The following Fedora 23 Security updates need testing: Age URL 140 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12739 python-kdcproxy-0.3.2-1.fc23 122 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5eb2131441 conntrack-tools-1.4.2-9.fc23 93 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 80 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 80 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c76c1c84cf mod_nss-1.0.12-1.fc23 67 https://bodhi.fedoraproject.org/updates/FEDORA-2015-66439aa9e2 openstack-glance-2015.1.2-1.fc23 51 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 33 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4ad4998d00 libpng-1.6.17-3.fc23 24 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 23 https://bodhi.fedoraproject.org/updates/FEDORA-2015-28076d0830 thttpd-2.25b-35.fc23 23 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-36.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2015-abf9659276 php-PHPMailer-5.2.14-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c80ec85542 libpng15-1.5.25-1.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6d473c95ee arts-1.5.10-30.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6e50918d8e kdelibs3-3.5.10-71.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1c773e8702 shellinabox-2.19-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-277cc63d9f gwenhywfar-4.13.1-5.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a3c9048cdd php-horde-Horde-Core-2.22.4-1.fc23 php-horde-Horde-Perms-2.1.6-1.fc23 php-horde-Horde-Service-Weather-2.3.1-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-eefc5a6762 activemq-5.6.0-14.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a7cbc13699 nodejs-handlebars-4.0.5-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3868cfa17b libpng10-1.0.66-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2015-84b1635e90 sos-3.2-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-aa14be8d92 claws-mail-3.13.1-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d7e5461dbf jenkins-1.625.3-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-39499d9af8 libpng12-1.2.56-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-44fb3501cc mingw-giflib-5.0.5-4.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 33 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4ad4998d00 libpng-1.6.17-3.fc23 27 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2ae867c402 NetworkManager-vpnc-1.0.8-1.fc23 NetworkManager-openconnect-1.0.8-1.fc23 NetworkManager-openvpn-1.0.8-1.fc23 NetworkManager-openswan-1.0.8-1.fc23 NetworkManager-fortisslvpn-1.0.8-1.fc23 NetworkManager-1.0.8-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4a9c774398 bzip2-1.0.6-18.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-fc1856e9a5 menu-cache-1.0.1-1.fc23 7 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f2ec2ce9c7 konsole-4.14.3-10.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5d4a22e6f0 libassuan-2.4.2-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6ce4cf3893 libgpg-error-1.21-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-934f79dc89 xkeyboard-config-2.16-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-15da164d62 libXi-1.7.6-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-315219b5e3 gnupg-1.4.20-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-96bc36aa45 sqlite-3.9.2-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4941f9754f libarchive-3.1.2-14.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-84f3581cb2 mesa-11.1.0-1.20151218.fc23 The following builds have been pushed to Fedora 23 updates-testing anki-2.0.33-1.fc23 bcm283x-firmware-20151219-1.1efc1ec.fc23 claws-mail-3.13.1-4.fc23 clufter-0.55.0-1.fc23 compiz-0.8.10-2.fc23 compiz-manager-0.7.0-2.fc23 eclipse-xtext-2.9.1-1.fc23 emerald-0.8.9-3.fc23 fusion-icon-0.1.2-4.fc23 girara-0.2.5-1.fc23 gnupg-1.4.20-1.fc23 ibus-libpinyin-1.7.4-1.fc23 jenkins-1.625.3-1.fc23 kf5-plasma-5.17.0-3.fc23 kopete-15.08.3-1.fc23 lazarus-1.4.4-1.fc23 libXi-1.7.6-1.fc23 libarchive-3.1.2-14.fc23 libassuan-2.4.2-1.fc23 libevdev-1.4.5-2.fc23 libgpg-error-1.21-1.fc23 libinput-1.1.4-1.fc23 libpng12-1.2.56-1.fc23 libreoffice-5.0.4.2-3.fc23 lirc-0.9.3a-3.fc23 marco-1.12.1-2.fc23 mesa-11.1.0-1.20151218.fc23 mingw-giflib-5.0.5-4.fc23 mozilla-noscript-2.7-2.fc23 nodejs-deferred-0.7.4-1.fc23 nodejs-realize-package-specifier-3.0.1-2.fc23 nqp-0.0.2015.11-3.fc23 perl-Module-CoreList-5.20151220-1.fc23 perl-Net-SSH2-0.58-1.fc23 perl-Regexp-Grammars-1.044-1.fc23 pyhunspell-0.3.3-1.fc23 python-cpuinfo-0.1.8-1.fc23 python-gertty-1.3.0-1.fc23 python-pyudev-0.18.1-1.fc23 python-regex-2015.11.22-1.fc23 python-requests-2.9.1-1.fc23 python-urllib3-1.13.1-1.fc23 qxmpp-0.9.3-1.fc23 rakudo-star-0.0.2015.11-3.fc23 ripright-0.11-1.fc23 rubber-1.4-1.fc23 sqlite-3.9.2-1.fc23 sxiv-1.3.2-1.fc23 tcl-mysqltcl-3.052-1.fc23 thermostat-1.4.2-2.fc23 tlsdate-0.0.13-1.fc23 waf-1.8.17-1.fc23 xkeyboard-config-2.16-2.fc23 xorg-x11-drv-omap-0.4.4-1.fc23 zathura-0.3.4-1.fc23 Details about builds: ================================================================================ anki-2.0.33-1.fc23 (FEDORA-2015-7d50413965) Flashcard program for using space repetition learning -------------------------------------------------------------------------------- Update Information: Update to new