The following Fedora 23 Security updates need testing: Age URL 162 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 120 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 93 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 43 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 43 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 32 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-40401300ed 389-ds-base-1.3.4.8-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-65a1f22818 community-mysql-5.6.29-1.fc23 14 https://bodhi.fedoraproject.org/updates/FEDORA-2016-94b0b50351 gummi-0.6.6-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cdd4228cc7 pcs-0.9.149-2.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f12be382f4 mote-0.5.1-3.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8411497132 drupal6-6.38-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-eeb0f0c94f drupal7-7.43-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ae14784e4e libmodbus-3.0.6-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-120b194a75 qpid-cpp-0.34-6.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1642a20327 kernel-4.4.3-300.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-65833b5dbc pcre-8.38-6.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dec1faadc5 graphite2-1.3.6-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f802cade15 exiv2-0.25-3.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 32 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 12 https://bodhi.fedoraproject.org/updates/FEDORA-2016-054e18a33d htdig-3.2.0-0.23.b6.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8dde5e377c lxsession-0.5.2-8.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2400dcd3d1 virtuoso-opensource-6.1.6-10.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-ffbae3a870 selinux-policy-3.13.1-158.9.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1642a20327 kernel-4.4.3-300.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e10d786768 pungi-4.0.6-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-f802cade15 exiv2-0.25-3.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d360559a79 rpm-4.13.0-0.rc1.12.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-65833b5dbc pcre-8.38-6.fc23 The following builds have been pushed to Fedora 23 updates-testing 3dprinter-udev-rules-0.1-1.fc23 bugyou_plugins-0.1-1.fc23 cherrytree-0.36.6-1.fc23 djview4-4.10.6-1.fc23 easytag-2.4.2-2.fc23 exiv2-0.25-3.fc23 gerrymander-1.5-2.fc23 gkrellm-2.3.6-0.1.rc1.git20160226.fc23 gkrellm-sun-1.0.0-20.fc23 graphite2-1.3.6-1.fc23 kubernetes-1.2.0-0.12.alpha6.gitf0cd09a.fc23 lilypond-2.19.37-1.fc23 lilypond-doc-2.19.37-1.fc23 nacl-arm-newlib-2.1.0-3.git373135e.fc23 oz-0.15.0-1.fc23 pcre-8.38-6.fc23 pcre2-10.21-3.fc23 perl-App-a2p-1.009-2.fc23 perl-CBOR-XS-1.4.1-1.fc23 python-behave-1.2.5-9.fc23 python-zanata2fedmsg-0.2-1.fc23 rpm-4.13.0-0.rc1.12.fc23 skopeo-0.1.9-1.fc23 transmission-2.90-1.fc23 xfig-3.2.5-48.c.fc23 yad-0.34.2-1.fc23 Details about builds: ================================================================================ 3dprinter-udev-rules-0.1-1.fc23 (FEDORA-2016-739a9100da) Rules for udev to give regular users access to operate 3D printers -------------------------------------------------------------------------------- Update Information: Rules for udev to give regular users access to operate 3D printers -------------------------------------------------------------------------------- References: [ 1 ] Bug #1312296 - Review Request: 3dprinter-udev-rules - Rules for udev to give regular users access to operate 3D printers https://bugzilla.redhat.com/show_bug.cgi?id=1312296 -------------------------------------------------------------------------------- ================================================================================ bugyou_plugins-0.1-1.fc23 (FEDORA-2016-18eaad36f3) Plugins for Bugyou -------------------------------------------------------------------------------- Update Information: Initial packaging. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1309782 - Review Request: bugyou_plugins - Plugins and Services for Bugyou https://bugzilla.redhat.com/show_bug.cgi?id=1309782 -------------------------------------------------------------------------------- ================================================================================ cherrytree-0.36.6-1.fc23 (FEDORA-2016-a44b7aea31) Hierarchical note taking application -------------------------------------------------------------------------------- Update Information: update to cherrytree-0.36.6 ---- update to 0.36.5 ---- Update to 0.36.4 ---- update to cherrytree 0.36.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1311778 - cherrytree-0.36.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1311778 [ 2 ] Bug #1309140 - cherrytree-0.36.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1309140 [ 3 ] Bug #1160249 - cherrytree-0.36.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1160249 [ 4 ] Bug #1301941 - cherrytree-0.36.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1301941 -------------------------------------------------------------------------------- ================================================================================ djview4-4.10.6-1.fc23 (FEDORA-2016-a0ef29f987) DjVu viewer -------------------------------------------------------------------------------- Update Information: Update to latest upstream release djview 4.10.6. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1312984 - djview4-4.10.