Fedora 23 updates-testing report

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following Fedora 23 Security updates need testing:
 Age  URL
 140  https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240   nagios-4.0.8-1.fc23
  98  https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe   miniupnpc-1.9-6.fc23
  71  https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324   jbig2dec-0.12-2.fc23
  62  https://bodhi.fedoraproject.org/updates/FEDORA-2015-abf9659276   php-PHPMailer-5.2.14-1.fc23
  21  https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1   python-pymongo-3.0.3-1.fc23
  21  https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8   thttpd-2.25b-37.fc23
  10  https://bodhi.fedoraproject.org/updates/FEDORA-2016-b02ad4e424   ecryptfs-utils-109-1.fc23
  10  https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554   xulrunner-44.0-1.fc23
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2016-4509765b4b   gsi-openssh-7.1p2-3.fc23
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2016-97002ad37b   rubygem-actionview-4.2.3-3.fc23
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2016-f486068393   rubygem-actionpack-4.2.3-4.fc23
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2016-eb4d6e8aab   rubygem-activemodel-4.2.3-2.fc23
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2016-3ede04cd79   rubygem-activesupport-4.2.3-3.fc23
   6  https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc465a34df   rubygem-activerecord-4.2.3-2.fc23
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2016-50abc3e885   python-pymongo-2.5.2-8.fc23
   4  https://bodhi.fedoraproject.org/updates/FEDORA-2016-b61929db9e   wordpress-4.4.2-1.fc23
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2016-aa00f0631d   mingw-nettle-3.2-1.fc23 mingw-gnutls-3.4.9-1.fc23
   3  https://bodhi.fedoraproject.org/updates/FEDORA-2016-46a34efa06   php-5.6.18-1.fc23
   2  https://bodhi.fedoraproject.org/updates/FEDORA-2016-153eed2bb8   asterisk-13.7.1-1.fc23
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2016-55137a3adb   mingw-curl-7.47.0-1.fc23
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2016-9a1c707b10   mingw-libpng-1.6.21-1.fc23
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2016-189a7bf68c   mingw-libxml2-2.9.3-1.fc23
   0  https://bodhi.fedoraproject.org/updates/FEDORA-2016-fd1199dbe2   mingw-pcre-8.38-1.fc23


The following Fedora 23 Critical Path updates have yet to be approved:
 Age URL
  10  https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554   xulrunner-44.0-1.fc23


The following builds have been pushed to Fedora 23 updates-testing

    OpenLP-2.3.3-1.fc23
    caja-1.12.2-3.fc23
    cdsclient-3.81-1.fc23
    eclipse-ptp-9.0.1-1.fc23
    etherape-0.9.14-1.fc23
    freeciv-2.5.3-1.fc23
    gnome-chemistry-utils-0.14.10-14.fc23
    gnumeric-1.12.27-1.fc23
    goffice-0.10.27-1.fc23
    hylafax+-5.5.8-1.fc23
    mate-themes-3.18.0-1.fc23
    memkind-0.3.0-5.fc23
    mingw-curl-7.47.0-1.fc23
    mingw-libpng-1.6.21-1.fc23
    mingw-libxml2-2.9.3-1.fc23
    mingw-pcre-8.38-1.fc23
    mintmenu-5.6.5-3.fc23
    nagios-plugins-check-updates-1.6.15-1.fc23
    nex-20151213-1.fc23
    perl-Path-Tiny-0.076-1.fc23
    python-astropy-helpers-1.1.1-1.fc23
    python-pika-0.10.0-3.fc23
    restsharp-105.2.3-3.fc23
    simdock-1.4-0.20160207git.fc23
    usbguard-0.4-4.fc23

Details about builds:


================================================================================
 OpenLP-2.3.3-1.fc23 (FEDORA-2016-2aa71baeb8)
 Open source Church presentation and lyrics projection application
--------------------------------------------------------------------------------
Update Information:

Release Candidate 2.3.3  ----  Alpha Release of 2.4
--------------------------------------------------------------------------------


================================================================================
 caja-1.12.2-3.fc23 (FEDORA-2016-aceba7139e)
 File manager for MATE
--------------------------------------------------------------------------------
Update Information:

- try fix rhbz (#1291540)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1291540 - [abrt] caja: g_type_check_instance_cast(): caja killed by SIGSEGV
        https://bugzilla.redhat.com/show_bug.cgi?id=1291540
--------------------------------------------------------------------------------