bugfix upstream release 2.0.33. Please see http://www.ankisrs.net/docs/changes.html for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1270574 - anki-2.0.33 is available https://bugzilla.redhat.com/show_bug.cgi?id=1270574 -------------------------------------------------------------------------------- ================================================================================ bcm283x-firmware-20151219-1.1efc1ec.fc23 (FEDORA-2015-0264cd3a5f) Broadcom bcm283x firmware for the Raspberry Pi -------------------------------------------------------------------------------- Update Information: Latest firmware update -------------------------------------------------------------------------------- ================================================================================ claws-mail-3.13.1-4.fc23 (FEDORA-2015-aa14be8d92) Email client and news reader based on GTK+ -------------------------------------------------------------------------------- Update Information: Update from 3.12.0 to 3.13.1 for bug-fixes. Includes security fix for CVE-2015-8614. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293579 - CVE-2015-8614 claws-mail: Stack overflow in conv_{jistoeuc,euctojis,sjistoeuc} https://bugzilla.redhat.com/show_bug.cgi?id=1293579 -------------------------------------------------------------------------------- ================================================================================ clufter-0.55.0-1.fc23 (FEDORA-2015-adbf86bbdc) Tool/library for transforming/analyzing cluster configuration formats -------------------------------------------------------------------------------- Update Information: - auto-generate SEE ALSO sections for the man pages - bump upstream package (intentional jump on upstream front), see https://github.com/jnpkrn/clufter/releases/tag/v0.55.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1210412 - VM resource not converted https://bugzilla.redhat.com/show_bug.cgi?id=1210412 [ 2 ] Bug #1206640 - grouped resources converted to separate resources https://bugzilla.redhat.com/show_bug.cgi?id=1206640 -------------------------------------------------------------------------------- ================================================================================ compiz-0.8.10-2.fc23 (FEDORA-2015-155fbf7d55) OpenGL window and compositing manager -------------------------------------------------------------------------------- Update Information: marco - split out marco libraries in a subpackage, needed for new compiz-0.8.10 compiz - update to 0.8.10 release - new mwd decorator (mate-window-manager) - remove old start scripts + desktop files - use only one menuentry to start compiz - honor decorator changes in mate-control-center if mate-window-decorator is running - 'compiz' is now the gsettings key value to start compiz with session start - drop mate subpackage fusion-icon - update to 0.1.2 release - support for mate-window-decorator - drop subpackage - use python rpmbuild style compiz-manager - update to 0.7.0 releases - Use different libdirs on different architectures - Better desktop environments detection - Cover a possible multiple resolution definition - Avoid software rasteriser - Drop PCI-ID blacklisting - fix changelog emerald - remove start scripts ---- - fix rhbz (#1291897) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1289515 - compiz-mate does not pick up titlebar font settings from marco https://bugzilla.redhat.com/show_bug.cgi?id=1289515 [ 2 ] Bug #1291897 - install of compiz-xfce conflicts with emerald https://bugzilla.redhat.com/show_bug.cgi?id=1291897 -------------------------------------------------------------------------------- ================================================================================ compiz-manager-0.7.0-2.fc23 (FEDORA-2015-155fbf7d55) A wrapper script to start compiz with proper options -------------------------------------------------------------------------------- Update Information: marco - split out marco libraries in a subpackage, needed for new compiz-0.8.10 compiz - update to 0.8.10 release - new mwd decorator (mate-window-manager) - remove old start scripts + desktop files - use only one menuentry to start compiz - honor decorator changes in mate-control-center if mate-window-decorator is running - 'compiz' is now the gsettings key value to start compiz with session start - drop mate subpackage fusion-icon - update to 0.1.2 release - support for mate-window-decorator - drop subpackage - use python rpmbuild style compiz-manager - update to 0.7.0 releases - Use different libdirs on different architectures - Better desktop environments detection - Cover a possible multiple resolution definition - Avoid software rasteriser - Drop PCI-ID blacklisting - fix changelog emerald - remove start scripts ---- - fix rhbz (#1291897) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1289515 - compiz-mate does not pick up titlebar font settings from marco https://bugzilla.redhat.com/show_bug.cgi?id=1289515 [ 2 ] Bug #1291897 - install of compiz-xfce conflicts with emerald https://bugzilla.redhat.com/show_bug.cgi?id=1291897 -------------------------------------------------------------------------------- ================================================================================ eclipse-xtext-2.9.1-1.fc23 (FEDORA-2015-907b1dd1f1) Xtext is a framework