The following Fedora 23 Security updates need testing: Age URL 135 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12739 python-kdcproxy-0.3.2-1.fc23 117 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5eb2131441 conntrack-tools-1.4.2-9.fc23 88 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 75 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 75 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c76c1c84cf mod_nss-1.0.12-1.fc23 62 https://bodhi.fedoraproject.org/updates/FEDORA-2015-66439aa9e2 openstack-glance-2015.1.2-1.fc23 46 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 28 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4ad4998d00 libpng-1.6.17-3.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-28076d0830 thttpd-2.25b-35.fc23 18 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-36.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-abf9659276 php-PHPMailer-5.2.14-1.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-7229638357 xsupplicant-2.2.0-13.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c80ec85542 libpng15-1.5.25-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6d473c95ee arts-1.5.10-30.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6e50918d8e kdelibs3-3.5.10-71.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1c773e8702 shellinabox-2.19-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2015-277cc63d9f gwenhywfar-4.13.1-5.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a3c9048cdd php-horde-Horde-Core-2.22.4-1.fc23 php-horde-Horde-Perms-2.1.6-1.fc23 php-horde-Horde-Service-Weather-2.3.1-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1ca595f821 openstack-swift-plugin-swift3-1.9-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-eefc5a6762 activemq-5.6.0-14.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a7cbc13699 nodejs-handlebars-4.0.5-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-afdb0e8aaa subversion-1.9.3-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-09bf9e06ea bind-9.10.3-7.P2.fc23 bind-dyndb-ldap-8.0-4.fc23 dnsperf-2.0.0.0-19.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-71b291686c libsndfile-1.0.25-18.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c59710b05d kernel-4.2.8-300.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d8253e2b1d xen-4.5.2-6.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 28 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4ad4998d00 libpng-1.6.17-3.fc23 23 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2ae867c402 NetworkManager-vpnc-1.0.8-1.fc23 NetworkManager-openconnect-1.0.8-1.fc23 NetworkManager-openvpn-1.0.8-1.fc23 NetworkManager-openswan-1.0.8-1.fc23 NetworkManager-fortisslvpn-1.0.8-1.fc23 NetworkManager-1.0.8-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4a9c774398 bzip2-1.0.6-18.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-adfda22f51 sqlite-3.9.0-2.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f2ec2ce9c7 konsole-4.14.3-10.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-fc1856e9a5 menu-cache-1.0.1-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2015-eb32da49ac selinux-policy-3.13.1-158.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-b33c875366 libconfig-1.5-3.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c59710b05d kernel-4.2.8-300.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a7c1115925 gnome-online-accounts-3.18.3-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-71b291686c libsndfile-1.0.25-18.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-e360ec8d4e libass-0.13.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-35784ebe07 gssproxy-0.4.1-4.fc23 krb5-1.14-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-09bf9e06ea bind-9.10.3-7.P2.fc23 bind-dyndb-ldap-8.0-4.fc23 dnsperf-2.0.0.0-19.fc23 The following builds have been pushed to Fedora 23 updates-testing OpenImageIO-1.5.22-1.fc23 amqp-1.0-4.20150701svn1688630.fc23 bind-9.10.3-7.P2.fc23 bind-dyndb-ldap-8.0-4.fc23 copy-jdk-configs-1.1-2.fc23 dnsperf-2.0.0.0-19.fc23 dovecot-2.2.21-1.fc23 eclipse-linuxtools-4.2.0-2.fc23 fetch-crl-3.0.17-1.fc23 gnome-online-accounts-3.18.3-1.fc23 grive2-0.4.2-0.1.20151208gitcc13b8b.fc23 gssproxy-0.4.1-4.fc23 help2man-1.47.3-1.fc23 ibus-typing-booster-1.3.0-3.fc23 ipsec-tools-0.8.2-3.fc23 java-1.8.0-openjdk-1.8.0.65-13.b17.fc23 kapptemplate-15.12.0-1.fc23 kernel-4.2.8-300.fc23 kf5-plasma-5.17.0-2.fc23 koji-containerbuild-0.5.5-1.fc23 krb5-1.14-4.fc23 libass-0.13.1-1.fc23 libconfig-1.5-3.fc23 libsndfile-1.0.25-18.fc23 libteam-1.23-1.fc23 libvncserver-0.9.10-3.fc23 libzhuyin-1.1.0-1.fc23 light-locker-1.7.0-1.fc23 mingw-gdk-pixbuf-2.32.3-1.fc23 nodejs-delegates-1.0.0-1.fc23 nodejs-imurmurhash-0.1.4-1.fc23 