The following Fedora 23 Security updates need testing: Age URL 142 https://bodhi.fedoraproject.org/updates/FEDORA-2015-12739 python-kdcproxy-0.3.2-1.fc23 124 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5eb2131441 conntrack-tools-1.4.2-9.fc23 95 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 82 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 82 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c76c1c84cf mod_nss-1.0.12-1.fc23 69 https://bodhi.fedoraproject.org/updates/FEDORA-2015-66439aa9e2 openstack-glance-2015.1.2-1.fc23 53 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 35 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4ad4998d00 libpng-1.6.17-3.fc23 26 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 25 https://bodhi.fedoraproject.org/updates/FEDORA-2015-28076d0830 thttpd-2.25b-35.fc23 25 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-36.fc23 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-abf9659276 php-PHPMailer-5.2.14-1.fc23 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-c80ec85542 libpng15-1.5.25-1.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6d473c95ee arts-1.5.10-30.fc23 13 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6e50918d8e kdelibs3-3.5.10-71.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2015-1c773e8702 shellinabox-2.19-1.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-277cc63d9f gwenhywfar-4.13.1-5.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a3c9048cdd php-horde-Horde-Core-2.22.4-1.fc23 php-horde-Horde-Perms-2.1.6-1.fc23 php-horde-Horde-Service-Weather-2.3.1-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2015-a7cbc13699 nodejs-handlebars-4.0.5-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-3868cfa17b libpng10-1.0.66-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2015-84b1635e90 sos-3.2-2.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-aa14be8d92 claws-mail-3.13.1-4.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-d7e5461dbf jenkins-1.625.3-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-39499d9af8 libpng12-1.2.56-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-44fb3501cc mingw-giflib-5.0.5-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-6dec4e6d5f mono-4.0.5-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-eef21b972e ruby-2.2.4-47.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-aa3a69bdc3 kea-0.9.2-4.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-5567dd228a mediawiki-1.26.2-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-247b517a18 bugzilla-4.4.11-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-30b347dff1 libvirt-1.2.18.2-1.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 35 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4ad4998d00 libpng-1.6.17-3.fc23 16 https://bodhi.fedoraproject.org/updates/FEDORA-2015-4a9c774398 bzip2-1.0.6-18.fc23 10 https://bodhi.fedoraproject.org/updates/FEDORA-2015-fc1856e9a5 menu-cache-1.0.1-1.fc23 9 https://bodhi.fedoraproject.org/updates/FEDORA-2015-f2ec2ce9c7 konsole-4.14.3-10.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2015-84f3581cb2 mesa-11.1.0-1.20151218.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2572ce7e27 boost-1.58.0-10.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-87b62a3124 pixman-0.33.6-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2015-2ae867c402 NetworkManager-1.0.10-1.fc23 NetworkManager-fortisslvpn-1.0.8-1.fc23 NetworkManager-openconnect-1.0.8-1.fc23 NetworkManager-openswan-1.0.8-1.fc23 NetworkManager-openvpn-1.0.8-1.fc23 NetworkManager-vpnc-1.0.8-1.fc23 network-manager-applet-1.0.10-1.fc23 The following builds have been pushed to Fedora 23 updates-testing NetworkManager-1.0.10-1.fc23 NetworkManager-fortisslvpn-1.0.8-1.fc23 NetworkManager-openconnect-1.0.8-1.fc23 NetworkManager-openswan-1.0.8-1.fc23 NetworkManager-openvpn-1.0.8-1.fc23 NetworkManager-vpnc-1.0.8-1.fc23 atanks-6.4-1.fc23 boost-1.58.0-10.fc23 bugzilla-4.4.11-1.fc23 cockpit-0.89-1.fc23 condor-8.5.1-1.fc23 cptutils-1.61-1.fc23 drbd-8.9.5-1.fc23 eiciel-0.9.11-1.fc23 engrampa-1.12.0-2.fc23 font-manager-0.7.2-3.fc23 gnome-calendar-3.18.2.1-1.fc23 golang-github-cpuguy83-go-md2man-1.0.4-1.fc23 gtg-0.3.1-8.fc23 icecat-38.5.0-1.fc23 indistarter-0.3.0-2.20151215svn.fc23 kBuild-0.1.9998-6.r2784.fc23 kea-0.9.2-4.fc23 libpst-0.6.66-1.fc23 libvirt-1.2.18.2-1.fc23 libvisio-0.1.4-1.fc23 lilypond-2.19.34-1.fc23 lilypond-doc-2.19.34-1.fc23 mediawiki-1.26.2-1.fc23 metis-5.1.0-8.fc23 mod_auth_mellon-0.11.0-3.fc23 mono-4.0.5-2.fc23 nacl-arm-gcc-4.9.2-7.git336bd0b.fc23 network-manager-applet-1.0.10-1.fc23 nodejs-encoding-0.1.12-1.fc23 nodejs-is-arrayish-0.2.1-2.fc23 openblas-0.2.15-2.fc23 openvas-libraries-8.0.6-1.fc23 openvas-manager-6.0.7-1.fc23 openvas-scanner-5.0.5-1.fc23 pixman-0.33.6-1.fc23 pure-ftpd-1.0.42-3.fc23 python-backports-ssl_match_hostname-3.5.0.1-1.fc23 qcustomplot-1.3.2-1.fc23 qt-creator-3.6.0-2.fc23 ruby-2.2.4-47.fc23 safelease-1.0-6.fc23 strace-4.11-1.fc23 supertux-0.4.0-1.fc23 tktable-2.10-8.fc23 wine-1.8-1.fc23 xorg-x11-drv-libinput-0.16.0-1.fc23 xrootd-4.2.3-3.fc23 xsd-4.0.0-11.fc23 xxdiff-4.0b1.20150712hg30158cd-1.fc23 Details about builds: ================================================================================ NetworkManager-1.0.10-1.fc23 (FEDORA-2015-2ae867c402) Network connection manager and user applications -------------------------------------------------------------------------------- Update Information: This is an update of NetworkManager, the applet, connection editor and the VPN plugins to the release 1.0.10 in the 1.0.x stable series. It fixes many bugs and adds several feature enhancements. Please consult the NEWS files in each package for detailed change description. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157817 - [RFE] Allow importing inline OpenVPN certificates (e.g. frootvpn.com) https://bugzilla.redhat.com/show_bug.cgi?id=1157817 [ 2 ] Bug #970752 - "Hotspot" connection cannot be edited https://bugzilla.redhat.com/show_bug.cgi?id=970752 [ 3 ] Bug #1247885 - can't connect to wifi: connect button is greyed out https://bugzilla.redhat.com/show_bug.cgi?id=1247885 [ 4 ] Bug #1281324 - [abrt] NetworkManager: __malloc_get_state(): NetworkManager killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1281324 [ 5 ] Bug #1255284 - Unable to use phone over bluetooth for internet connection https://bugzilla.redhat.com/show_bug.cgi?id=1255284 [ 6 ] Bug #1291906 - Unable to use docking station's ethernet adapter after connecting my running laptop to it https://bugzilla.redhat.com/show_bug.cgi?id=1291906 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-fortisslvpn-1.0.8-1.fc23 (FEDORA-2015-2ae867c402) NetworkManager VPN plugin for Fortinet compatible SSLVPN -------------------------------------------------------------------------------- Update Information: This is an update of NetworkManager, the applet, connection editor and the VPN plugins to the release 1.0.10 in the 1.0.x stable series. It fixes many bugs and adds several feature enhancements. Please consult the NEWS files in each package for detailed change description. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157817 - [RFE] Allow importing inline OpenVPN certificates (e.g. frootvpn.com) https://bugzilla.redhat.com/show_bug.cgi?id=1157817 [ 2 ] Bug #970752 - "Hotspot" connection cannot be edited https://bugzilla.redhat.com/show_bug.cgi?id=970752 [ 3 ] Bug #1247885 - can't connect to wifi: connect button is greyed out https://bugzilla.redhat.com/show_bug.cgi?id=1247885 [ 4 ] Bug #1281324 - [abrt] NetworkManager: __malloc_get_state(): NetworkManager killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1281324 [ 5 ] Bug #1255284 - Unable to use phone over bluetooth for internet connection https://bugzilla.redhat.com/show_bug.cgi?id=1255284 [ 6 ] Bug #1291906 - Unable to use docking station's ethernet adapter after connecting my running laptop to it https://bugzilla.redhat.com/show_bug.cgi?id=1291906 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-openconnect-1.0.8-1.fc23 (FEDORA-2015-2ae867c402) NetworkManager VPN plugin for openconnect -------------------------------------------------------------------------------- Update Information: This is an update of NetworkManager, the applet, connection editor and the VPN plugins to the release 1.0.10 in the 1.0.x stable series. It fixes many bugs and adds several feature enhancements. Please consult the NEWS files in each package for detailed change description. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157817 - [RFE] Allow importing inline OpenVPN certificates (e.g. frootvpn.com) https://bugzilla.redhat.com/show_bug.cgi?id=1157817 [ 2 ] Bug #970752 - "Hotspot" connection cannot be edited https://bugzilla.redhat.com/show_bug.cgi?id=970752 [ 3 ] Bug #1247885 - can't connect to wifi: connect button is greyed out https://bugzilla.redhat.com/show_bug.cgi?id=1247885 [ 4 ] Bug #1281324 - [abrt] NetworkManager: __malloc_get_state(): NetworkManager killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1281324 [ 5 ] Bug #1255284 - Unable to use phone over bluetooth for internet connection https://bugzilla.redhat.com/show_bug.cgi?id=1255284 [ 6 ] Bug #1291906 - Unable to use docking station's ethernet adapter after connecting my running laptop to it https://bugzilla.redhat.com/show_bug.cgi?id=1291906 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-openswan-1.0.8-1.fc23 (FEDORA-2015-2ae867c402) NetworkManager VPN plug-in for openswan and libreswan -------------------------------------------------------------------------------- Update Information: This is an update of NetworkManager, the applet, connection editor and the VPN plugins to the release 1.0.10 in the 1.0.x stable series. It fixes many bugs and adds several feature enhancements. Please consult the NEWS files in each package for detailed change description. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157817 - [RFE] Allow importing inline OpenVPN certificates (e.g. frootvpn.com) https://bugzilla.redhat.com/show_bug.cgi?id=1157817 [ 2 ] Bug #970752 - "Hotspot" connection cannot be edited https://bugzilla.redhat.com/show_bug.cgi?id=970752 [ 3 ] Bug #1247885 - can't connect to wifi: connect button is greyed out https://bugzilla.redhat.com/show_bug.cgi?id=1247885 [ 4 ] Bug #1281324 - [abrt] NetworkManager: __malloc_get_state(): NetworkManager killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1281324 [ 5 ] Bug #1255284 - Unable to use phone over bluetooth for internet connection https://bugzilla.redhat.com/show_bug.cgi?id=1255284 [ 6 ] Bug #1291906 - Unable to use docking station's ethernet adapter after connecting my running laptop to it https://bugzilla.redhat.com/show_bug.cgi?id=1291906 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-openvpn-1.0.8-1.fc23 (FEDORA-2015-2ae867c402) NetworkManager VPN plugin for OpenVPN -------------------------------------------------------------------------------- Update Information: This is an update of NetworkManager, the applet, connection editor and the VPN plugins to the release 1.0.10 in the 1.0.x stable series. It fixes many bugs and adds several feature enhancements. Please consult the NEWS files in each package for detailed change description. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157817 - [RFE] Allow importing inline OpenVPN certificates (e.g. frootvpn.com) https://bugzilla.redhat.com/show_bug.cgi?id=1157817 [ 2 ] Bug #970752 - "Hotspot" connection cannot be edited https://bugzilla.redhat.com/show_bug.cgi?id=970752 [ 3 ] Bug #1247885 - can't connect to wifi: connect button is greyed out https://bugzilla.redhat.com/show_bug.cgi?id=1247885 [ 4 ] Bug #1281324 - [abrt] NetworkManager: __malloc_get_state(): NetworkManager killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1281324 [ 5 ] Bug #1255284 - Unable to use phone over bluetooth for internet connection https://bugzilla.redhat.com/show_bug.cgi?id=1255284 [ 6 ] Bug #1291906 - Unable to use docking station's ethernet adapter after connecting my running laptop to it https://bugzilla.redhat.com/show_bug.cgi?id=1291906 -------------------------------------------------------------------------------- ================================================================================ NetworkManager-vpnc-1.0.8-1.fc23 (FEDORA-2015-2ae867c402) NetworkManager VPN plugin for vpnc -------------------------------------------------------------------------------- Update Information: This is an update of NetworkManager, the applet, connection editor and the VPN plugins to the release 1.0.10 in the 1.0.x stable series. It fixes many bugs and adds several feature enhancements. Please consult the NEWS files in each package for detailed change description. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157817 - [RFE] Allow importing inline OpenVPN certificates (e.g. frootvpn.com) https://bugzilla.redhat.com/show_bug.cgi?id=1157817 [ 2 ] Bug #970752 - "Hotspot" connection cannot be edited https://bugzilla.redhat.com/show_bug.cgi?id=970752 [ 3 ] Bug #1247885 - can't connect to wifi: connect button is greyed out https://bugzilla.redhat.com/show_bug.cgi?id=1247885 [ 4 ] Bug #1281324 - [abrt] NetworkManager: __malloc_get_state(): NetworkManager killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1281324 [ 5 ] Bug #1255284 - Unable to use phone over bluetooth for internet connection https://bugzilla.redhat.com/show_bug.cgi?id=1255284 [ 6 ] Bug #1291906 - Unable to use docking station's ethernet adapter after connecting my running laptop to it https://bugzilla.redhat.com/show_bug.cgi?id=1291906 -------------------------------------------------------------------------------- ================================================================================ atanks-6.4-1.fc23 (FEDORA-2015-6a3d595972) Remake of a classic DOS game "Scorched Earth" -------------------------------------------------------------------------------- Update Information: Latest upstream bugfix release. -------------------------------------------------------------------------------- ================================================================================ boost-1.58.0-10.fc23 (FEDORA-2015-2572ce7e27) The free peer-reviewed portable C++ source libraries -------------------------------------------------------------------------------- Update Information: This update adds the boost-doctools subpackage, which provides the tools needed to generate documentation using the `quickbook` program, and the BoostBook stylesheets. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1244268 - No package contains boost's boostbook and quickbook tools https://bugzilla.redhat.com/show_bug.cgi?id=1244268 -------------------------------------------------------------------------------- ================================================================================ bugzilla-4.4.11-1.fc23 (FEDORA-2015-247b517a18) Bug tracking system -------------------------------------------------------------------------------- Update Information: The following security issues have been discovered in Bugzilla: * Unfiltered HTML injected into a dependency graph could be used to create a cross-site scripting attack. * Some web browsers incorrectly parse CSV files as valid JavaScript code which could lead to data leak. This updates fixes these flaws. -------------------------------------------------------------------------------- ================================================================================ cockpit-0.89-1.fc23 (FEDORA-2015-60bfc96a52) A user interface for Linux servers -------------------------------------------------------------------------------- Update Information: - * Start routine testing of Cockpit on Debian Unstable - * Make the config file case insensitive - * Reorder graphs on server summary page - * Don't suggest syncing users when adding a machine to dashboard - * Enable weak dependencies for F24+ - * Show correct data in per interface network graphs - * Fix the Vagrantfile to pull in latest Cockpit - * Add Content-Security-Policy header support -------------------------------------------------------------------------------- ================================================================================ condor-8.5.1-1.fc23 (FEDORA-2015-bc996f66f9) Condor: High Throughput Computing -------------------------------------------------------------------------------- Update Information: Update to latest upstream version (8.5.1) -------------------------------------------------------------------------------- ================================================================================ cptutils-1.61-1.fc23 (FEDORA-2015-0d357f980c) Utilities to manipulate and translate color gradients -------------------------------------------------------------------------------- Update Information: - Fix for UCS-2 to UTF-8 conversion of Japanese names titles in pssvg ---- - added svga colour support to svgx - use of uninitialised value bug in ggr.c fixed, many thanks to David Binderman for spotting this. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293506 - cptutils-1.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1293506 [ 2 ] Bug #1292642 - cptutils-1.60 is available https://bugzilla.redhat.com/show_bug.cgi?id=1292642 -------------------------------------------------------------------------------- ================================================================================ drbd-8.9.5-1.fc23 (FEDORA-2015-54f0e19612) DRBD user-land tools and scripts -------------------------------------------------------------------------------- Update Information: New upstream version 8.9.5. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292629 - drbd-8.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1292629 -------------------------------------------------------------------------------- ================================================================================ eiciel-0.9.11-1.fc23 (FEDORA-2015-bdc9082cca) Graphical editor for ACLs and xattr -------------------------------------------------------------------------------- Update Information: Update from 0.9.10 to 0.9.11. Eiciel is now available in 16 languages. The Novell Language team has kindly contributed 13 translations and updated 3 existing ones. -------------------------------------------------------------------------------- ================================================================================ engrampa-1.12.0-2.fc23 (FEDORA-2015-ea91b4d6f3) MATE Desktop file archiver -------------------------------------------------------------------------------- Update Information: - fix for p7zip 15.09+ -------------------------------------------------------------------------------- ================================================================================ font-manager-0.7.2-3.fc23 (FEDORA-2015-7654070868) A simple font management application for Gtk+ Desktop Environments -------------------------------------------------------------------------------- Update Information: Removed the nautilus requirement for the main package, thanks Leigh for the patch. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293704 - font-manager enforces to install nautilus https://bugzilla.redhat.com/show_bug.cgi?id=1293704 -------------------------------------------------------------------------------- ================================================================================ gnome-calendar-3.18.2.1-1.fc23 (FEDORA-2015-8fbeecadf5) Simple and beautiful calendar application designed to fit GNOME 3 -------------------------------------------------------------------------------- Update Information: Update to 3.18.2.1 -------------------------------------------------------------------------------- ================================================================================ golang-github-cpuguy83-go-md2man-1.0.4-1.fc23 (FEDORA-2015-ac2c99b4cc) Process markdown into manpages -------------------------------------------------------------------------------- Update Information: This package needs to be updated to handle {} -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291379 - This package needs to be updated to handle {} https://bugzilla.redhat.com/show_bug.cgi?id=1291379 -------------------------------------------------------------------------------- ================================================================================ gtg-0.3.1-8.fc23 (FEDORA-2015-8532b8f1f5) Personal organizer for the GNOME desktop -------------------------------------------------------------------------------- Update Information: - Added patch to remove dependence on pdftk - notify-python is already a dep - no change required