for development of programming languages -------------------------------------------------------------------------------- Update Information: upgrade to 2.9.1 -------------------------------------------------------------------------------- ================================================================================ emerald-0.8.9-3.fc23 (FEDORA-2015-155fbf7d55) Themeable window decorator and compositing manager for Compiz -------------------------------------------------------------------------------- Update Information: marco - split out marco libraries in a subpackage, needed for new compiz-0.8.10 compiz - update to 0.8.10 release - new mwd decorator (mate-window-manager) - remove old start scripts + desktop files - use only one menuentry to start compiz - honor decorator changes in mate-control-center if mate-window-decorator is running - 'compiz' is now the gsettings key value to start compiz with session start - drop mate subpackage fusion-icon - update to 0.1.2 release - support for mate-window-decorator - drop subpackage - use python rpmbuild style compiz-manager - update to 0.7.0 releases - Use different libdirs on different architectures - Better desktop environments detection - Cover a possible multiple resolution definition - Avoid software rasteriser - Drop PCI-ID blacklisting - fix changelog emerald - remove start scripts ---- - fix rhbz (#1291897) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1289515 - compiz-mate does not pick up titlebar font settings from marco https://bugzilla.redhat.com/show_bug.cgi?id=1289515 [ 2 ] Bug #1291897 - install of compiz-xfce conflicts with emerald https://bugzilla.redhat.com/show_bug.cgi?id=1291897 -------------------------------------------------------------------------------- ================================================================================ fusion-icon-0.1.2-4.fc23 (FEDORA-2015-155fbf7d55) Compiz Fusion panel applet -------------------------------------------------------------------------------- Update Information: marco - split out marco libraries in a subpackage, needed for new compiz-0.8.10 compiz - update to 0.8.10 release - new mwd decorator (mate-window-manager) - remove old start scripts + desktop files - use only one menuentry to start compiz - honor decorator changes in mate-control-center if mate-window-decorator is running - 'compiz' is now the gsettings key value to start compiz with session start - drop mate subpackage fusion-icon - update to 0.1.2 release - support for mate-window-decorator - drop subpackage - use python rpmbuild style compiz-manager - update to 0.7.0 releases - Use different libdirs on different architectures - Better desktop environments detection - Cover a possible multiple resolution definition - Avoid software rasteriser - Drop PCI-ID blacklisting - fix changelog emerald - remove start scripts ---- - fix rhbz (#1291897) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1289515 - compiz-mate does not pick up titlebar font settings from marco https://bugzilla.redhat.com/show_bug.cgi?id=1289515 [ 2 ] Bug #1291897 - install of compiz-xfce conflicts with emerald https://bugzilla.redhat.com/show_bug.cgi?id=1291897 -------------------------------------------------------------------------------- ================================================================================ girara-0.2.5-1.fc23 (FEDORA-2015-600630bad9) Simple user interface library -------------------------------------------------------------------------------- Update Information: A new version of girara is available. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293328 - girara-0.2.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1293328 -------------------------------------------------------------------------------- ================================================================================ gnupg-1.4.20-1.fc23 (FEDORA-2015-315219b5e3) A GNU utility for secure communication and data storage -------------------------------------------------------------------------------- Update Information: - New upstream v1.4.20 (#1293112) - Reject signatures made using the MD5 hash algorithm unless the new option --allow-weak-digest-algos or --pgp2 are given. - New option --weak-digest to specify hash algorithms which should be considered weak. - Changed default cipher for symmetric-only encryption to AES-128. - Fix for DoS when importing certain garbled secret keys. - Improved error reporting for secret subkey w/o corresponding public subkey. - Improved error reporting in decryption due to wrong algorithm. - Fix cluttering of stdout with trustdb info in double verbose mode. - Pass a DBUS envvar to gpg-agent for use by gnome-keyring. -------------------------------------------------------------------------------- ================================================================================ ibus-libpinyin-1.7.4-1.fc23 (FEDORA-2015-04bbe1ca58) Intelligent Pinyin engine based on libpinyin for IBus -------------------------------------------------------------------------------- Update Information: new upstream release. -------------------------------------------------------------------------------- ================================================================================ jenkins-1.625.3-1.fc23 (FEDORA-2015-d7e5461dbf) An extendable open source continuous integration server -------------------------------------------------------------------------------- Update Information: Update to latest LTS release 1.625.3. This update fixes CVE-2015-7536, CVE-2015-7537, CVE-2015-7538, CVE-2015-7539. -------------------------------------------------------------------------------- ================================================================================ kf5-plasma-5.17.0-3.fc23 (FEDORA-2015-4b1b145426) KDE Frameworks 5 Tier 3 framework is foundation to build a primary user interface -------------------------------------------------------------------------------- Update Information: Add Conflicts: kdeplasma-addons < 5.5.0-3, to give dependency resolvers a hint to avoid file conflicts on upgrades -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293415 - conflicts between kdeplasma-addons-5.4.2-1.fc23.x86_64 and kf5-plasma-5.17.0-2.fc23.x86_64 https://bugzilla.redhat.com/show_bug.cgi?id=1293415 -------------------------------------------------------------------------------- ================================================================================ kopete-15.08.3-1.fc23 (FEDORA-2015-a29705b427) Instant messenger -------------------------------------------------------------------------------- Update Information: Newer release, omit skype buttons plugin that can cause crashes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1262715 - Kopete ships skypebuttons browser plugin that crashes Qt5WebKit - [abrt] qt5-qtwebkit: _GLOBAL__sub_I_qprinterinfo.cpp(): QtWebPluginProcess killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1262715 -------------------------------------------------------------------------------- ================================================================================ lazarus-1.4.4-1.fc23 (FEDORA-2015-6aae2f1859) Lazarus Component Library and IDE for Freepascal -------------------------------------------------------------------------------- Update Information: Updated to version 1.4.4 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1239637 - lazarus: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1239637 -------------------------------------------------------------------------------- ================================================================================ libXi-1.7.6-1.fc23 (FEDORA-2015-15da164d62) X.Org X11 libXi runtime library -------------------------------------------------------------------------------- Update Information: libXi 1.7.6 -------------------------------------------------------------------------------- ================================================================================ libarchive-3.1.2-14.fc23 (FEDORA-2015-4941f9754f) A library for handling streaming archive formats -------------------------------------------------------------------------------- Update Information: fix 'Out of memory when creating mtree files' error (rhbz#1284162) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1284162 - Fatal Internal Error in libarchive: Out of memory when creating mtree files https://bugzilla.redhat.com/show_bug.cgi?id=1284162 -------------------------------------------------------------------------------- ================================================================================ libassuan-2.4.2-1.fc23 (FEDORA-2015-5d4a22e6f0) GnuPG IPC library -------------------------------------------------------------------------------- Update Information: Update from upstream adding new API needed for new GnuPG. -------------------------------------------------------------------------------- ================================================================================ libevdev-1.4.5-2.fc23 (FEDORA-2015-96ca576ca9) Kernel Evdev Device Wrapper Library -------------------------------------------------------------------------------- Update Information: Fix a couple of coverity warnings in the libevdev-tweak-device tool -------------------------------------------------------------------------------- ================================================================================ libgpg-error-1.21-1.fc23 (FEDORA-2015-6ce4cf3893) Library for error values used by GnuPG components -------------------------------------------------------------------------------- Update Information: Minor update from upstream -------------------------------------------------------------------------------- References: [ 1 ] Bug #1214910 - Multi-arch conflict for gpg-error.h in devel packages https://bugzilla.redhat.com/show_bug.cgi?id=1214910 -------------------------------------------------------------------------------- ================================================================================ libinput-1.1.4-1.fc23 (FEDORA-2015-390a0f4f82) Input device library -------------------------------------------------------------------------------- Update Information: libinput 1.1.4, drains the device fd before initializing a device -------------------------------------------------------------------------------- ================================================================================ libpng12-1.2.56-1.fc23 (FEDORA-2015-39499d9af8) Old version of libpng, needed to run old binaries -------------------------------------------------------------------------------- Update Information: Latest upstream release, includes fixes for security