================================================================================
 cdsclient-3.81-1.fc23 (FEDORA-2016-d159935568)
 Tools to query databases at CDS
--------------------------------------------------------------------------------
Update Information:

update to 3.81
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1304909 - cdsclient-3.81 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1304909
--------------------------------------------------------------------------------


================================================================================
 eclipse-ptp-9.0.1-1.fc23 (FEDORA-2016-c20cfe942b)
 Eclipse Parallel Tools Platform
--------------------------------------------------------------------------------
Update Information:

Update to upstream 9.0.1 release.
--------------------------------------------------------------------------------


================================================================================
 etherape-0.9.14-1.fc23 (FEDORA-2016-0788ddd153)
 Graphical network monitor for Unix
--------------------------------------------------------------------------------
Update Information:

Latest upstream.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1305314 - etherape-0.9.14 is available
        https://bugzilla.redhat.com/show_bug.cgi?id=1305314
--------------------------------------------------------------------------------


================================================================================
 freeciv-2.5.3-1.fc23 (FEDORA-2016-c604a25389)
 A multi-player strategy game
--------------------------------------------------------------------------------
Update Information:

Latest upstream.
--------------------------------------------------------------------------------


================================================================================
 gnome-chemistry-utils-0.14.10-14.fc23 (FEDORA-2016-f078ec18c0)
 A set of chemical utilities
--------------------------------------------------------------------------------
Update Information:

This is an update to the latest upstream releases of gnumeric and goffice:  *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.27.html  ----  This update
fixes a crash in gchemtable
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1302135 - [abrt] gchemtable: gcu::Dialog::SetRealName(): gchemtable-0.14 killed by SIGABRT
        https://bugzilla.redhat.com/show_bug.cgi?id=1302135
--------------------------------------------------------------------------------


================================================================================
 gnumeric-1.12.27-1.fc23 (FEDORA-2016-f078ec18c0)
 Spreadsheet program for GNOME
--------------------------------------------------------------------------------
Update Information:

This is an update to the latest upstream releases of gnumeric and goffice:  *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.27.html  ----  This update
fixes a crash in gchemtable
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1302135 - [abrt] gchemtable: gcu::Dialog::SetRealName(): gchemtable-0.14 killed by SIGABRT
        https://bugzilla.redhat.com/show_bug.cgi?id=1302135
--------------------------------------------------------------------------------


================================================================================
 goffice-0.10.27-1.fc23 (FEDORA-2016-f078ec18c0)
 G Office support libraries
--------------------------------------------------------------------------------
Update Information:

This is an update to the latest upstream releases of gnumeric and goffice:  *
http://gnumeric.org/announcements/1.12/gnumeric-1.12.27.html  ----  This update
fixes a crash in gchemtable
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1302135 - [abrt] gchemtable: gcu::Dialog::SetRealName(): gchemtable-0.14 killed by SIGABRT
        https://bugzilla.redhat.com/show_bug.cgi?id=1302135
--------------------------------------------------------------------------------


================================================================================
 hylafax+-5.5.8-1.fc23 (FEDORA-2016-a1a998d683)
 An enterprise-strength fax server
--------------------------------------------------------------------------------
Update Information:

Update to 5.5.8.
--------------------------------------------------------------------------------


================================================================================
 mate-themes-3.18.0-1.fc23 (FEDORA-2016-2b2f96538b)
 MATE Desktop themes
--------------------------------------------------------------------------------
Update Information:

use gtk+3 version schema
--------------------------------------------------------------------------------


================================================================================
 memkind-0.3.0-5.fc23 (FEDORA-2016-e54be2efdf)
 User Extensible Heap Manager
--------------------------------------------------------------------------------
Update Information:

Fix rpmlint error dir-or-file-in-var-run for /var/run/memkind  ----  Update
upstream fixes for memkind-0.3.0
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1305360 - Fix rpmlint error dir-or-file-in-var-run for /var/run/memkind
        https://bugzilla.redhat.com/show_bug.cgi?id=1305360
  [ 2 ] Bug #1305292 - Fix rawhide build errod and update memkind to upstream 0.3.0 latest patches
        https://bugzilla.redhat.com/show_bug.cgi?id=1305292
--------------------------------------------------------------------------------


================================================================================
 mingw-curl-7.47.0-1.fc23 (FEDORA-2016-55137a3adb)
 MinGW Windows port of curl and libcurl
--------------------------------------------------------------------------------
Update Information:

Update to 7.47.0 which fixes various CVE's
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1302264 - CVE-2016-0755 mingw-curl: curl: NTLM credentials not-checked for proxy connection re-use [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1302264
--------------------------------------------------------------------------------


================================================================================
 mingw-libpng-1.6.21-1.fc23 (FEDORA-2016-9a1c707b10)
 MinGW Windows Libpng library
--------------------------------------------------------------------------------
Update Information:

Update to 1.6.21 which fixes various CVE's
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1281760 - CVE-2015-8126 mingw-libpng: libpng: Buffer overflow vulnerabilities in png_get_PLTE/png_set_PLTE functions [epel-7]
        https://bugzilla.redhat.com/show_bug.cgi?id=1281760
--------------------------------------------------------------------------------


================================================================================
 mingw-libxml2-2.9.3-1.fc23 (FEDORA-2016-189a7bf68c)
 MinGW Windows libxml2 XML processing library
--------------------------------------------------------------------------------
Update Information:

Update to 2.9.3 which fixes various CVE's
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1281952 - mingw-libxml2: libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1281952
  [ 2 ] Bug #1277149 - CVE-2015-8035 mingw-libxml2: libxml2: DoS when parsing specially crafted XML document if XZ support is enabled [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1277149
  [ 3 ] Bug #1276299 - CVE-2015-7942 mingw-libxml2: libxml2: heap-based buffer overflow in xmlParseConditionalSections() [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1276299
  [ 4 ] Bug #1274225 - CVE-2015-7941 mingw-libxml2: libxml2: Out-of-bounds memory access [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1274225
  [ 5 ] Bug #1262853 - mingw-libxml2: libxml2: Out-of-bounds memory access when parsing unclosed HTMl comment [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1262853
--------------------------------------------------------------------------------


================================================================================
 mingw-pcre-8.38-1.fc23 (FEDORA-2016-fd1199dbe2)
 MinGW Windows pcre library
--------------------------------------------------------------------------------
Update Information:

Update to 8.38 and fix various CVE's
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1287720 - CVE-2015-8395 mingw-pcre: pcre: Buffer overflow caused by certain references [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287720
  [ 2 ] Bug #1287704 - CVE-2015-8394 mingw-pcre: pcre: Integer overflow caused by missing check for certain conditions [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287704
  [ 3 ] Bug #1287698 - CVE-2015-8393 mingw-pcre: pcre: Information leak when running pcgrep -q on crafted binary [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287698
  [ 4 ] Bug #1287692 - CVE-2015-8392 mingw-pcre: pcre: Buffer overflow caused by certain patterns with duplicated named groups [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287692
  [ 5 ] Bug #1287673 - CVE-2015-8391 mingw-pcre: pcre: Some pathological patterns causes pcre_compile() to run for a very long time [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287673
  [ 6 ] Bug #1287668 - CVE-2015-8390 mingw-pcre: pcre: Reading from uninitialized memory when processing certain patterns [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287668
  [ 7 ] Bug #1287661 - CVE-2015-8389 mingw-pcre: pcre: Infinite recursion in JIT compiler when processing certain patterns [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287661
  [ 8 ] Bug #1287656 - CVE-2015-8388 mingw-pcre: pcre: Buffer overflow caused by certain patterns with an unmatched closing parenthesis [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287656
  [ 9 ] Bug #1287648 - CVE-2015-8387 mingw-pcre: pcre: Integer overflow in subroutine calls [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287648
  [ 10 ] Bug #1287640 - CVE-2015-8386 mingw-pcre: pcre: Buffer overflow caused by lookbehind assertion [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287640
  [ 11 ] Bug #1287631 - CVE-2015-8385 mingw-pcre: pcre: Buffer overflow caused by forward reference by name to certain group [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287631
  [ 12 ] Bug #1287626 - CVE-2015-8384 mingw-pcre: pcre: Buffer overflow caused by recursive back reference by name within certain group [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287626
  [ 13 ] Bug #1287616 - CVE-2015-8383 mingw-pcre: pcre: Buffer overflow caused by repeated conditional group [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1287616
  [ 14 ] Bug #1256453 - mingw-pcre: pcre: Heap Overflow in compile_regex() [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1256453
  [ 15 ] Bug #1250947 - mingw-pcre: pcre: heap buffer overflow with a crafted regular expression [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1250947
  [ 16 ] Bug #1249905 - mingw-pcre: php: Regular Expression Uninitialized Pointer Information Disclosure Vulnerability (ZDI-CAN-2547) [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1249905
  [ 17 ] Bug #1237225 - CVE-2015-5073 mingw-pcre: pcre: heap buffer overflow in find_fixedlength() [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1237225
  [ 18 ] Bug #1236660 - CVE-2015-3210 mingw-pcre: pcre: heap buffer overflow in pcre_compile2() / compile_regex() [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1236660
--------------------------------------------------------------------------------