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1312984 -------------------------------------------------------------------------------- ================================================================================ easytag-2.4.2-2.fc23 (FEDORA-2016-893ed9bec1) Tag editor for MP3, Ogg, FLAC and other music files -------------------------------------------------------------------------------- Update Information: Fix crash in the load filenames dialog (#1312163) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1312163 - [abrt] easytag: g_type_check_instance_cast(): easytag killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1312163 -------------------------------------------------------------------------------- ================================================================================ exiv2-0.25-3.fc23 (FEDORA-2016-f802cade15) Exif and Iptc metadata manipulation library -------------------------------------------------------------------------------- Update Information: Avoid possible XML entity expansion security issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #888769 - exiv2: embedded copy of exempi should be compiled with BanAllEntityUsage https://bugzilla.redhat.com/show_bug.cgi?id=888769 -------------------------------------------------------------------------------- ================================================================================ gerrymander-1.5-2.fc23 (FEDORA-2016-48a5138e81) The gerrit client tools -------------------------------------------------------------------------------- Update Information: Add the Python PrettyTable dependency to relevant sub-packages ---- New upstream release 1.5 ---- Add 'python-prettytable' to 'Requires'; fixes rhbz# 1307167 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1307167 - gerrymander should require: python-prettytable https://bugzilla.redhat.com/show_bug.cgi?id=1307167 -------------------------------------------------------------------------------- ================================================================================ gkrellm-2.3.6-0.1.rc1.git20160226.fc23 (FEDORA-2016-e10fd8290e) Multiple stacked system monitors in one process -------------------------------------------------------------------------------- Update Information: - Update to a gkrellm-2.3.6-rc git snapshot bringing in various fixes - Fix crash after sun-plugin has been disabled (rhbz#1231394) - Add appdata -------------------------------------------------------------------------------- References: [ 1 ] Bug #1231394 - [abrt] gkrellm: exit(): gkrellm killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1231394 [ 2 ] Bug #1312561 - Review Request: gkrellm-sun - Sun clock plugin for GKrellM https://bugzilla.redhat.com/show_bug.cgi?id=1312561 -------------------------------------------------------------------------------- ================================================================================ gkrellm-sun-1.0.0-20.fc23 (FEDORA-2016-e10fd8290e) Sun clock plugin for GKrellM -------------------------------------------------------------------------------- Update Information: - Update to a gkrellm-2.3.6-rc git snapshot bringing in various fixes - Fix crash after sun-plugin has been disabled (rhbz#1231394) - Add appdata -------------------------------------------------------------------------------- References: [ 1 ] Bug #1231394 - [abrt] gkrellm: exit(): gkrellm killed by SIGSEGV https://bugzilla.redhat.com/show_bug.cgi?id=1231394 [ 2 ] Bug #1312561 - Review Request: gkrellm-sun - Sun clock plugin for GKrellM https://bugzilla.redhat.com/show_bug.cgi?id=1312561 -------------------------------------------------------------------------------- ================================================================================ graphite2-1.3.6-1.fc23 (FEDORA-2016-dec1faadc5) Font rendering capabilities for complex non-Roman writing systems -------------------------------------------------------------------------------- Update Information: Unspecified security fixes -------------------------------------------------------------------------------- ================================================================================ kubernetes-1.2.0-0.12.alpha6.gitf0cd09a.fc23 (FEDORA-2016-5a203fd7ac) Container cluster management -------------------------------------------------------------------------------- Update Information: Update to origin 1.1.3, disable v1beta1, v1beta3, fix application/json content type ---- A lot of changes here: rebase to origin based kubernetes from 1.0.3 to 1.2.0. This will need a lot of testing to discover regressions and new issues introduced by the rebase. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1311861 - kubectl exec is broken in kubernetes-1.2.0-0.4.alpha1 https://bugzilla.redhat.com/show_bug.cgi?id=1311861 [ 2 ] Bug #1291860 - Packaged old version (1.06) of kubernetes in most recent release. kubernetes rpm labeled 1.1xxxx https://bugzilla.redhat.com/show_bug.cgi?id=1291860 -------------------------------------------------------------------------------- ================================================================================ lilypond-2.19.37-1.fc23 (FEDORA-2016-0c83c25c39) A typesetting system for music notation -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ================================================================================ lilypond-doc-2.19.37-1.fc23 (FEDORA-2016-0c83c25c39) HTML documentation for LilyPond -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- ================================================================================ nacl-arm-newlib-2.1.0-3.git373135e.fc23 (FEDORA-2016-86e9d3f14a) C library intended for use on embedded systems -------------------------------------------------------------------------------- Update Information: New package: nacl-arm-newlib - C library intended for use on embedded systems -------------------------------------------------------------------------------- References: [ 1 ] Bug #1270375 - Review Request: nacl-arm-newlib - C library intended for use on embedded systems https://bugzilla.redhat.com/show_bug.cgi?id=1270375 -------------------------------------------------------------------------------- ================================================================================ oz-0.15.0-1.fc23 (FEDORA-2016-7586e24a5e) Library and utilities for automated guest OS installs -------------------------------------------------------------------------------- Update Information: Release 0.15.0 -------------------------------------------------------------------------------- ================================================================================ pcre-8.38-6.fc23 (FEDORA-2016-65833b5dbc) Perl-compatible regular expression library -------------------------------------------------------------------------------- Update Information: This release fixes a heap buffer overflow in handling of nested duplicate named groups with a nested back reference and a heap buffer overflow in pcretest causing infinite loop when matching globally with an ovector less than 2. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1295385 - CVE-2016-1283 pcre: heap buffer overflow in handling of duplicate named groups (8.39/14) https://bugzilla.redhat.com/show_bug.cgi?id=1295385 [ 2 ] Bug #1312782 - pcre: Heap buffer overflow in pcretest causing infinite loop https://bugzilla.redhat.com/show_bug.cgi?id=1312782 -------------------------------------------------------------------------------- ================================================================================ pcre2-10.21-3.fc23 (FEDORA-2016-55953d3cc5) Perl-compatible regular expression library -------------------------------------------------------------------------------- Update Information: This release fixes a typo in pcre2_study(). -------------------------------------------------------------------------------- ================================================================================ perl-App-a2p-1.009-2.fc23 (FEDORA-2016-b4bc777e25) Awk to Perl translator -------------------------------------------------------------------------------- Update Information: This release fixes a buffer overflow when parsing long enough -n argument. -------------------------------------------------------------------------------- ================================================================================ perl-CBOR-XS-1.4.1-1.fc23 (FEDORA-2016-f9a1de2ff9) Concise Binary Object Representation (CBOR) -------------------------------------------------------------------------------- Update Information: This release fixes nested FREEZE and THAW calls. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1312516 - perl-CBOR-XS-1.41 is available https://bugzilla.redhat.com/show_bug.cgi?id=1312516 -------------------------------------------------------------------------------- ================================================================================ python-behave-1.2.5-9.fc23 (FEDORA-2016-9e381832b8) Tools for the behavior-driven development, Python style -------------------------------------------------------------------------------- Update Information: Fixed managing python3 builds. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1216989 - Please upgrade to 1.2.5 in F21+ https://bugzilla.redhat.com/show_bug.cgi?id=1216989 [ 2 ] Bug #1276923 - provide Python3 version of the package https://bugzilla.redhat.com/show_bug.cgi?id=1276923 -------------------------------------------------------------------------------- ================================================================================ python-zanata2fedmsg-0.2-1.fc23 (FEDORA-2016-d19b3fd12c) A web app bridging zanata webhooks to fedmsg -------------------------------------------------------------------------------- Update Information: Initial packaging. -------------------------------------------------------------------------------- ================================================================================ rpm-4.13.0-0.rc1.12.fc23 (FEDORA-2016-d360559a79) The RPM package management system -------------------------------------------------------------------------------- Update Information: - Remove size limit when expanding macros (#1303034) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1303034 - rpm macro expansion works incorrectly when looping over a long list using lua https://bugzilla.redhat.com/show_bug.cgi?id=1303034 -------------------------------------------------------------------------------- ================================================================================ skopeo-0.1.9-1.fc23 (FEDORA-2016-02cc4cb057) Inspect Docker images and repositories on registries -------------------------------------------------------------------------------- Update Information: update to v0.1.9 ---- update to v0.1.8 -------------------------------------------------------------------------------- ================================================================================ transmission-2.90-1.fc23 (FEDORA-2016-99d6679320) A lightweight GTK+ BitTorrent client -------------------------------------------------------------------------------- Update Information: Latest upstream. http://www.transmissionbt.com/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1312701 - transmission-2.90 is available https://bugzilla.redhat.com/show_bug.cgi?id=1312701 -------------------------------------------------------------------------------- ================================================================================ xfig-3.2.5-48.c.fc23 (FEDORA-2016-a23c447f3e) An X Window System tool for drawing basic vector graphics -------------------------------------------------------------------------------- Update Information: - Bring in various bugfixes from Debian - Convert icons to png - Add appdata -------------------------------------------------------------------------------- ================================================================================ yad-0.34.2-1.fc23 (FEDORA-2016-380e55dae6) Display graphical dialogs from shell scripts or command line -------------------------------------------------------------------------------- Update Information: update to 0.34.2 ---- update to yad-0.34.1 ---- update to 0.34.0 ---- Update to yad-0.33.1 ---- update to 0.33.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1312645 - yad-0.34.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1312645 [ 2 ] Bug #1310485 - yad-0.34.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1310485 [ 3 ] Bug #1297601 - yad-0.33.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1297601 [ 4 ] Bug #1296780 - yad-0.33.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1296780 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