vulnerabilities: CVE-2015-7981, CVE-2015-8126, CVE-2015-8540 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1276416 - CVE-2015-7981 libpng: Out-of-bounds read in png_convert_to_rfc1123 https://bugzilla.redhat.com/show_bug.cgi?id=1276416 [ 2 ] Bug #1281756 - CVE-2015-8126 CVE-2015-8472 libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions https://bugzilla.redhat.com/show_bug.cgi?id=1281756 [ 3 ] Bug #1291312 - CVE-2015-8540 libpng: underflow read in png_check_keyword() https://bugzilla.redhat.com/show_bug.cgi?id=1291312 -------------------------------------------------------------------------------- ================================================================================ libreoffice-5.0.4.2-3.fc23 (FEDORA-2015-98c92e275f) Free Software Productivity Suite -------------------------------------------------------------------------------- Update Information: + Improve the wayland via gtk3 experience -------------------------------------------------------------------------------- References: [ 1 ] Bug #1283420 - message box fonts corrupted in libreoffice https://bugzilla.redhat.com/show_bug.cgi?id=1283420 [ 2 ] Bug #1289394 - [gtk3] [wayland] tooltips are misplaced before moving window for the first time https://bugzilla.redhat.com/show_bug.cgi?id=1289394 [ 3 ] Bug #1292210 - Cannot exit from ooffice using ctrl+Q with a read-only document https://bugzilla.redhat.com/show_bug.cgi?id=1292210 [ 4 ] Bug #1281906 - [gtk3] [wayland] Windows have broken size and headerbar drawn over content https://bugzilla.redhat.com/show_bug.cgi?id=1281906 [ 5 ] Bug #1291925 - [gtk3] missing drag indicator for toolbars https://bugzilla.redhat.com/show_bug.cgi?id=1291925 [ 6 ] Bug #1285364 - [gtk3] [wayland] URLs can't be opened https://bugzilla.redhat.com/show_bug.cgi?id=1285364 [ 7 ] Bug #1287581 - [gtk3] [wayland] Toolbars dragged out of main window are broken https://bugzilla.redhat.com/show_bug.cgi?id=1287581 -------------------------------------------------------------------------------- ================================================================================ lirc-0.9.3a-3.fc23 (FEDORA-2015-233263f33c) The Linux Infrared Remote Control package -------------------------------------------------------------------------------- Update Information: The former fix in -2 for this issue was broken, making a new attempt -------------------------------------------------------------------------------- References: [ 1 ] Bug #1284522 - "Error: package lirc-0.9.1a-4.fc21.x86_64 requires lirc-libs(x86-64) = 0.9.1a-4.fc21, but none of the providers can be installed" on attempted upgrade from F21 to F23 https://bugzilla.redhat.com/show_bug.cgi?id=1284522 -------------------------------------------------------------------------------- ================================================================================ marco-1.12.1-2.fc23 (FEDORA-2015-155fbf7d55) MATE Desktop window manager -------------------------------------------------------------------------------- Update Information: marco - split out marco libraries in a subpackage, needed for new compiz-0.8.10 compiz - update to 0.8.10 release - new mwd decorator (mate-window-manager) - remove old start scripts + desktop files - use only one menuentry to start compiz - honor decorator changes in mate-control-center if mate-window-decorator is running - 'compiz' is now the gsettings key value to start compiz with session start - drop mate subpackage fusion-icon - update to 0.1.2 release - support for mate-window-decorator - drop subpackage - use python rpmbuild style compiz-manager - update to 0.7.0 releases - Use different libdirs on different architectures - Better desktop environments detection - Cover a possible multiple resolution definition - Avoid software rasteriser - Drop PCI-ID blacklisting - fix changelog emerald - remove start scripts ---- - fix rhbz (#1291897) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1289515 - compiz-mate does not pick up titlebar font settings from marco https://bugzilla.redhat.com/show_bug.cgi?id=1289515 [ 2 ] Bug #1291897 - install of compiz-xfce conflicts with emerald https://bugzilla.redhat.com/show_bug.cgi?id=1291897 -------------------------------------------------------------------------------- ================================================================================ mesa-11.1.0-1.20151218.fc23 (FEDORA-2015-84f3581cb2) Mesa graphics libraries -------------------------------------------------------------------------------- Update Information: 11.1.0 -------------------------------------------------------------------------------- ================================================================================ mingw-giflib-5.0.5-4.fc23 (FEDORA-2015-44fb3501cc) MinGW Windows giflib library -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2015-7555. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293372 - CVE-2015-7555 mingw-giflib: giflib: Heap-based buffer overflow in giffix utility [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1293372 -------------------------------------------------------------------------------- ================================================================================ mozilla-noscript-2.7-2.fc23 (FEDORA-2015-c6f49d6f0f) JavaScript white list extension for Mozilla Firefox -------------------------------------------------------------------------------- Update Information: This update makes NoScript work with Firefox 43+ without disabling signature checking. -------------------------------------------------------------------------------- ================================================================================ nodejs-deferred-0.7.4-1.fc23 (FEDORA-2015-6d83b9913d) Modular and fast Promises implementation for JavaScript -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293047 - Review Request: nodejs-deferred - Modular and fast Promises implementation for JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=1293047 -------------------------------------------------------------------------------- ================================================================================ nodejs-realize-package-specifier-3.0.1-2.fc23 (FEDORA-2015-eca450247b) Producing full file paths and differentiating local tar and directory sources -------------------------------------------------------------------------------- Update Information: Update to v3.0.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1221536 - Review Request: nodejs-realize-package-specifier - Like npm-package-arg, but more so, producing full file paths and differentiating local tar and directory sources. https://bugzilla.redhat.com/show_bug.cgi?id=1221536 -------------------------------------------------------------------------------- ================================================================================ nqp-0.0.2015.11-3.fc23 (FEDORA-2015-611d763fde) Not Quite Perl (6) -------------------------------------------------------------------------------- Update Information: new build that should also run at ppc architecture ---- do not bundle jna -------------------------------------------------------------------------------- ================================================================================ perl-Module-CoreList-5.20151220-1.fc23 (FEDORA-2015-3a62f539a5) What modules are shipped with versions of perl -------------------------------------------------------------------------------- Update Information: Update to the latest version -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293613 - perl-Module-CoreList-5.20151220 is available https://bugzilla.redhat.com/show_bug.cgi?id=1293613 -------------------------------------------------------------------------------- ================================================================================ perl-Net-SSH2-0.58-1.fc23 (FEDORA-2015-770e66c44a) Support for the SSH 2 protocol via libSSH2 -------------------------------------------------------------------------------- Update Information: A new version of Net::SSH2 is available. See http://cpansearch.perl.org/src/SALVA/Net-SSH2-0.58/Changes for the summary of changes in this release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293114 - perl-Net-SSH2-0.58 is available https://bugzilla.redhat.com/show_bug.cgi?id=1293114 -------------------------------------------------------------------------------- ================================================================================ perl-Regexp-Grammars-1.044-1.fc23 (FEDORA-2015-dd3ee4cb91) Add grammatical parsing features to perl regular expressions -------------------------------------------------------------------------------- Update Information: update to version 1.044 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291677 - perl-Regexp-Grammars-1.043 is available https://bugzilla.redhat.com/show_bug.cgi?id=1291677 -------------------------------------------------------------------------------- ================================================================================ pyhunspell-0.3.3-1.fc23 (FEDORA-2015-f005f839a8) Python bindings for hunspell -------------------------------------------------------------------------------- Update Information: update to 0.3.3; add a python3 sub-package -------------------------------------------------------------------------------- References: [ 1 ] Bug #800116 - Bugs found in pyhunspell-0.1-6.fc17 using gcc-with-cpychecker static analyzer https://bugzilla.redhat.com/show_bug.cgi?id=800116 -------------------------------------------------------------------------------- ================================================================================ python-cpuinfo-0.1.8-1.fc23 (FEDORA-2015-ee2b85a7e1) Getting CPU info -------------------------------------------------------------------------------- Update Information: Update to 0.1.8 release (rh#1292653) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292653 - python-cpuinfo-0.1.