nodejs-read-all-stream-3.0.1-2.fc23.2 nodejs-stream-spigot-3.0.5-4.fc23 nodejs-unc-path-regex-0.1.1-1.fc23 nqp-0.0.2015.11-2.fc23 perl-Sort-Versions-1.62-1.fc23 rakudo-star-0.0.2015.11-2.fc23 rp-pppoe-3.12-4.fc23 rubygem-flexmock-2.0.3-1.fc23 sayonara-0.8.0-1.svn289.fc23 sharpziplib-0.86.0-0.5.fc23 texstudio-2.10.4-2.fc23 tor-arm-1.4.5.0-11.fc23 unbound-1.5.7-1.fc23 xen-4.5.2-6.fc23 Details about builds: ================================================================================ OpenImageIO-1.5.22-1.fc23 (FEDORA-2015-1b45b1964d) Library for reading and writing images -------------------------------------------------------------------------------- Update Information: * Deep OpenEXR: recognize the newer AR/AG/AB channel name convention. #1277 * Fix ffmpeg plugin compilation in some configurations. #1288 * Bug fix: TIFF read_scanlines of files with unassociated alpha didn't honor the 'ystride' parameter and could run off the end of the buffer for nonstandard stride arranagements. #1278 * Fix missing Python bindings for global OIIO::getattribute(). #1290 -------------------------------------------------------------------------------- ================================================================================ amqp-1.0-4.20150701svn1688630.fc23 (FEDORA-2015-ca6c9776ae) The AMQP specification -------------------------------------------------------------------------------- Update Information: - remove arch'ed dependency in devel subpackage (to main package), rhbz#1292308 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292308 - amqp-devel Requires: amqp%{?_isa} which is actually noarch https://bugzilla.redhat.com/show_bug.cgi?id=1292308 -------------------------------------------------------------------------------- ================================================================================ bind-9.10.3-7.P2.fc23 (FEDORA-2015-09bf9e06ea) The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server -------------------------------------------------------------------------------- Update Information: security fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291176 - CVE-2015-8000 bind: responses with a malformed class attribute can trigger an assertion failure in db.c https://bugzilla.redhat.com/show_bug.cgi?id=1291176 [ 2 ] Bug #1291186 - CVE-2015-8461 bind: race condition when handling socket errors can lead to an assertion failure in resolver.c https://bugzilla.redhat.com/show_bug.cgi?id=1291186 -------------------------------------------------------------------------------- ================================================================================ bind-dyndb-ldap-8.0-4.fc23 (FEDORA-2015-09bf9e06ea) LDAP back-end plug-in for BIND -------------------------------------------------------------------------------- Update Information: security fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291176 - CVE-2015-8000 bind: responses with a malformed class attribute can trigger an assertion failure in db.c https://bugzilla.redhat.com/show_bug.cgi?id=1291176 [ 2 ] Bug #1291186 - CVE-2015-8461 bind: race condition when handling socket errors can lead to an assertion failure in resolver.c https://bugzilla.redhat.com/show_bug.cgi?id=1291186 -------------------------------------------------------------------------------- ================================================================================ copy-jdk-configs-1.1-2.fc23 (FEDORA-2015-56321fab8e) JDKs configuration files copier -------------------------------------------------------------------------------- Update Information: package now "installs" also during pretrans, so pretrasn scripts can use it -------------------------------------------------------------------------------- ================================================================================ dnsperf-2.0.0.0-19.fc23 (FEDORA-2015-09bf9e06ea) Benchmarking authorative and recursing DNS servers -------------------------------------------------------------------------------- Update Information: security fix -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291176 - CVE-2015-8000 bind: responses with a malformed class attribute can trigger an assertion failure in db.c https://bugzilla.redhat.com/show_bug.cgi?id=1291176 [ 2 ] Bug #1291186 - CVE-2015-8461 bind: race condition when handling socket errors can lead to an assertion failure in resolver.c https://bugzilla.redhat.com/show_bug.cgi?id=1291186 -------------------------------------------------------------------------------- ================================================================================ dovecot-2.2.21-1.fc23 (FEDORA-2015-127b5498a4) Secure imap and pop3 server -------------------------------------------------------------------------------- Update Information: - dovecot updated to 2.2.21 - doveadm mailbox list (and some others) were broken in v2.2.20 - director: Fixed making backend changes when running with only a single director server. - virtual plugin: Fixed crash when trying to open nonexistent autocreated backend mailbox. - pigeonhole updated to 0.4.10 - implemented the Sieve mime and foreverypart extensions (RFC 5703). - sieve body extension: Properly implemented the `:text' body transform. It now extracts text for HTML message parts. - variables extension: Fixed handling of empty string by the `:length' set modifier. An empty string yielded an empty string rather than "0". - Fixed memory leak in the Sieve script byte code dumping facility. Extension contexts were never actually freed. - doveadm sieve plugin: Fixed crashes caused by incorrect context allocation in the sieve command implementations. ---- + Added mailbox { autoexpunge=<time> } setting. See http://wiki2.dovecot.org/MailboxSettings for details. + ssl_options: Added support for no_ticket + imap/pop3/managesieve-login: Added postlogin_socket=path passdb extra field. This allows replacing the default service imap/pop3/managesieve {} settings for specific users (e.g. running their imap process via valgrind or strace). + doveadm fetch: Added date.sent/received/saved.unixtime + fs-posix: Added mode=auto parameter to set the created files' and directories' mode based on the parent dir if it has setgid-bit. + director: Support backends having hostnames, which makes it possible to verify their SSL certificates. - director: Directors' state became desynchronized if doveadm director commands were used to modify the same backend in multiple directors at the same time with conflicting changes. This fix includes some extra checks, which makes sure that if such a conflict still happens it's automatically fixed. In some situations such an automatic fix may now be unnecessarily triggered and an error logged. - director: Backend tags weren't working correctly. - ldap: tls_* settings weren't used for ldaps URIs. - ldap, mysql: Fixed setting connect timeout. - auth: userdb lookups via auth-worker couldn't change username - dsync: Fixed handling deleted directories. Make sure we don't go to infinite mailbox renaming loop. - imap: Fixed crash in NOTIFY when there were watched namespaces that didn't support NOTIFY. - imap: After SETMETADATA was used, various commands (especially FETCH) could have started hanging when their output was large. - stats: Idle sessions weren't refreshed often enough, causing stats process to forget them and log errors about unknown sessions when they were updated later. - stats: Fixed "Duplicate session ID" errors when LMTP delivered to multiple recipients and fts_autoindex=yes. - zlib plugin: Fixed copying causing cache corruption when zlib_save wasn't set, but the source message was compressed. - fts-solr: Fixed escaping Solr query parameters. - lmtp: quota_full_tempfail=yes was ignored with lmtp_rcpt_check_quota=yes -------------------------------------------------------------------------------- ================================================================================ eclipse-linuxtools-4.2.0-2.fc23 (FEDORA-2015-6248c805ff) Linux specific Eclipse plugins -------------------------------------------------------------------------------- Update Information: Update and build vagrant tooling plug-ins. -------------------------------------------------------------------------------- ================================================================================ fetch-crl-3.0.17-1.fc23 (FEDORA-2015-0c486feff3) Downloads Certificate Revocation Lists -------------------------------------------------------------------------------- Update Information: Changes in 3.0.17 ---------------------- * Add optional cache-control max-age headers in all requests to hint a maximum caching time to intermediate servers (bugzilla #26) https://bugzilla.nikhef.nl/show_bug.cgi?id=26 -------------------------------------------------------------------------------- ================================================================================ gnome-online-accounts-3.18.3-1.fc23 (FEDORA-2015-a7c1115925) Single sign-on framework for GNOME -------------------------------------------------------------------------------- Update Information: # Bugs fixed: * 751524 Network changes cause authentication token timeouts * 755316 imap-smtp: Fix typo in error message * 758361 Crash in mail_client_check_auth_run_cb when goa_mail_auth_run fails # Updated translations: * Simplified Chinese * Slovenian -------------------------------------------------------------------------------- References: [ 1 ] Bug #1259434 - Network changes cause authentication