for python-dateutil -------------------------------------------------------------------------------- References: [ 1 ] Bug #1183346 - Update gtg Requires for python-dateutil https://bugzilla.redhat.com/show_bug.cgi?id=1183346 [ 2 ] Bug #1133565 - Cannot enable export plugin due to missing dependency (pdftk) https://bugzilla.redhat.com/show_bug.cgi?id=1133565 [ 3 ] Bug #1199610 - [abrt] gtg: notification.py:64:uinit_pynotify:NameError: global name 'pynotify' is not defined https://bugzilla.redhat.com/show_bug.cgi?id=1199610 -------------------------------------------------------------------------------- ================================================================================ icecat-38.5.0-1.fc23 (FEDORA-2015-56c0357dec) GNU version of Firefox browser -------------------------------------------------------------------------------- Update Information: - Update to 38.5.0 -------------------------------------------------------------------------------- ================================================================================ indistarter-0.3.0-2.20151215svn.fc23 (FEDORA-2015-dac01079ba) GUI to start, stop and control an INDI server -------------------------------------------------------------------------------- Update Information: Updating to 0.3.0 : integrate Fedora patches into upstream plus minor bugfix for connecting to remote INDI server -------------------------------------------------------------------------------- ================================================================================ kBuild-0.1.9998-6.r2784.fc23 (FEDORA-2015-9c71fa56d2) A cross-platform build environment -------------------------------------------------------------------------------- Update Information: Add support for aarch64 (#1291091). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1291091 - kBuild FTBFS on aarch64 https://bugzilla.redhat.com/show_bug.cgi?id=1291091 -------------------------------------------------------------------------------- ================================================================================ kea-0.9.2-4.fc23 (FEDORA-2015-aa3a69bdc3) DHCPv4, DHCPv6 and DDNS server from ISC -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2015-8373 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293857 - CVE-2015-8373 kea: unexpected termination while handling a malformed packet https://bugzilla.redhat.com/show_bug.cgi?id=1293857 -------------------------------------------------------------------------------- ================================================================================ libpst-0.6.66-1.fc23 (FEDORA-2015-f308d8c74c) Utilities to convert Outlook .pst files to other formats -------------------------------------------------------------------------------- Update Information: Added Content-ID header support -------------------------------------------------------------------------------- ================================================================================ libvirt-1.2.18.2-1.fc23 (FEDORA-2015-30b347dff1) Library providing a simple virtualization API -------------------------------------------------------------------------------- Update Information: * Rebased to version 1.2.18.2 * disk backend is not removed properly when disk frontent hotplug fails (bz #1265968) * Fix TPM cancel path on newer kernels (bz #1244895) * Remove timeout for libvirt-guests.service (bz #1195544) * CVE-2015-5313 libvirt: filesystem storage volume names path traversal flaw (bz #1291433) * Fix VM names with non-ascii (bz #1062943) * Fix backwards migration with graphics listen address (bz #1276883) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1277121 - CVE-2015-5313 libvirt: filesystem storage volume names path traversal flaw https://bugzilla.redhat.com/show_bug.cgi?id=1277121 -------------------------------------------------------------------------------- ================================================================================ libvisio-0.1.4-1.fc23 (FEDORA-2015-556c6aff5b) A library for import of Microsoft Visio diagrams -------------------------------------------------------------------------------- Update Information: new upstream release -------------------------------------------------------------------------------- ================================================================================ lilypond-2.19.34-1.fc23 (FEDORA-2015-1f334edf4d) A typesetting system for music notation -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ================================================================================ lilypond-doc-2.19.34-1.fc23 (FEDORA-2015-1f334edf4d) HTML documentation for LilyPond -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ================================================================================ mediawiki-1.26.2-1.fc23 (FEDORA-2015-5567dd228a) A wiki engine -------------------------------------------------------------------------------- Update Information: Changes since 1.26.1 * (bug T121892) Various special pages resulted in fatal errors. Changes since 1.26.0 * (bug T117899) SECURITY: $wgArticlePath can no longer be set to relative paths that do not begin with a slash. This enabled trivial XSS