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1292653 -------------------------------------------------------------------------------- ================================================================================ python-gertty-1.3.0-1.fc23 (FEDORA-2015-1109ad80f2) Gertty is a console-based interface to the Gerrit Code Review system -------------------------------------------------------------------------------- Update Information: New upstream release 1.3.0 -------------------------------------------------------------------------------- ================================================================================ python-pyudev-0.18.1-1.fc23 (FEDORA-2015-7eb77298d4) A libudev binding -------------------------------------------------------------------------------- Update Information: Changes: * Attributes class no longer extends Mapping. Since there are actually no known keys, it can not. Concrete methods inherited from mapping, which expect a known list of keys, e.g., keys(), values(), items are no longer defined. Attributes objects are not indexable or iterable, and have no length. A get() method with the usual semantics is explicitly defined and asint(), asstring(), asbool() methods continue to raise a KeyError (inappropriate in context where attribute keys are unknown but more backwards compatible). * DeviceNotFoundError no longer extends LookupError. There are no known keys for the device, so extending LookupError is semantically incorrect. * qt5 support added * discover module added * Device.from methods are deprecated; use equivalent Devices.from methods. * Device.from_device_file and Device.from_device_number should always raise subtype of DeviceNotFoundError. Previously, they might allow builtin exceptions from invocations in the implementation to propagate. * New methods Device.from_interface_index, from_kernel_device added. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1267584 - device.attributes.values likely to raise a KeyError https://bugzilla.redhat.com/show_bug.cgi?id=1267584 -------------------------------------------------------------------------------- ================================================================================ python-regex-2015.11.22-1.fc23 (FEDORA-2015-c99e3eadaa) Alternative regular expression module, to replace re -------------------------------------------------------------------------------- Update Information: Update to the latest stable version. -------------------------------------------------------------------------------- ================================================================================ python-requests-2.9.1-1.fc23 (FEDORA-2015-d08246dd90) HTTP library, written in Python, for human beings -------------------------------------------------------------------------------- Update Information: Latest upstreams. https://github.com/shazow/urllib3/blob/master/CHANGES.rst https://github.com/kennethreitz/requests/blob/master/HISTORY.rst -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292994 - python-urllib3-1.13.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1292994 -------------------------------------------------------------------------------- ================================================================================ python-urllib3-1.13.1-1.fc23 (FEDORA-2015-d08246dd90) Python HTTP library with thread-safe connection pooling and file post -------------------------------------------------------------------------------- Update Information: Latest upstreams. https://github.com/shazow/urllib3/blob/master/CHANGES.rst https://github.com/kennethreitz/requests/blob/master/HISTORY.rst -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292994 - python-urllib3-1.13.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1292994 -------------------------------------------------------------------------------- ================================================================================ qxmpp-0.9.3-1.fc23 (FEDORA-2015-9d8e2d3d18) Qt XMPP Library -------------------------------------------------------------------------------- Update Information: v0.9.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1288271 - qxmpp-v0.9.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1288271 -------------------------------------------------------------------------------- ================================================================================ rakudo-star-0.0.2015.11-3.fc23 (FEDORA-2015-df46d3e9f9) Rakudo, Perl6-modules and documentation -------------------------------------------------------------------------------- Update Information: new build that should also run at ppc architecture ---- rebuild to related nqp -------------------------------------------------------------------------------- ================================================================================ ripright-0.11-1.fc23 (FEDORA-2015-c927c62c9b) Minimal CD to FLAC ripper -------------------------------------------------------------------------------- Update Information: * Fix error when ripping to all (-a) and requiring cover art (-a). In such a case only the first cover art would be retrieved, and only the first returned result would therefore be ripped. * Fix compiler warning in ripCallback(). (Thanks to David Binderman for the report). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1235810 - Ripright confuses MUSICBRAINZ_ALBUMID and MUSICBRAINZ_RELEASEGROUPID https://bugzilla.redhat.com/show_bug.cgi?id=1235810 [ 2 ] Bug #1289553 - ripright-0.11 is available https://bugzilla.redhat.com/show_bug.cgi?id=1289553 -------------------------------------------------------------------------------- ================================================================================ rubber-1.4-1.fc23 (FEDORA-2015-90da2dcfe4) An automated system for building LaTeX documents -------------------------------------------------------------------------------- Update Information: Updated to version 1.4 of rubber. -------------------------------------------------------------------------------- ================================================================================ sqlite-3.9.2-1.fc23 (FEDORA-2015-96bc36aa45) Library that implements an embeddable SQL database engine -------------------------------------------------------------------------------- Update Information: Update of SQLite to latest upstream version. Includes (in srpm) amalgamation sources for stage2 builds ([related bug](https://bugzilla.redhat.com/show_bug.cgi?id=1273994)). ---- Updated sqlite with added amalgamation source distribution for stage2 builds. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1273994 - [REGRESSION] sqlite FTBFS during stage2 bootstrap - The 3.9 update requires tcl, that isn't available in stage2 https://bugzilla.redhat.com/show_bug.cgi?id=1273994 [ 2 ] Bug #1272630 - sqlite-3.9.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1272630 -------------------------------------------------------------------------------- ================================================================================ sxiv-1.3.2-1.fc23 (FEDORA-2015-ca6a071406) Simple (or small or suckless) X Image Viewer -------------------------------------------------------------------------------- Update Information: A new, bugfixversion of sxiv is available. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293180 - sxiv-v1.3.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1293180 -------------------------------------------------------------------------------- ================================================================================ tcl-mysqltcl-3.052-1.fc23 (FEDORA-2015-8bdf867ecf) MySQL interface for Tcl -------------------------------------------------------------------------------- Update Information: Update to release 3.052 to bugfix an issue related to multi-statement selects -------------------------------------------------------------------------------- ================================================================================ thermostat-1.4.2-2.fc23 (FEDORA-2015-70290d3f30) A monitoring and serviceability tool for OpenJDK -------------------------------------------------------------------------------- Update Information: Update to upstream 1.4.2 release. -------------------------------------------------------------------------------- ================================================================================ tlsdate-0.0.13-1.fc23 (FEDORA-2015-4038f3b861) Secure parasitic rdate replacement -------------------------------------------------------------------------------- Update Information: Initial package -------------------------------------------------------------------------------- References: [ 1 ] Bug #969723 - Review Request: tlsdate - Secure parasitic rdate replacement https://bugzilla.redhat.com/show_bug.cgi?id=969723 -------------------------------------------------------------------------------- ================================================================================ waf-1.8.17-1.fc23 (FEDORA-2015-522509fdd4) A Python-based build system -------------------------------------------------------------------------------- Update Information: Update to the latest release. New in WAF 1.8.17: * Added customizations that enable building whole projects from the build folder instead of * Added a project generator for Xcode 6 #1648 * Force scanner functions to run after task failures #1660 * Improved the Intel Fortran compiler detection #1655 * Added processing of chmod attributes on subst and rule when provided #1650 * Enabled global_define in conf.check() tests * Enabled usage of home folder/tilde ~ in Configure.find_files * Added usage of options.enable_gccdeps when provided by user scripts * Enabled 'waf -v' to catch invalid string on hcode values in Python3 * Fixed the function names returned by the `@conf` and `@run_once` decorators * Let 'subst' change permissions for all its files with chmod (not just the first one) * Added quoting for space-containing-arguments in print_commands.py -------------------------------------------------------------------------------- ================================================================================ xkeyboard-config-2.16-2.fc23 (FEDORA-2015-934f79dc89) X Keyboard Extension configuration data -------------------------------------------------------------------------------- Update Information: Add br(thinkpad) to the xml file (#1292881) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292881 - BR thinkpad keyboard layout not listed https://bugzilla.redhat.com/show_bug.cgi?id=1292881 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-omap-0.4.4-1.fc23 (FEDORA-2015-b896564870) Xorg X11 omapdrm driver -------------------------------------------------------------------------------- Update Information: Update to 0.4.4, Adds AM572x support -------------------------------------------------------------------------------- ================================================================================ zathura-0.3.4-1.fc23 (FEDORA-2015-92e8c29b46) A lightweight document viewer -------------------------------------------------------------------------------- Update Information: A new version of zathura is available. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293330 - zathura-0.3.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1293330 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