token timeouts (Evolution) https://bugzilla.redhat.com/show_bug.cgi?id=1259434 -------------------------------------------------------------------------------- ================================================================================ grive2-0.4.2-0.1.20151208gitcc13b8b.fc23 (FEDORA-2015-aa77fce813) Google Drive client -------------------------------------------------------------------------------- Update Information: initial import for grive2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1290924 - Review Request: grive2 - Google Drive client https://bugzilla.redhat.com/show_bug.cgi?id=1290924 -------------------------------------------------------------------------------- ================================================================================ gssproxy-0.4.1-4.fc23 (FEDORA-2015-35784ebe07) GSSAPI Proxy -------------------------------------------------------------------------------- Update Information: Fix GSS-Proxy with krb5-1.14. This includes: - Fix gssproxy to honor rfc5587 for gss_inquire_attrs_for_mech() - Fix gssproxy to allow gss_inquire_context() to return none - Fix krb5 to properly call into mechglue on gss_inquire_attrs_for_mech() -------------------------------------------------------------------------------- ================================================================================ help2man-1.47.3-1.fc23 (FEDORA-2015-2829c411a0) Create simple man pages from --help output -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1283172 - help2man-1.47.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1283172 -------------------------------------------------------------------------------- ================================================================================ ibus-typing-booster-1.3.0-3.fc23 (FEDORA-2015-fefee286e1) A typing booster engine for the IBus platform -------------------------------------------------------------------------------- Update Information: update to 1.3.0; Support for AltGr (mainly for Indian inscript2) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291238 - committing with the space key in ibus-typing-booster works correctly only in GTK applications but not in Qt and X11 applications https://bugzilla.redhat.com/show_bug.cgi?id=1291238 [ 2 ] Bug #1051405 - inscript2 layouts are not supported in ibus-typing-booster https://bugzilla.redhat.com/show_bug.cgi?id=1051405 [ 3 ] Bug #772665 - [RFE] Need support for AltGr mappings https://bugzilla.redhat.com/show_bug.cgi?id=772665 -------------------------------------------------------------------------------- ================================================================================ ipsec-tools-0.8.2-3.fc23 (FEDORA-2015-be9c12bf1b) Tools for configuring and using IPSEC -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1292522 Add remoteid/ph1id configuration feature -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292522 - Add remoteid/ph1id configuration feature https://bugzilla.redhat.com/show_bug.cgi?id=1292522 -------------------------------------------------------------------------------- ================================================================================ java-1.8.0-openjdk-1.8.0.65-13.b17.fc23 (FEDORA-2015-c0a111beb9) OpenJDK Runtime Environment -------------------------------------------------------------------------------- Update Information: Moved to new sources - integration forest. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1283949 - no hardening build on F23 https://bugzilla.redhat.com/show_bug.cgi?id=1283949 -------------------------------------------------------------------------------- ================================================================================ kapptemplate-15.12.0-1.fc23 (FEDORA-2015-f2c80c02ea) KDE Template generator -------------------------------------------------------------------------------- Update Information: Update to latest kapptemplate, fixes conflict with kf5-plasma -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292506 - kf5-plasma breaks update due to conflicting files https://bugzilla.redhat.com/show_bug.cgi?id=1292506 -------------------------------------------------------------------------------- ================================================================================ kernel-4.2.8-300.fc23 (FEDORA-2015-c59710b05d) The Linux kernel -------------------------------------------------------------------------------- Update Information: The 4.2.8 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1282688 - CVE-2013-7446 kernel: Unix sockets use after free - peer_wait_queue prematurely freed https://bugzilla.redhat.com/show_bug.cgi?id=1282688 [ 2 ] Bug #1291329 - kernel: Permission bypass on overlayfs during copy_up