attacks. Configuration values such as "http://my.wiki.com/wiki/$1"; are fine, as are "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now throw an error * (bug T119309) SECURITY: Use hash_compare() for edit token comparison * (bug T118032) SECURITY: Don't allow cURL to interpret POST parameters starting with '@' as file uploads * (bug T115522) SECURITY: Passwords generated by User::randomPassword() can no longer be shorter than $wgMinimalPasswordLength * (bug T97897) SECURITY: Improve IP parsing and trimming. Previous behavior could result in improper blocks being issued * (bug T109724) SECURITY: Special:MyPage, Special:MyTalk, Special:MyContributions and related pages no longer use HTTP redirects and are now redirected by MediaWiki * Fixed ConfigException in ExpandTemplates due to AlwaysUseTidy. * Fixed stray literal \n in Special:Search. * Fix issue that breaks HHVM Repo Authorative mode. * (bug T120267) Work around APCu memory corruption bug -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293847 - mediawiki: multiple flaws fixed in 1.26.1, 1.25.4, 1.24.5, and 1.23.12 https://bugzilla.redhat.com/show_bug.cgi?id=1293847 -------------------------------------------------------------------------------- ================================================================================ metis-5.1.0-8.fc23 (FEDORA-2015-5b5d574264) Serial Graph Partitioning and Fill-reducing Matrix Ordering -------------------------------------------------------------------------------- Update Information: - Used always 'cmake' command -------------------------------------------------------------------------------- ================================================================================ mod_auth_mellon-0.11.0-3.fc23 (FEDORA-2015-ce9b506a81) A SAML 2.0 authentication module for the Apache Httpd Server -------------------------------------------------------------------------------- Update Information: Fixes lasso warning appearing in Apache log file concerning assertion '_lasso_provider_get_role_index(role)' failed -------------------------------------------------------------------------------- ================================================================================ mono-4.0.5-2.fc23 (FEDORA-2015-6dec4e6d5f) Cross-platform, Open Source, .NET development framework -------------------------------------------------------------------------------- Update Information: apply patch for security issue CVE-2009-0689 (#1293638) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293639 - mono: Converting specially crafted string to float causes crash and possible code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1293639 -------------------------------------------------------------------------------- ================================================================================ nacl-arm-gcc-4.9.2-7.git336bd0b.fc23 (FEDORA-2015-72aa416ea5) Various compilers (C, C++) for nacl (ARM) -------------------------------------------------------------------------------- Update Information: arm cross gcc for chromium -------------------------------------------------------------------------------- References: [ 1 ] Bug #1270368 - Review Request: nacl-arm-gcc - Various compilers (C, C++) for nacl (ARM) https://bugzilla.redhat.com/show_bug.cgi?id=1270368 -------------------------------------------------------------------------------- ================================================================================ network-manager-applet-1.0.10-1.fc23 (FEDORA-2015-2ae867c402) A network control and status applet for NetworkManager -------------------------------------------------------------------------------- Update Information: This is an update of NetworkManager, the applet, connection editor and the VPN plugins to the release 1.0.10 in the 1.0.x stable series. It fixes many bugs and adds several feature enhancements. Please consult the NEWS files in each package for detailed change description. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1157817 - [RFE] Allow importing inline OpenVPN certificates (e.g. frootvpn.com) https://bugzilla.redhat.com/show_bug.cgi?id=1157817 [ 2 ] Bug #970752 - "Hotspot" connection cannot be edited https://bugzilla.redhat.com/show_bug.cgi?id=970752 [ 3 ] Bug #1247885 - can't connect to wifi: connect button is greyed out https://bugzilla.redhat.com/show_bug.cgi?id=1247885 [ 4 ] Bug #1281324 - [abrt] NetworkManager: __malloc_get_state(): NetworkManager killed by SIGABRT https://bugzilla.redhat.com/show_bug.cgi?id=1281324 [ 5 ] Bug #1255284 - Unable to use phone over bluetooth for internet connection https://bugzilla.redhat.com/show_bug.cgi?id=1255284 [ 6 ] Bug #1291906 - Unable to use docking station's ethernet adapter after connecting my running laptop to it https://bugzilla.redhat.com/show_bug.cgi?id=1291906 -------------------------------------------------------------------------------- ================================================================================ nodejs-encoding-0.1.12-1.fc23 (FEDORA-2015-b8f825e4b8) Convert encodings, uses iconv by default and falls back to iconv-lite if needed -------------------------------------------------------------------------------- Update