.3-1.el7 - Update to 0.31.3 yad-0.31.3-1.fc23 - Update to 0.31.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276895 - yad-0.31.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1276895 -------------------------------------------------------------------------------- ================================================================================ zsh-5.1.1-3.fc23 (FEDORA-2015-9e91841c99) Powerful interactive shell -------------------------------------------------------------------------------- Update Information: zsh-5.1.1-3.fc23 - make loading of module's dependencies work again (#1277996) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277996 - loading of zsh modules broken by global enforcement of the '-z now' linker flag https://bugzilla.redhat.com/show_bug.cgi?id=1277996 --------------------------------------------------------------------------------
-- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