https://bugzilla.redhat.com/show_bug.cgi?id=1291329 [ 3 ] Bug #1291197 - CVE-2015-7550 kernel: User triggerable crash from race between key read and rey revoke https://bugzilla.redhat.com/show_bug.cgi?id=1291197 [ 4 ] Bug #1290475 - kernel: IPv6 connect causes DoS via NULL pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=1290475 -------------------------------------------------------------------------------- ================================================================================ kf5-plasma-5.17.0-2.fc23 (FEDORA-2015-f2c80c02ea) KDE Frameworks 5 Tier 3 framework is foundation to build a primary user interface -------------------------------------------------------------------------------- Update Information: Update to latest kapptemplate, fixes conflict with kf5-plasma -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292506 - kf5-plasma breaks update due to conflicting files https://bugzilla.redhat.com/show_bug.cgi?id=1292506 -------------------------------------------------------------------------------- ================================================================================ koji-containerbuild-0.5.5-1.fc23 (FEDORA-2015-5b67cbb3ff) Koji support for building layered container images -------------------------------------------------------------------------------- Update Information: New package - koji plugin to support building layered container images. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1284400 - Review Request: koji-containerbuild - Koji support for building layered container images https://bugzilla.redhat.com/show_bug.cgi?id=1284400 -------------------------------------------------------------------------------- ================================================================================ krb5-1.14-4.fc23 (FEDORA-2015-35784ebe07) The Kerberos network authentication system -------------------------------------------------------------------------------- Update Information: Fix GSS-Proxy with krb5-1.14. This includes: - Fix gssproxy to honor rfc5587 for gss_inquire_attrs_for_mech() - Fix gssproxy to allow gss_inquire_context() to return none - Fix krb5 to properly call into mechglue on gss_inquire_attrs_for_mech() -------------------------------------------------------------------------------- ================================================================================ libass-0.13.1-1.fc23 (FEDORA-2015-e360ec8d4e) Portable library for SSA/ASS subtitles rendering -------------------------------------------------------------------------------- Update Information: * Update to 0.13.1. * Many bugfixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1270069 - libass-0.13.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1270069 -------------------------------------------------------------------------------- ================================================================================ libconfig-1.5-3.fc23 (FEDORA-2015-b33c875366) C/C++ configuration file library -------------------------------------------------------------------------------- Update Information: Fix doc pdf. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292449 - libconfig.pdf: evince says "PDF document is damaged" https://bugzilla.redhat.com/show_bug.cgi?id=1292449 -------------------------------------------------------------------------------- ================================================================================ libsndfile-1.0.25-18.fc23 (FEDORA-2015-71b291686c) Library for reading and writing sound files -------------------------------------------------------------------------------- Update Information: fix CVE-2015-7805 libsndfile: Heap overflow vulnerability when parsing specially crafted AIFF header -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277915 - CVE-2015-8075 libsndfile: Out of bounds memory access in psf_strlcpy_crlf https://bugzilla.redhat.com/show_bug.cgi?id=1277915 -------------------------------------------------------------------------------- ================================================================================ libteam-1.23-1.fc23 (FEDORA-2015-4e3b4f7bbd) Library for controlling team network device -------------------------------------------------------------------------------- Update Information: - 1.23 release - dbus: don't do <deny send_interface="..." /> in template dbus s. f. - libteam: retry on NLE_DUMP_INTR error -------------------------------------------------------------------------------- ================================================================================ libvncserver-0.9.10-3.fc23 (FEDORA-2015-b7c1fd61e1) Library to make writing a VNC server easy -------------------------------------------------------------------------------- Update Information: Final 