Information: Update to 0.1.12 -------------------------------------------------------------------------------- ================================================================================ nodejs-is-arrayish-0.2.1-2.fc23 (FEDORA-2015-c476a736d0) Check if an object can be used like an Array -------------------------------------------------------------------------------- Update Information: Enable tests as we have new coffee-script in rawhide -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293204 - Review Request: nodejs-is-arrayish - Check if an object can be used like an Array https://bugzilla.redhat.com/show_bug.cgi?id=1293204 -------------------------------------------------------------------------------- ================================================================================ openblas-0.2.15-2.fc23 (FEDORA-2015-c01db2e7ae) An optimized BLAS library based on GotoBLAS2 -------------------------------------------------------------------------------- Update Information: Enabled ARMv7 and PPC64le (POWER 8) architectures. Built 64-bit interface libraries with additional symbol suffixes, allowing for the library to be used in a same program with both the 32-bit and 64-bit interfaces. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1222075 - Please enable building on ARM https://bugzilla.redhat.com/show_bug.cgi?id=1222075 [ 2 ] Bug #1287541 - Shipping libopenblas?64_.so with symbol suffix https://bugzilla.redhat.com/show_bug.cgi?id=1287541 [ 3 ] Bug #1287105 - enable support ppc64/ppc64le and arm https://bugzilla.redhat.com/show_bug.cgi?id=1287105 -------------------------------------------------------------------------------- ================================================================================ openvas-libraries-8.0.6-1.fc23 (FEDORA-2015-46d2edfcbc) Support libraries for Open Vulnerability Assessment (OpenVAS) Scanner -------------------------------------------------------------------------------- Update Information: bump version -------------------------------------------------------------------------------- ================================================================================ openvas-manager-6.0.7-1.fc23 (FEDORA-2015-d32438b358) Manager Module for the Open Vulnerability Assessment System (OpenVAS) -------------------------------------------------------------------------------- Update Information: bump version -------------------------------------------------------------------------------- ================================================================================ openvas-scanner-5.0.5-1.fc23 (FEDORA-2015-2437aa7c80) Open Vulnerability Assessment (OpenVAS) Scanner -------------------------------------------------------------------------------- Update Information: bump version -------------------------------------------------------------------------------- ================================================================================ pixman-0.33.6-1.fc23 (FEDORA-2015-87b62a3124) Pixel manipulation library -------------------------------------------------------------------------------- Update Information: New development version of pixman - 0.33.6 -------------------------------------------------------------------------------- ================================================================================ pure-ftpd-1.0.42-3.fc23 (FEDORA-2015-32023d1c6d) Lightweight, fast and secure FTP server -------------------------------------------------------------------------------- Update Information: Remove executable permission bits from pure-ftpd systemd unit -------------------------------------------------------------------------------- ================================================================================ python-backports-ssl_match_hostname-3.5.0.1-1.fc23 (FEDORA-2015-c739217688) The ssl.match_hostname() function from Python 3 -------------------------------------------------------------------------------- Update Information: New upstream update that adds support for verifying hosts via ServerAltName IPAddress fields. Prior to this release hosts could be identified by DNS Name ServerAltName but IPAddress ServerAltName was ignored. -------------------------------------------------------------------------------- ================================================================================ qcustomplot-1.3.2-1.fc23 (FEDORA-2015-73549465d5) Qt widget for plotting and data visualization -------------------------------------------------------------------------------- Update Information: Update to version 1.3.2, see http://www.qcustomplot.com/release/1.3.2/changelog.txt for details. -------------------------------------------------------------------------------- ================================================================================ qt-creator-3.6.0-2.fc23 (FEDORA-2015-44dcd8cd5d) Cross-platform IDE for Qt -------------------------------------------------------------------------------- Update Information: This update adds the clang code model plugin. ---- Update to version 3.6.0, see http://code.qt.io/cgit/qt-creator/qt- creator.git/tree/dist/changes-3.6.0.md?h=3.6 for details. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1290682 - [abrt] qt-creator: CPlusPlus::LiteralTable<CPlusPlus::Identifier>::findOrInsertLiteral(): qtcreator killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1290682 -------------------------------------------------------------------------------- ================================================================================ ruby-2.2.4-47.fc23 (FEDORA-2015-eef21b972e) An interpreter of object-oriented scripting language -------------------------------------------------------------------------------- Update Information: Update to Ruby 2.2.4 including security fix for CVE-2009-5147 and CVE-2015-7551. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1248935 - CVE-2009-5147 CVE-2015-7551 ruby: DL::dlopen could open a library with tainted library name https://bugzilla.redhat.com/show_bug.cgi?id=1248935 -------------------------------------------------------------------------------- ================================================================================ safelease-1.0-6.fc23 (FEDORA-2015-7cae850cb8) Legacy locking utility for VDSM -------------------------------------------------------------------------------- Update Information: Adding target for rpm and srpm to make file to ease build process -------------------------------------------------------------------------------- ================================================================================ strace-4.11-1.fc23 (FEDORA-2015-bb04a0e0a0) Tracks and displays system calls associated with a running process -------------------------------------------------------------------------------- Update Information: New upstream release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1251176 - None https://bugzilla.redhat.com/show_bug.cgi?id=1251176 -------------------------------------------------------------------------------- ================================================================================ supertux-0.4.0-1.fc23 (FEDORA-2015-61e70db369) Jump'n run like game -------------------------------------------------------------------------------- Update Information: Update to 0.4.0 (#1293182) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1293182 - supertux-0.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1293182 -------------------------------------------------------------------------------- ================================================================================ tktable-2.10-8.fc23 (FEDORA-2015-ba830fe903) Table/matrix widget extension to Tcl/Tk -------------------------------------------------------------------------------- Update Information: - Update to 2.10 - Set tclConfig in EPEL5 - Set tests in EPEL5 - tkTable.test adjusted according to the error message in newer versions of tk (bz#1272652#c9) - Making 'Make' sensitive to failed tests (bz#1272652#c9) - Failures not checked in EPEL7 -------------------------------------------------------------------------------- ================================================================================ wine-1.8-1.fc23 (FEDORA-2015-68437606ea) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: Version 1.8 https://www.winehq.org/announce/1.8 -------------------------------------------------------------------------------- ================================================================================ xorg-x11-drv-libinput-0.16.0-1.fc23 (FEDORA-2015-ae7e6a8cec) Xorg X11 libinput input driver -------------------------------------------------------------------------------- Update Information: xf86-input-libinput 0.16.0 -------------------------------------------------------------------------------- ================================================================================ xrootd-4.2.3-3.fc23 (FEDORA-2015-1a73602cd2) Extended ROOT file server -------------------------------------------------------------------------------- Update Information: - Fix segfault due to pthread clean-up functions - Fix for c++11 usage in ceph (backport from upstream git) - Doxygen fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1278968 - crash on exit https://bugzilla.redhat.com/show_bug.cgi?id=1278968 -------------------------------------------------------------------------------- ================================================================================ xsd-4.0.0-11.fc23 (FEDORA-2015-2621168633) W3C XML schema to C++ data binding compiler -------------------------------------------------------------------------------- Update Information: - Rebuild for libcutl -------------------------------------------------------------------------------- ================================================================================ xxdiff-4.0b1.20150712hg30158cd-1.fc23 (FEDORA-2015-82b85c4b29) Graphical file and directories comparator and merge tool -------------------------------------------------------------------------------- Update Information: Update to 4.0b1 hg snapshot 30158cd -------------------------------------------------------------------------------- References: [ 1 ] Bug #994982 - xxdiff-4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=994982 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
