The following Fedora 23 Security updates need testing: Age URL 130 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 88 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 61 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 51 https://bodhi.fedoraproject.org/updates/FEDORA-2015-abf9659276 php-PHPMailer-5.2.14-1.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 11 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1c10ab3c35 moodle-2.9.4-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8bb1932088 ntp-4.2.6p5-36.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-29995fbd42 privoxy-3.0.23-3.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2256c80a94 openstack-swift-2.3.0-3.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b62d19661f imlib2-1.4.7-1.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe5b9da308 openstack-heat-2015.1.2-2.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2f25d12c51 kernel-4.3.4-300.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-25ab518a58 nodejs-is-my-json-valid-2.12.4-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fd3428577d nginx-1.8.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c12fa80d79 firefox-44.0-3.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b02ad4e424 ecryptfs-utils-109-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-57bebab3b6 curl-7.43.0-5.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-5a5c85c5a8 prosody-0.9.10-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d9d394d999 krb5-1.14-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e55278763e phpMyAdmin-4.5.4-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-527018d2ff openssl-1.0.2f-1.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2f25d12c51 kernel-4.3.4-300.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b62d19661f imlib2-1.4.7-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-527018d2ff openssl-1.0.2f-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-32b57d1a0b kate-15.12.1-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ff95ce634d gtk3-3.18.7-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d9d394d999 krb5-1.14-7.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-57bebab3b6 curl-7.43.0-5.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c12fa80d79 firefox-44.0-3.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-7cfcca41b5 llvm-3.7.0-4.fc23 The following builds have been pushed to Fedora 23 updates-testing atomic-devmode-0.3.1-1.fc23 bluedevil-5.5.4-1.fc23 breeze-gtk-5.5.4-1.fc23 cmark-0.23.0-3.fc23 gammaray-2.4.0-1.fc23 globus-gssapi-gsi-11.26-1.fc23 gtk3-3.18.7-1.fc23 hawaii-icon-theme-0.5.92-1.fc23 hitch-1.1.1-1.fc23 kate-15.12.1-2.fc23 kde-cli-tools-5.5.4-1.fc23 kde-gtk-config-5.5.4-1.fc23 kdecoration-5.5.4-1.fc23 kdeplasma-addons-5.5.4-1.fc23 kf5-kwayland-5.5.4-1.fc23 kgamma-5.5.4-1.fc23 khelpcenter-5.5.4-1.fc23 khotkeys-5.5.4-1.fc23 kinfocenter-5.5.4-1.fc23 kmenuedit-5.5.4-1.fc23 krb5-1.14-7.fc23 kscreen-5.5.4-1.fc23 kscreenlocker-5.5.4-1.fc23 ksshaskpass-5.5.4-1.fc23 ksysguard-5.5.4-1.fc23 kwayland-integration-5.5.4-1.fc23 kwin-5.5.4-1.fc23 kwrited-5.5.4-1.fc23 libkscreen-qt5-5.5.4-1.fc23 libksysguard-5.5.4-1.fc23 libzip-1.1-1.fc23 memtest86+-5.01-11.fc23 muon-5.5.4-1.fc23 openscap-daemon-0.1.2-1.fc23 openssl-1.0.2f-1.fc23 perl-DateTime-TimeZone-1.95-1.fc23 perl-File-Path-Tiny-0.8-1.fc23 perl-POE-Filter-HTTP-Parser-1.08-1.fc23 phpMyAdmin-4.5.4-1.fc23 plasma-breeze-5.5.4-1.fc23 plasma-desktop-5.5.4-1.fc23 plasma-mediacenter-5.5.4-1.fc23 plasma-milou-5.5.4-1.fc23 plasma-nm-5.5.4-1.fc23 plasma-oxygen-5.5.4-1.fc23 plasma-pa-5.5.4-1.fc23 plasma-sdk-5.5.4-1.fc23 plasma-systemsettings-5.5.4-1.fc23 plasma-workspace-5.5.4-1.fc23 plasma-workspace-wallpapers-5.5.4-1.fc23 polkit-kde-5.5.4-1.fc23 powerdevil-5.5.4-1.fc23 prosody-0.9.10-1.fc23 purple-plugin_pack-2.7.0-2.fc23 pysnmp-4.3.1-1.fc23 python-virtualenv-clone-0.2.6-2.fc23 qt5-qtdeclarative-5.5.1-4.fc23 rubygem-mini_portile2-2.1.0-1.fc23 rubygem-nokogiri-1.6.7.2-1.fc23 sddm-kcm-5.5.4-1.fc23 speed-dreams-2.2.0-0.3.20160111svn6344.beta1.fc23 vte291-0.42.3-1.fc23 wine-1.9.2-1.fc23 ypbind-1.38-4.fc23 Details about builds: ================================================================================ atomic-devmode-0.3.1-1.fc23 (FEDORA-2016-5167b8f322) Atomic Developer Mode -------------------------------------------------------------------------------- Update Information: Upstream release v0.3.1 -------------------------------------------------------------------------------- ================================================================================ bluedevil-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Bluetooth stack for KDE -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ breeze-gtk-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Breeze widget theme for Gtk2 and Gtk3 -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ cmark-0.23.0-3.fc23 (FEDORA-2016-cac4f03fc2) CommonMark parsing and rendering -------------------------------------------------------------------------------- Update Information: CommonMark parsing and rendering -------------------------------------------------------------------------------- References: [ 1 ] Bug #1266429 - Review Request: cmark - CommonMark parsing and rendering https://bugzilla.redhat.com/show_bug.cgi?id=1266429 -------------------------------------------------------------------------------- ================================================================================ gammaray-2.4.0-1.fc23 (FEDORA-2016-ceda143d7d) A tool for examining internals of Qt applications -------------------------------------------------------------------------------- Update Information: Gammaray 2.4.0 release. -------------------------------------------------------------------------------- ================================================================================ globus-gssapi-gsi-11.26-1.fc23 (FEDORA-2016-fe2b50580b) Globus Toolkit - GSSAPI library -------------------------------------------------------------------------------- Update Information: ix FORCE_TLS setting to allow TLSv1.1 and TLS1.2, not just TLSv1.0 -------------------------------------------------------------------------------- ================================================================================ gtk3-3.18.7-1.fc23 (FEDORA-2016-ff95ce634d) The GIMP ToolKit (GTK+), a library for creating GUIs for X -------------------------------------------------------------------------------- Update Information: This update collects upstream bug fixes and translation updates. -------------------------------------------------------------------------------- ================================================================================ hawaii-icon-theme-0.5.92-1.fc23 (FEDORA-2016-a3151f11fd) Icon themes for Hawaii desktop environment -------------------------------------------------------------------------------- Update Information: Update Hawaii desktop icon theme to the latest release -------------------------------------------------------------------------------- ================================================================================ hitch-1.1.1-1.fc23 (FEDORA-2016-afc34352e6) Network proxy that terminates TLS/SSL connections -------------------------------------------------------------------------------- Update Information: New upstream release. A bugfix relase. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302474 - hitch-1.1.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1302474 -------------------------------------------------------------------------------- ================================================================================ kate-15.12.1-2.fc23 (FEDORA-2016-32b57d1a0b) Advanced Text Editor -------------------------------------------------------------------------------- Update Information: Fix kwrite application icon packaging. -------------------------------------------------------------------------------- ================================================================================ kde-cli-tools-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Tools based on KDE Frameworks 5 to better interact with the system -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kde-gtk-config-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Configure the appearance of GTK apps in KDE -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kdecoration-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) A plugin-based library to create window decorations -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kdeplasma-addons-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Additional Plasmoids for Plasma 5 -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kf5-kwayland-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE Frameworks 5 library that wraps Client and Server Wayland libraries -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kgamma-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) A monitor calibration tool -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ khelpcenter-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Show documentation for KDE applications -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ khotkeys-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Application to configure hotkeys in KDE -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kinfocenter-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE Info Center -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kmenuedit-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE menu editor -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ krb5-1.14-7.fc23 (FEDORA-2016-d9d394d999) The Kerberos network authentication system -------------------------------------------------------------------------------- Update Information: Fix three kadmin vulnerabilities: CVE-2015-8629, CVE-2015-8630, CVE-2015-8631 -------------------------------------------------------------------------------- ================================================================================ kscreen-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE Display Management software -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kscreenlocker-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Library and components for secure lock screen architecture -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ ksshaskpass-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) A ssh-add helper that uses kwallet and kpassworddialog -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ ksysguard-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE Process Management application -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kwayland-integration-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Provides integration plugins for various KDE Frameworks for Wayland -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kwin-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE Window manager -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ kwrited-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE Write Daemon -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ libkscreen-qt5-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE display configuration library -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ libksysguard-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Library for managing processes running on the system -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ libzip-1.1-1.fc23 (FEDORA-2016-b3ffa9c89f) C library for reading, creating, and modifying zip archives -------------------------------------------------------------------------------- Update Information: **Version 1.1** [2016/01/26] * ziptool(1): command line tool to modify zip archives * Speedups for archives with many entries * Coverity fixes * Better APK support * Portability fixes * Documentation improvements -------------------------------------------------------------------------------- ================================================================================ memtest86+-5.01-11.fc23 (FEDORA-2016-1a840cc07e) Stand-alone memory tester for x86 and x86-64 computers -------------------------------------------------------------------------------- Update Information: This is an update fixing FTBFS. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1239675 - memtest86+: FTBFS in rawhide https://bugzilla.redhat.com/show_bug.cgi?id=1239675 -------------------------------------------------------------------------------- ================================================================================ muon-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE and Plasma resources management GUI -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ openscap-daemon-0.1.2-1.fc23 (FEDORA-2016-355ea694f2) Manages continuous SCAP scans of your infrastructure -------------------------------------------------------------------------------- Update Information: Updated to new upstream release 0.1.2 ---- Add dependency on python requests -------------------------------------------------------------------------------- ================================================================================ openssl-1.0.2f-1.fc23 (FEDORA-2016-527018d2ff) Utilities from the general purpose cryptography library with TLS implementation -------------------------------------------------------------------------------- Update Information: New upstream version fixing one high serverity and one low severity security issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1301846 - CVE-2015-3197 OpenSSL: SSLv2 doesn't block disabled ciphers https://bugzilla.redhat.com/show_bug.cgi?id=1301846 [ 2 ] Bug #1301845 - CVE-2016-0701 OpenSSL: DH small subgroups https://bugzilla.redhat.com/show_bug.cgi?id=1301845 -------------------------------------------------------------------------------- ================================================================================ perl-DateTime-TimeZone-1.95-1.fc23 (FEDORA-2016-62660f65c6) Time zone object base class and factory -------------------------------------------------------------------------------- Update Information: A new version of DateTime::TimeZone is available. This release updates the timezone data to 2016a. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302696 - perl-DateTime-TimeZone-1.95 is available https://bugzilla.redhat.com/show_bug.cgi?id=1302696 -------------------------------------------------------------------------------- ================================================================================ perl-File-Path-Tiny-0.8-1.fc23 (FEDORA-2016-5a5554dd3e) Recursive versions of mkdir() and rmdir() without as much overhead as File::Path -------------------------------------------------------------------------------- Update Information: A new version of File::Path::Tiny is available. This release adds support for multiple processes to operate on the same paths. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302473 - perl-File-Path-Tiny-0.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=1302473 -------------------------------------------------------------------------------- ================================================================================ perl-POE-Filter-HTTP-Parser-1.08-1.fc23 (FEDORA-2016-07c72e2639) HTTP POE filter for HTTP clients or servers -------------------------------------------------------------------------------- Update Information: This release updates license text and documentation spelling. It also improves build script. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302487 - perl-POE-Filter-HTTP-Parser-1.08 is available https://bugzilla.redhat.com/show_bug.cgi?id=1302487 -------------------------------------------------------------------------------- ================================================================================ phpMyAdmin-4.5.4-1.fc23 (FEDORA-2016-e55278763e) Handle the administration of MySQL over the World Wide Web -------------------------------------------------------------------------------- Update Information: phpMyAdmin 4.5.4 (2016-01-28) ============================= - live data edit of big sets is not working - Table list not saved in db QBE bookmarked search - While 'changing a column', query fails with a syntax error after the 'CHARSET=' keyword - Avoid syntax error in javascript messages on invalid PHP setting for max_input_vars - Properly handle errors in upacking zip archive - Set PHP's internal encoding to UTF-8 - Fixed Kanji encoding in some specific cases - Check whether iconv works before using it - Avoid conversion of MySQL error messages - Undefined index: parameters - Undefined index: field_name_orig - Undefined index: host - 'Add to central columns' (per column button) does nothing - SQL duplicate entry error trying to INSERT in designer_settings table - Fix handling of databases with dot in a name - Fix hiding of page content behind menu - FROM clause not generated after loading search bookmark - Fix creating/editing VIEW with DEFINER containing special chars - Do not invoke FLUSH PRIVILEGES when server in --skip-grant-tables - Misleading message for configuration storage - Table pagination does nothing when session expired - Index comments not working properly - Better handle local storage errors - Improve detection of privileges for privilege adjusting - Undefined property: stdClass::$releases at version check when disabled in config - SQL comment and variable stripped from bookmark on save - Gracefully handle errors in regex based javascript search - [Security] Multiple full path disclosure vulnerabilities, see PMASA-2016-1 - [Security] Unsafe generation of CSRF token, see PMASA-2016-2 - [Security] Multiple XSS vulnerabilities, see PMASA-2016-3 - [Security] Insecure password generation in JavaScript, see PMASA-2016-4 - [Security] Unsafe comparison of CSRF token, see PMASA-2016-5 - [Security] Multiple full path disclosure vulnerabilities, see PMASA-2016-6 - [Security] XSS vulnerability in normalization page, see PMASA-2016-7 - [Security] Full path disclosure vulnerability in SQL parser, see PMASA-2016-8 - [Security] XSS vulnerability in SQL editor, see PMASA-2016-9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302686 - CVE-2016-2045 phpMyAdmin: XSS vulnerability in SQL editor (PMASA-2016-9) https://bugzilla.redhat.com/show_bug.cgi?id=1302686 [ 2 ] Bug #1302685 - CVE-2016-2044 phpMyAdmin: Full path disclosure vulnerability in SQL parser (PMASA-2016-8) https://bugzilla.redhat.com/show_bug.cgi?id=1302685 [ 3 ] Bug #1302684 - CVE-2016-2043 phpMyAdmin: XSS vulnerability in normalization page (PMASA-2016-7) https://bugzilla.redhat.com/show_bug.cgi?id=1302684 [ 4 ] Bug #1302682 - CVE-2016-2042 phpMyAdmin: Multiple full path disclosure vulnerabilities (PMASA-2016-6) https://bugzilla.redhat.com/show_bug.cgi?id=1302682 [ 5 ] Bug #1302681 - CVE-2016-2041 phpMyAdmin: Unsafe comparison of XSRF/CSRF token (PMASA-2016-5) https://bugzilla.redhat.com/show_bug.cgi?id=1302681 [ 6 ] Bug #1302680 - CVE-2016-1927 phpMyAdmin: Insecure password generation in JavaScript (PMASA-2016-4) https://bugzilla.redhat.com/show_bug.cgi?id=1302680 [ 7 ] Bug #1302679 - CVE-2016-2040 phpMyAdmin: Multiple XSS vulnerabilities (PMASA-2016-3) https://bugzilla.redhat.com/show_bug.cgi?id=1302679 [ 8 ] Bug #1302677 - CVE-2016-2039 phpMyAdmin: Unsafe generation of XSRF/CSRF token (PMASA-2016-2) https://bugzilla.redhat.com/show_bug.cgi?id=1302677 [ 9 ] Bug #1302676 - CVE-2016-2038 phpMyAdmin: Multiple full path disclosure vulnerabilities (PMASA-2016-1) https://bugzilla.redhat.com/show_bug.cgi?id=1302676 -------------------------------------------------------------------------------- ================================================================================ plasma-breeze-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Artwork, styles and assets for the Breeze visual style for the Plasma Desktop -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-desktop-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Plasma Desktop shell -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-mediacenter-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) A mediacenter user interface written with the Plasma framework -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-milou-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) A dedicated KDE search application built on top of Baloo -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-nm-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Plasma for managing network connections -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-oxygen-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Plasma and Qt widget style and window decorations for Plasma 5 and KDE 4 -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-pa-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Plasma applet for audio volume management using PulseAudio -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-sdk-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Development tools for Plasma 5 -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-systemsettings-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) KDE System Settings application -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-workspace-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Plasma workspace, applications and applets -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ plasma-workspace-wallpapers-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Additional wallpapers for Plasma workspace -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ polkit-kde-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) PolicyKit integration for KDE Desktop -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ powerdevil-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) Manages the power consumption settings of a Plasma Shell -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ prosody-0.9.10-1.fc23 (FEDORA-2016-5a5c85c5a8) Flexible communications server for Jabber/XMPP -------------------------------------------------------------------------------- Update Information: Prosody 0.9.10 ============== A summary of changes in this release: Security -------- * mod_dialback: Adopt key generation algorithm from XEP-0185, to prevent impersonation attacks (CVE-2016-0756) Fixes and improvements ---------------------- * Startup: Open /dev/urandom read-only, to fix a failure to start on some systems (fixes #585) * Networking: Improve handling of the 'select' network backend running out of file descriptors Minor changes ------------- * Networking: Increase default internal read size to prevent connections stalling with LuaEvent (see #583) * DNS: Discard queries that failed to send due to connection errors (fixes #598) * c2s, s2s: Lower priority of shutdown handler, so that modules such as MUC can always send shutdown notifications to (remote) users (fixes #601) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302463 - CVE-2016-0756 prosody: mod_dialback allows impersonation attacks https://bugzilla.redhat.com/show_bug.cgi?id=1302463 -------------------------------------------------------------------------------- ================================================================================ purple-plugin_pack-2.7.0-2.fc23 (FEDORA-2016-8d6c32c5b8) A set of plugins for libpurple, pidgin, and finch -------------------------------------------------------------------------------- Update Information: * rhbz#890738 - Update to 2.7.0 * rhbz#1300463 - Ship AppStream metainfo file -------------------------------------------------------------------------------- References: [ 1 ] Bug #1300463 - Ship AppStream metainfo file https://bugzilla.redhat.com/show_bug.cgi?id=1300463 [ 2 ] Bug #890738 - purple-plugin_pack-2.7.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=890738 -------------------------------------------------------------------------------- ================================================================================ pysnmp-4.3.1-1.fc23 (FEDORA-2016-7d4fb5ec3c) An SNMP engine written in Python -------------------------------------------------------------------------------- Update Information: Add py3 support (rhbz#1282245) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1282245 - Current build version of pysnmp should support Python3 https://bugzilla.redhat.com/show_bug.cgi?id=1282245 [ 2 ] Bug #1145004 - Later version of pyasn1 needed by pysnmp https://bugzilla.redhat.com/show_bug.cgi?id=1145004 -------------------------------------------------------------------------------- ================================================================================ python-virtualenv-clone-0.2.6-2.fc23 (FEDORA-2016-f761d6c14c) Script to clone virtualenvs -------------------------------------------------------------------------------- Update Information: Add py3 subpackage and modernize python macros. -------------------------------------------------------------------------------- ================================================================================ qt5-qtdeclarative-5.5.1-4.fc23 (FEDORA-2016-4b8eec7cfa) Qt5 - QtDeclarative component -------------------------------------------------------------------------------- Update Information: Backport fix for memory leak/regression, see also http://bugreports.qt.io/browse/QTBUG-48799 -------------------------------------------------------------------------------- ================================================================================ rubygem-mini_portile2-2.1.0-1.fc23 (FEDORA-2016-14f1b193dd) Simplistic port-like solution for developers -------------------------------------------------------------------------------- Update Information: This is a new package. -------------------------------------------------------------------------------- ================================================================================ rubygem-nokogiri-1.6.7.2-1.fc23 (FEDORA-2016-43bfbefa9a) An HTML, XML, SAX, and Reader parser -------------------------------------------------------------------------------- Update Information: New version 1.6.7.2 is released. -------------------------------------------------------------------------------- ================================================================================ sddm-kcm-5.5.4-1.fc23 (FEDORA-2016-0185609ad6) SDDM KDE configuration module -------------------------------------------------------------------------------- Update Information: Plasma 5.5.4 -------------------------------------------------------------------------------- ================================================================================ speed-dreams-2.2.0-0.3.20160111svn6344.beta1.fc23 (FEDORA-2016-af3919b9c0) The Open Racing Car Simulator -------------------------------------------------------------------------------- Update Information: - Update upstream ticket links - Added patch t940-r6349.patch to fix #940 Race config screen corruption ---- - Changed %%cmake flag to -DSOLID_SOLID_INCLUDE_DIR - Added danroid in for loop to create a link when library already exists -------------------------------------------------------------------------------- ChangeLog: * Thu Jan 28 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 2.2.0-0.3.20160111svn6344.beta1 - Updated upstream ticket links - Added patch t940-r6349.patch to fix #940 Race config screen corruption * Mon Jan 25 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 2.2.0-0.2.20160111svn6344.beta1 - Changed %cmake flag to -DSOLID_SOLID_INCLUDE_DIR - Added danroid in for loop to create a link when library already exists * Tue Jan 19 2016 Martin Gansser <martinkg@xxxxxxxxxxxxxxxxx> - 2.2.0-0.1.20160111svn6344.beta1 - Update to Version 2.2.0 svn6344.beta1 - Dropped epoch - Dropped BR SDL-devel - Added BR SDL2-devel - Added BR OpenSceneGraph-devel - Added speed-dreams-arm.patch -------------------------------------------------------------------------------- ================================================================================ vte291-0.42.3-1.fc23 (FEDORA-2016-3bea2db98e) Terminal emulator library -------------------------------------------------------------------------------- Update Information: Bug fixes for GNOME 3.18.x -------------------------------------------------------------------------------- ================================================================================ wine-1.9.2-1.fc23 (FEDORA-2016-5e77e105db) A compatibility layer for windows applications -------------------------------------------------------------------------------- Update Information: GStreamer 1.0 support. Support for SHA hashes in BCrypt. Synthesizing bold glyphs also for bitmap fonts. Underlines support in DirectWrite. Still more Shader Model 4 instructions. Various bug fixes. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1301245 - wine-1.9.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1301245 -------------------------------------------------------------------------------- ================================================================================ ypbind-1.38-4.fc23 (FEDORA-2016-fb8800a405) The NIS daemon which binds NIS clients to an NIS domain -------------------------------------------------------------------------------- Update Information: Do not resstart ypbind on dhcp renew if nis domain or nis servers -------------------------------------------------------------------------------- References: [ 1 ] Bug #1301704 - None https://bugzilla.redhat.com/show_bug.cgi?id=1301704 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