0.9.10 release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1179318 - Utilize system-wide crypto-policies https://bugzilla.redhat.com/show_bug.cgi?id=1179318 -------------------------------------------------------------------------------- ================================================================================ libzhuyin-1.1.0-1.fc23 (FEDORA-2015-7c74c3ec43) Library to deal with zhuyin -------------------------------------------------------------------------------- Update Information: new upstream release. -------------------------------------------------------------------------------- ================================================================================ light-locker-1.7.0-1.fc23 (FEDORA-2015-8e4f7655fb) A simple session-locker for lightdm -------------------------------------------------------------------------------- Update Information: version 1.7.0 - Use lid status for locking and VT switching Use systemd suspend delay to lock on suspend Set systemd IdleHint More small changes Translations update New translations -------------------------------------------------------------------------------- References: [ 1 ] Bug #1275116 - light-locker-v1.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1275116 -------------------------------------------------------------------------------- ================================================================================ mingw-gdk-pixbuf-2.32.3-1.fc23 (FEDORA-2015-692a49e01d) MinGW Windows GDK Pixbuf library -------------------------------------------------------------------------------- Update Information: MinGW build of gdk-pixbuf 2.32.3 release. -------------------------------------------------------------------------------- ================================================================================ nodejs-delegates-1.0.0-1.fc23 (FEDORA-2015-cdaac304b9) Delegate methods and accessors to another property -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292232 - Review Request: nodejs-delegates - Delegate methods and accessors to another property https://bugzilla.redhat.com/show_bug.cgi?id=1292232 -------------------------------------------------------------------------------- ================================================================================ nodejs-imurmurhash-0.1.4-1.fc23 (FEDORA-2015-2860e79848) An incremental implementation of MurmurHash3 -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292280 - Review Request: nodejs-imurmurhash - An incremental implementation of MurmurHash3 https://bugzilla.redhat.com/show_bug.cgi?id=1292280 -------------------------------------------------------------------------------- ================================================================================ nodejs-read-all-stream-3.0.1-2.fc23.2 (FEDORA-2015-c44ff09295) Read all stream content and pass it to callback -------------------------------------------------------------------------------- Update Information: Removed fixdep on readable-stream -------------------------------------------------------------------------------- ================================================================================ nodejs-stream-spigot-3.0.5-4.fc23 (FEDORA-2015-e4ec4233d7) Testing or converting simple functions into Readable streams -------------------------------------------------------------------------------- Update Information: Remove fixdep on readable-stream -------------------------------------------------------------------------------- ================================================================================ nodejs-unc-path-regex-0.1.1-1.fc23 (FEDORA-2015-f1d93b575c) Regular expression to test if a file path is a windows UNC path -------------------------------------------------------------------------------- Update Information: Initial packaging -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292291 - Review Request: nodejs-unc-path-regex - Regular expression to test if a file path is a windows UNC path https://bugzilla.redhat.com/show_bug.cgi?id=1292291 -------------------------------------------------------------------------------- ================================================================================ nqp-0.0.2015.11-2.fc23 (FEDORA-2015-3581407116) Not Quite Perl (6) -------------------------------------------------------------------------------- Update Information: do not bundle jna -------------------------------------------------------------------------------- ================================================================================ perl-Sort-Versions-1.62-1.fc23 (FEDORA-2015-2cb9b862f5) Perl module for sorting of revision-like numbers -------------------------------------------------------------------------------- Update Information: -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291644 - Upgrade perl-Sort-Versions to 1.62 https://bugzilla.redhat.com/show_bug.cgi?id=1291644 -------------------------------------------------------------------------------- ================================================================================ rakudo-star-0.0.2015.11-2.fc23 (FEDORA-2015-bde2c26496) Rakudo, Perl6-modules and documentation -------------------------------------------------------------------------------- Update Information: rebuild to related nqp -------------------------------------------------------------------------------- ================================================================================ rp-pppoe-3.12-4.fc23 (FEDORA-2015-b3aec97419) A PPP over Ethernet client (for xDSL support). -------------------------------------------------------------------------------- Update Information: - update to new version 3.12 - enable rp-pppoe plugin -------------------------------------------------------------------------------- ================================================================================ rubygem-flexmock-2.0.3-1.fc23 (FEDORA-2015-ffe41d5726) Mock object library for ruby -------------------------------------------------------------------------------- Update Information: New version 2.0.3 is released. -------------------------------------------------------------------------------- ================================================================================ sayonara-0.8.0-1.svn289.fc23 (FEDORA-2015-c943ab3ff8) A lightweight Qt Audio player -------------------------------------------------------------------------------- Update Information: - Update to 0.8.0 - added BR libmtp-devel -------------------------------------------------------------------------------- ================================================================================ sharpziplib-0.86.0-0.5.fc23 (FEDORA-2015-c5013f46ec) Zip, GZip, Tar and BZip2 library -------------------------------------------------------------------------------- Update Information: - split devel subpackage with pkgconfig file -------------------------------------------------------------------------------- ================================================================================ texstudio-2.10.4-2.fc23 (FEDORA-2015-f2e5be7ce1) A feature-rich editor for LaTeX documents -------------------------------------------------------------------------------- Update Information: - disable automatic update check -------------------------------------------------------------------------------- ================================================================================ tor-arm-1.4.5.0-11.fc23 (FEDORA-2015-9176198eeb) Terminal status monitor for Tor -------------------------------------------------------------------------------- Update Information: Require pygtk2-libglade -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292513 - Missing dependency on GUI https://bugzilla.redhat.com/show_bug.cgi?id=1292513 -------------------------------------------------------------------------------- ================================================================================ unbound-1.5.7-1.fc23 (FEDORA-2015-c1f2e02e85) Validating, recursive, and caching DNS(SEC) resolver -------------------------------------------------------------------------------- Update Information: Update to 1.5.7, Enable query minimalization and nxdomain hardening -------------------------------------------------------------------------------- ================================================================================ xen-4.5.2-6.fc23 (FEDORA-2015-d8253e2b1d) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: paravirtualized drivers incautious about shared memory contents [XSA-155, CVE-2015-8550] qemu-dm buffer overrun in MSI-X handling [XSA-164, CVE-2015-8554] information leak in legacy x86 FPU/XMM initialization [XSA-165, CVE-2015-8555] ioreq handling possibly susceptible to multiple read issue [XSA-166] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1290365 - xsa166 xen: ioreq handling possibly susceptible to multiple read issue (XSA-166) https://bugzilla.redhat.com/show_bug.cgi?id=1290365 [ 2 ] Bug #1289129 - CVE-2015-8554 xsa164 xen: qemu-dm buffer overrun in MSI-X handling (XSA-164) https://bugzilla.redhat.com/show_bug.cgi?id=1289129 [ 3 ] Bug #1289130 - CVE-2015-8555 xsa165 xen: information leak in legacy x86 FPU/XMM initialization (XSA-165) https://bugzilla.redhat.com/show_bug.cgi?id=1289130 [ 4 ] Bug #1289125 - CVE-2015-8550 xsa155 xen: paravirtualized drivers incautious about shared memory contents (XSA-155) https://bugzilla.redhat.com/show_bug.cgi?id=1289125 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
