The following Fedora 23 Security updates need testing: Age URL 138 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 96 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 69 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 59 https://bodhi.fedoraproject.org/updates/FEDORA-2015-abf9659276 php-PHPMailer-5.2.14-1.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 19 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b02ad4e424 ecryptfs-utils-109-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 6 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2ec7f779f2 claws-mail-3.13.2-1.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-97002ad37b rubygem-actionview-4.2.3-3.fc23 4 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f486068393 rubygem-actionpack-4.2.3-4.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4509765b4b gsi-openssh-7.1p2-3.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eb4d6e8aab rubygem-activemodel-4.2.3-2.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-3ede04cd79 rubygem-activesupport-4.2.3-3.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc465a34df rubygem-activerecord-4.2.3-2.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-50abc3e885 python-pymongo-2.5.2-8.fc23 2 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b61929db9e wordpress-4.4.2-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa00f0631d mingw-nettle-3.2-1.fc23 mingw-gnutls-3.4.9-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-46a34efa06 php-5.6.18-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-153eed2bb8 asterisk-13.7.1-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-4b06195979 python-pillow-3.0.0-2.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fd30ad26a9 kernel-4.3.5-300.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d52084f03e linux-firmware-20160204-61.git91d5dd13.fc23 The following builds have been pushed to Fedora 23 updates-testing asterisk-13.7.1-1.fc23 cmark-0.24.1-1.fc23 docker-compose-1.6.0-1.fc23 eclipse-cdt-8.8.0-6.fc23 eclipse-remote-2.0.1-2.fc23 engauge-digitizer-6.2-4.20160204gitb6ad5b.fc23 gammu-1.37.0-2.fc23 gdal-2.0.2-1.fc23 gimp-separate+-0.5.8-15.fc23 kamera-15.08.3-2.fc23 libinput-1.1.6-1.fc23 libreadline-java-0.8.0-42.fc23 linux-firmware-20160204-61.git91d5dd13.fc23 mbuffer-20151002-1.fc23 mpop-1.2.4-1.fc23 plasma-workspace-5.5.4-2.fc23 platform-2.0.1-1.fc23 pssh-2.3.1-12.fc23 python-pillow-3.0.0-2.fc23 rubygem-plist-3.2.0-1.fc23 springframework-amqp-1.3.9-3.fc23 testcloud-0.1.8-1.fc23 tzdata-2016a-1.fc23 wammu-0.40-3.fc23 xsd-4.0.0-14.fc23 Details about builds: ================================================================================ asterisk-13.7.1-1.fc23 (FEDORA-2016-153eed2bb8) The Open Source PBX -------------------------------------------------------------------------------- Update Information: Update to upstream 13.7.1 release for security fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1304670 - asterisk: File descriptor exhaustion in chan_sip https://bugzilla.redhat.com/show_bug.cgi?id=1304670 -------------------------------------------------------------------------------- ================================================================================ cmark-0.24.1-1.fc23 (FEDORA-2016-3fe60c0718) CommonMark parsing and rendering -------------------------------------------------------------------------------- Update Information: Update to latest 0.24.1 -------------------------------------------------------------------------------- ================================================================================ docker-compose-1.6.0-1.fc23 (FEDORA-2016-9ed4d853f0) Multi-container orchestration for Docker -------------------------------------------------------------------------------- Update Information: Update to upstream 1.6.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1300106 - docker-compose-1.6.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1300106 -------------------------------------------------------------------------------- ================================================================================ eclipse-cdt-8.8.0-6.fc23 (FEDORA-2016-b836b8a61b) Eclipse C/C++ Development Tools (CDT) plugin -------------------------------------------------------------------------------- Update Information: * The updated version of eclipse-cdt fixes eclipse-cdt-arduino to get resolved properly. * The updated version of eclipse-remote removes an unnecessary dependency from eclipse-remote to eclipse-pde, which was causing, as an example, eclipse-cdt-arduino to require the JDT and PDE. To test this, just confirm that installing eclipse-cdt-arduino (or eclipse-remote) doesn't also bring in eclipse-pde or eclipse-jdt. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302131 - eclipse-cdt-arduino entirely non-functional https://bugzilla.redhat.com/show_bug.cgi?id=1302131 -------------------------------------------------------------------------------- ================================================================================ eclipse-remote-2.0.1-2.fc23 (FEDORA-2016-b836b8a61b) Eclipse Remote Services plug-in -------------------------------------------------------------------------------- Update Information: * The updated version of eclipse-cdt fixes eclipse-cdt-arduino to get resolved properly. * The updated version of eclipse-remote removes an unnecessary dependency from eclipse-remote to eclipse-pde, which was causing, as an example, eclipse-cdt-arduino to require the JDT and PDE. To test this, just confirm that installing eclipse-cdt-arduino (or eclipse-remote) doesn't also bring in eclipse-pde or eclipse-jdt. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302131 - eclipse-cdt-arduino entirely non-functional https://bugzilla.redhat.com/show_bug.cgi?id=1302131 -------------------------------------------------------------------------------- ================================================================================ engauge-digitizer-6.2-4.20160204gitb6ad5b.fc23 (FEDORA-2016-3a05e24521) Convert graphs or map files into numbers -------------------------------------------------------------------------------- Update Information: - Update to commit #b6ad5b -------------------------------------------------------------------------------- ================================================================================ gammu-1.37.0-2.fc23 (FEDORA-2016-f22eb4f4d4) Command Line utility to work with mobile phones -------------------------------------------------------------------------------- Update Information: Add BR:libdbi-dbd-sqlite and also require it because drive sqlite is used by ---- Update to 1.37.0 (#1304358) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1304358 - gammu-1.37.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1304358 -------------------------------------------------------------------------------- ================================================================================ gdal-2.0.2-1.fc23 (FEDORA-2016-7cb5cee691) GIS file format library -------------------------------------------------------------------------------- Update Information: * https://trac.osgeo.org/gdal/wiki/Release/2.0.2-News -------------------------------------------------------------------------------- References: [ 1 ] Bug #1303398 - gdal-2.0.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1303398 [ 2 ] Bug #1284714 - GDAL is build without GEOS support https://bugzilla.redhat.com/show_bug.cgi?id=1284714 -------------------------------------------------------------------------------- ================================================================================ gimp-separate+-0.5.8-15.fc23 (FEDORA-2016-bbfe53b2a6) Rudimentary CMYK support for The GIMP -------------------------------------------------------------------------------- Update Information: Added metainfo.xml from Luya Tshimbalanga <luya@xxxxxxxxxxxxxxxxx> -------------------------------------------------------------------------------- ================================================================================ kamera-15.08.3-2.fc23 (FEDORA-2016-110764bc4a) Digital camera support for KDE -------------------------------------------------------------------------------- Update Information: Update to latest (kde4-based) version, add support for kf5 actions. -------------------------------------------------------------------------------- ================================================================================ libinput-1.1.6-1.fc23 (FEDORA-2016-52a8eb51be) Input device library -------------------------------------------------------------------------------- Update Information: libinput 1.1.6, smoother pointer motion on small touchpad motions and two-finger scrolling ---- Drop default motion hysteresis, disable mode button on Cyborg RAT 5 -------------------------------------------------------------------------------- ================================================================================ libreadline-java-0.8.0-42.fc23 (FEDORA-2016-5acd868ee7) Java wrapper for the EditLine library -------------------------------------------------------------------------------- Update Information: fix jar file symlink (rhbz#1304865) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1304865 - /usr/lib64/libreadline-java/libreadline-java.jar is a stale symbolic link https://bugzilla.redhat.com/show_bug.cgi?id=1304865 -------------------------------------------------------------------------------- ================================================================================ linux-firmware-20160204-61.git91d5dd13.fc23 (FEDORA-2016-d52084f03e) Firmware files used by the Linux kernel -------------------------------------------------------------------------------- Update Information: Update to latest upstream git snapshot. Includes updates for rtlwifi, iwlwifi, Intel bluetooth, and Intel Skylake audio. -------------------------------------------------------------------------------- ================================================================================ mbuffer-20151002-1.fc23 (FEDORA-2016-956449cda6) Measuring Buffer is an enhanced version of buffer -------------------------------------------------------------------------------- Update Information: Update to new upstream version 20151002 -------------------------------------------------------------------------------- ================================================================================ mpop-1.2.4-1.fc23 (FEDORA-2016-b6579d59ad) A POP3 client for recieving mail from POP3 mailboxes -------------------------------------------------------------------------------- Update Information: Updated to new upstream version 1.2.4 (rhbz#1179320) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1179320 - Utilize system-wide crypto-policies https://bugzilla.redhat.com/show_bug.cgi?id=1179320 -------------------------------------------------------------------------------- ================================================================================ plasma-workspace-5.5.4-2.fc23 (FEDORA-2016-45c3f5e30a) Plasma workspace, applications and applets -------------------------------------------------------------------------------- Update Information: Backport workaround for systray applets sometimes not showing properly on login, see also upstream bug http://bugs.kde.org/352055 -------------------------------------------------------------------------------- ================================================================================ platform-2.0.1-1.fc23 (FEDORA-2016-d888539bbd) Platform support library used by libCEC and binary add-ons for Kodi -------------------------------------------------------------------------------- Update Information: Update to 2.0.1 -------------------------------------------------------------------------------- ================================================================================ pssh-2.3.1-12.fc23 (FEDORA-2016-686a320694) Parallel SSH tools -------------------------------------------------------------------------------- Update Information: Handling of aborted pssh process was not correct. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1294454 - [abrt] pssh: pssh:93:do_pssh:ValueError: min() arg is an empty sequence https://bugzilla.redhat.com/show_bug.cgi?id=1294454 -------------------------------------------------------------------------------- ================================================================================ python-pillow-3.0.0-2.fc23 (FEDORA-2016-4b06195979) Python image processing library -------------------------------------------------------------------------------- Update Information: This update fixes for security vulnerabilities, including CVE-2016-0775, CVE-2016-0740. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1305004 - python-pillow: Buffer overflow in PcdDecode.c https://bugzilla.redhat.com/show_bug.cgi?id=1305004 -------------------------------------------------------------------------------- ================================================================================ rubygem-plist-3.2.0-1.fc23 (FEDORA-2016-5fe471a2cc) All-purpose Property List manipulation library -------------------------------------------------------------------------------- Update Information: update to plist 3.2.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302703 - rubygem-plist-3.2.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1302703 -------------------------------------------------------------------------------- ================================================================================ springframework-amqp-1.3.9-3.fc23 (FEDORA-2016-5be3c02ef2) Support for Spring programming model with AMQP -------------------------------------------------------------------------------- Update Information: add rabbitmq-java-client 3.6.x support -------------------------------------------------------------------------------- ================================================================================ testcloud-0.1.8-1.fc23 (FEDORA-2016-8f11fc365d) Tool for running cloud images locally -------------------------------------------------------------------------------- Update Information: Small update to fix docs and implicit crash when IP address is not found after boot -------------------------------------------------------------------------------- ================================================================================ tzdata-2016a-1.fc23 (FEDORA-2016-aaf362201c) Timezone data -------------------------------------------------------------------------------- Update Information: Resolves: #1302497 - Rebase to 2016a - America/Cayman will not observe daylight saving this year after all. Revert our guess that it would. - Asia/Chita switches from +0800 to +0900 on 2016-03-27 at 02:00. - Asia/Tehran now has DST predictions for the year 2038 and later, to be March 21 00:00 to September 21 00:00. This is likely better than predicting no DST, albeit off by a day every now and then. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302497 - tzdata-2016a is available https://bugzilla.redhat.com/show_bug.cgi?id=1302497 -------------------------------------------------------------------------------- ================================================================================ wammu-0.40-3.fc23 (FEDORA-2016-0c970c2e9e) Mobile Phone Manager - Gammu GUI -------------------------------------------------------------------------------- Update Information: Fix github.com/gammu/wammu/issues/21 . -------------------------------------------------------------------------------- ================================================================================ xsd-4.0.0-14.fc23 (FEDORA-2016-4f71504d22) W3C XML schema to C++ data binding compiler -------------------------------------------------------------------------------- Update Information: - Rebuilt for Boost 1.60 - Set flags for hardened builds -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