================================================================================
 mintmenu-5.6.5-3.fc23 (FEDORA-2016-39c6db9d1c)
 Advanced Menu for the MATE Desktop
--------------------------------------------------------------------------------
Update Information:

- fix rhbz (#1302737)
--------------------------------------------------------------------------------


================================================================================
 nagios-plugins-check-updates-1.6.15-1.fc23 (FEDORA-2016-bff5c3ceb3)
 A Nagios plugin to check if Red Hat or Fedora system is up-to-date
--------------------------------------------------------------------------------
Update Information:

Update to 1.6.15.
--------------------------------------------------------------------------------


================================================================================
 nex-20151213-1.fc23 (FEDORA-2016-24897eabd5)
 A lexer generator for Go that is similar to Lex/Flex
--------------------------------------------------------------------------------
Update Information:

Update to 20151213
--------------------------------------------------------------------------------


================================================================================
 perl-Path-Tiny-0.076-1.fc23 (FEDORA-2016-17a8ae930b)
 File path utility
--------------------------------------------------------------------------------
Update Information:

This is a cumulative bugfix and enhancement release, the latest from upstream.
There should be no backwards compatibility issues.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1305293 - perl-Path-Tiny: please update package in epel7, f22, f23 branches
        https://bugzilla.redhat.com/show_bug.cgi?id=1305293
--------------------------------------------------------------------------------


================================================================================
 python-astropy-helpers-1.1.1-1.fc23 (FEDORA-2016-777739aab2)
 Utilities for building and installing Astropy and Astropy affiliated packages
--------------------------------------------------------------------------------
Update Information:

Initial package
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1297234 - Review Request: python-astropy-helpers - Utilities for building and installing Astropy and Astropy affiliated packages
        https://bugzilla.redhat.com/show_bug.cgi?id=1297234
--------------------------------------------------------------------------------


================================================================================
 python-pika-0.10.0-3.fc23 (FEDORA-2016-fdfe1e1178)
 AMQP 0-9-1 client library for Python
--------------------------------------------------------------------------------
Update Information:

Update to latest upstream stable release (0.10.0), add Python 3 subpackage
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1244505 - python-pika 0.10.0 is available (python 3.3+ support added!)
        https://bugzilla.redhat.com/show_bug.cgi?id=1244505
--------------------------------------------------------------------------------


================================================================================
 restsharp-105.2.3-3.fc23 (FEDORA-2016-01a328bcee)
 Simple REST and HTTP API Client
--------------------------------------------------------------------------------
Update Information:

initial package, rhbz#1270776
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1270776 - Review Request: restsharp - Simple REST and HTTP API Client
        https://bugzilla.redhat.com/show_bug.cgi?id=1270776
--------------------------------------------------------------------------------


================================================================================
 simdock-1.4-0.20160207git.fc23 (FEDORA-2016-cce0d949bc)
 Fast and customizable dockbar
--------------------------------------------------------------------------------
Update Information:

Update to latest simdock sources from github. Seems to work fine under KDE and
Openbox,
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1125872 - [abrt] simdock: handle_error(): simdock killed by SIGTRAP
        https://bugzilla.redhat.com/show_bug.cgi?id=1125872
  [ 2 ] Bug #1018562 - [abrt] simdock-1.2.6-1.20130128git.fc19: main_arena: Process /usr/bin/simdock was killed by signal 11 (SIGSEGV)
        https://bugzilla.redhat.com/show_bug.cgi?id=1018562
--------------------------------------------------------------------------------


================================================================================
 usbguard-0.4-4.fc23 (FEDORA-2016-cccd99abb3)
 A tool for implementing USB device usage policy
--------------------------------------------------------------------------------
Update Information:

* update to usbguard-0.4 * WARNING: incompatible changes, see the release notes
at https://github.com/dkopecek/usbguard/releases/tag/v0.4
--------------------------------------------------------------------------------
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux