The following Fedora 23 Security updates need testing: Age URL 214 https://bodhi.fedoraproject.org/updates/FEDORA-2015-16240 nagios-4.0.8-1.fc23 171 https://bodhi.fedoraproject.org/updates/FEDORA-2015-81ded368fe miniupnpc-1.9-6.fc23 144 https://bodhi.fedoraproject.org/updates/FEDORA-2015-27392b3324 jbig2dec-0.12-2.fc23 95 https://bodhi.fedoraproject.org/updates/FEDORA-2015-dd52a54fa1 python-pymongo-3.0.3-1.fc23 95 https://bodhi.fedoraproject.org/updates/FEDORA-2015-06a7c972e8 thttpd-2.25b-37.fc23 84 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 60 https://bodhi.fedoraproject.org/updates/FEDORA-2016-637618fcd4 mingw-nsis-2.50-1.fc23 42 https://bodhi.fedoraproject.org/updates/FEDORA-2016-d7dafbf27f python-tgcaptcha2-0.3.1-1.fc23 21 https://bodhi.fedoraproject.org/updates/FEDORA-2016-de909cc333 xstream-1.4.9-1.fc23 16 https://bodhi.fedoraproject.org/updates/FEDORA-2016-73eb29f890 parallel-20160222-1.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-b8f91621c7 optipng-0.7.6-1.fc23 15 https://bodhi.fedoraproject.org/updates/FEDORA-2016-dffdc981ff squid-3.5.10-2.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-80c07fbb6c w3m-0.5.3-24.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-e57f60ec84 keepassx-0.4.4-1.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-c848d48286 mingw-poppler-0.34.0-2.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2fcfc7670f golang-1.5.4-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-65519440f5 ansible1.9-1.9.6-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8b28358b72 mod_nss-1.0.12-3.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-188267b485 gsi-openssh-7.2p2-1.fc23 3 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cb7a73c82e webkitgtk4-2.12.1-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-fcfe4c73b0 i7z-0.27.2-16.20150629gitec09c4f.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-35d7b09908 xen-4.5.3-2.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-cd3cf8e7d0 ansible-2.0.2.0-1.fc23 The following Fedora 23 Critical Path updates have yet to be approved: Age URL 84 https://bodhi.fedoraproject.org/updates/FEDORA-2016-a69ee02554 xulrunner-44.0-1.fc23 8 https://bodhi.fedoraproject.org/updates/FEDORA-2016-edd725cafb pungi-4.0.14-3.fc23 5 https://bodhi.fedoraproject.org/updates/FEDORA-2016-118f9af2bb avahi-0.6.32-1.fc23 1 https://bodhi.fedoraproject.org/updates/FEDORA-2016-88778482ea lorax-23.21-1.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-8dbbc0a5d2 lldpad-1.0.1-4.git036e314.fc23 0 https://bodhi.fedoraproject.org/updates/FEDORA-2016-1487ac680a libsoup-2.52.2-2.fc23 The following builds have been pushed to Fedora 23 updates-testing amsynth-1.6.4-1.fc23 ansible-2.0.2.0-1.fc23 clementine-1.3.1-1.fc23 conntrack-tools-1.4.3-1.fc23 dhcp-forwarder-0.11-1.fc23 dnsperf-2.1.0.0-1.fc23 eclipse-mylyn-3.19.0-2.fc23 frysk-0.4-53.fc23 girara-0.2.6-1.fc23 libsoup-2.52.2-2.fc23 lldpad-1.0.1-4.git036e314.fc23 perl-Config-General-2.61-1.fc23 perl-File-Touch-0.11-1.fc23 perl-Inline-C-0.76-2.fc23 php-drush-drush-6.2.0-6.fc23 php-pecl-apcu-4.0.11-1.fc23 python-ly-0.9.4-1.fc23 python-pytest-testmon-0.8.2-1.fc23 rubygem-atk-3.0.8-1.fc23 rubygem-cairo-1.15.2-1.fc23 rubygem-cairo-gobject-3.0.8-1.fc23 rubygem-clutter-3.0.8-1.fc23 rubygem-clutter-gstreamer-3.0.8-1.fc23 rubygem-clutter-gtk-3.0.8-1.fc23 rubygem-gdk3-3.0.8-1.fc23 rubygem-gdk_pixbuf2-3.0.8-1.fc23 rubygem-gettext-3.2.2-1.fc23 rubygem-gio2-3.0.8-1.fc23 rubygem-glib2-3.0.8-1.fc23 rubygem-gobject-introspection-3.0.8-1.fc23 rubygem-gstreamer-3.0.8-1.fc23 rubygem-gtk2-3.0.8-1.fc23 rubygem-gtk3-3.0.8-1.fc23 rubygem-gtksourceview2-3.0.8-1.fc23 rubygem-gtksourceview3-3.0.8-1.fc23 rubygem-pango-3.0.8-1.fc23 rubygem-poppler-3.0.8-1.fc23 rubygem-rsvg2-3.0.8-1.fc23 rubygem-vte-3.0.8-1.fc23 rubygem-vte3-3.0.8-1.fc23 rubygem-webkit-gtk-3.0.8-1.fc23 tiled-0.16.0-1.fc23 tito-0.6.6-1.fc23 xdg-app-0.5.2-1.fc23 xen-4.5.3-2.fc23 zanata-client-3.8.4-1.fc23 zathura-0.3.6-1.fc23 Details about builds: ================================================================================ amsynth-1.6.4-1.fc23 (FEDORA-2016-6c34e7c312) A classic synthesizer with dual oscillators -------------------------------------------------------------------------------- Update Information: Update to new maintenance upstream -------------------------------------------------------------------------------- ================================================================================ ansible-2.0.2.0-1.fc23 (FEDORA-2016-cd3cf8e7d0) SSH-based configuration management, deployment, and task execution system -------------------------------------------------------------------------------- Update Information: Update to 2.0.2.0. https://github.com/ansible/ansible/blob/stable-2.0/CHANGELOG.md -------------------------------------------------------------------------------- References: [ 1 ] Bug #1322925 - CVE-2016-3096 ansible: Code execution vulnerability in lxc_container https://bugzilla.redhat.com/show_bug.cgi?id=1322925 -------------------------------------------------------------------------------- ================================================================================ clementine-1.3.1-1.fc23 (FEDORA-2016-1e0fcdd599) A music player and library organizer -------------------------------------------------------------------------------- Update Information: Clementine 1.3.1 release. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328638 - clementine-1.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328638 -------------------------------------------------------------------------------- ================================================================================ conntrack-tools-1.4.3-1.fc23 (FEDORA-2016-810298e74c) Manipulate netfilter connection tracking table and run High Availability -------------------------------------------------------------------------------- Update Information: Resolves: rhbz#1261220 1.4.3 is available -------------------------------------------------------------------------------- References: [ 1 ] Bug #1261220 - conntrack-tools-1.4.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1261220 -------------------------------------------------------------------------------- ================================================================================ dhcp-forwarder-0.11-1.fc23 (FEDORA-2016-73d5ea6f24) DHCP relay agent -------------------------------------------------------------------------------- Update Information: Upgrade to 0.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #856667 - Introduce new systemd-rpm macros in dhcp-forwarder spec file https://bugzilla.redhat.com/show_bug.cgi?id=856667 -------------------------------------------------------------------------------- ================================================================================ dnsperf-2.1.0.0-1.fc23 (FEDORA-2016-34b8e4150f) Benchmarking authorative and recursing DNS servers -------------------------------------------------------------------------------- Update Information: Updated to 2.1.0.0 (rhbz#1305929) which adds -C option to resperf and the -T option to dnsperf -------------------------------------------------------------------------------- References: [ 1 ] Bug #1305929 - New version: dnsperf 2.1.0.0 https://bugzilla.redhat.com/show_bug.cgi?id=1305929 -------------------------------------------------------------------------------- ================================================================================ eclipse-mylyn-3.19.0-2.fc23 (FEDORA-2016-541e82038b) Eclipse Mylyn main feature. -------------------------------------------------------------------------------- Update Information: Generify the spec file to accomodate non-F25 builds -------------------------------------------------------------------------------- ================================================================================ frysk-0.4-53.fc23 (FEDORA-2016-4a2d7320a0) Execution analysis and debugging tool-suite -------------------------------------------------------------------------------- Update Information: Fixes openjdk incompatibility in JNI code. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1323767 - SIGSEGV in jre https://bugzilla.redhat.com/show_bug.cgi?id=1323767 -------------------------------------------------------------------------------- ================================================================================ girara-0.2.6-1.fc23 (FEDORA-2016-e3013e15d8) Simple user interface library -------------------------------------------------------------------------------- Update Information: New versions of girara and zathura are available. See https://pwmt.org/news/girara-0-2-6/ and https://pwmt.org/news/zathura-0-3-6/ for details on changes in these releases. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328295 - zathura-0.3.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328295 [ 2 ] Bug #1328286 - girara-0.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328286 -------------------------------------------------------------------------------- ================================================================================ libsoup-2.52.2-2.fc23 (FEDORA-2016-1487ac680a) Soup, an HTTP library implementation -------------------------------------------------------------------------------- Update Information: Fixes a bug in the NTLM authentication, which was uncovered with the latest samba-winbind-clients update. This bug could prevent login to Exchange Web Services (EWS) accounts (usually used by the evolution-ews package). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1327072 - NTLM auth failure with latest samba https://bugzilla.redhat.com/show_bug.cgi?id=1327072 -------------------------------------------------------------------------------- ================================================================================ lldpad-1.0.1-4.git036e314.fc23 (FEDORA-2016-8dbbc0a5d2) Intel LLDP Agent -------------------------------------------------------------------------------- Update Information: Update F22 and F23 to upstream v1.0.1-26-g036e314 by syncing with rawhide packages, to satisfy a request for upstream fixes. -------------------------------------------------------------------------------- ================================================================================ perl-Config-General-2.61-1.fc23 (FEDORA-2016-6230bfb790) Generic configuration module for Perl -------------------------------------------------------------------------------- Update Information: Updated to upstream 2.61 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328283 - perl-Config-General-2.61 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328283 -------------------------------------------------------------------------------- ================================================================================ perl-File-Touch-0.11-1.fc23 (FEDORA-2016-a3fd28e5ef) Update access, modification timestamps, creating nonexistent files -------------------------------------------------------------------------------- Update Information: New upstream release: 0.11 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1322442 - Upgrade perl-File-Touch to 0.11 https://bugzilla.redhat.com/show_bug.cgi?id=1322442 -------------------------------------------------------------------------------- ================================================================================ perl-Inline-C-0.76-2.fc23 (FEDORA-2016-e17d402331) Write Perl subroutines in C -------------------------------------------------------------------------------- Update Information: This release adds missing dependencies required for the Inline::C to work. -------------------------------------------------------------------------------- ================================================================================ php-drush-drush-6.2.0-6.fc23 (FEDORA-2016-aa01fac41c) Command line shell and Unix scripting interface for Drupal -------------------------------------------------------------------------------- Update Information: Updates the `/usr/bin/drush` command to search for `php` bin (i.e. `which php`) rather than `php-cli` bin (i.e. `which php-cli`). -------------------------------------------------------------------------------- ================================================================================ php-pecl-apcu-4.0.11-1.fc23 (FEDORA-2016-2f80f4144e) APC User Cache -------------------------------------------------------------------------------- Update Information: **Version 4.0.11** - fix #176 segfault when apc.preload_path contains bad data - fix bad data used in test suite -------------------------------------------------------------------------------- ================================================================================ python-ly-0.9.4-1.fc23 (FEDORA-2016-c4ca49d3da) Tool and library for manipulating LilyPond files -------------------------------------------------------------------------------- Update Information: Latest upstream. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328650 - python-ly-0.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328650 -------------------------------------------------------------------------------- ================================================================================ python-pytest-testmon-0.8.2-1.fc23 (FEDORA-2016-c164e0f3b6) A py.test plug-in which executes only tests affected by recent changes -------------------------------------------------------------------------------- Update Information: A py.test plug-in which executes only tests affected by recent changes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1316982 - Review Request: python-pytest-testmon - A py.test plug-in which executes only tests affected by recent changes https://bugzilla.redhat.com/show_bug.cgi?id=1316982 -------------------------------------------------------------------------------- ================================================================================ rubygem-atk-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of ATK-1.0.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-cairo-1.15.2-1.fc23 (FEDORA-2016-3f94345f73) Ruby bindings for cairo -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-cairo-gobject-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of cairo-gobject -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-clutter-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of Clutter -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-clutter-gstreamer-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of Clutter-GStreamer -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-clutter-gtk-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of Clutter-GTK -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gdk3-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of GDK-3.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gdk_pixbuf2-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of GdkPixbuf-2.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gettext-3.2.2-1.fc23 (FEDORA-2016-a1a29bf89b) RubyGem of Localization Library and Tools for Ruby -------------------------------------------------------------------------------- Update Information: New version 3.2.2 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gio2-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of gio-2.0.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-glib2-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of GLib-2.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gobject-introspection-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of GObjectIntrospection -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gstreamer-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of GStreamer -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gtk2-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of GTK+-2.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gtk3-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby/GTK3 is a Ruby binding of GTK+-3.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gtksourceview2-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of gtksourceview-2.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-gtksourceview3-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of gtksourceview-3.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-pango-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of pango-1.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-poppler-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of poppler-glib -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-rsvg2-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of librsvg-2.x -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-vte-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of vte -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-vte3-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of VTE -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ rubygem-webkit-gtk-3.0.8-1.fc23 (FEDORA-2016-3f94345f73) Ruby binding of WebKitGTK+ using GTK3 -------------------------------------------------------------------------------- Update Information: ruby-gnome2 suite 3.0.8 is released. -------------------------------------------------------------------------------- ================================================================================ tiled-0.16.0-1.fc23 (FEDORA-2016-c0f506a7c6) Tiled Map Editor -------------------------------------------------------------------------------- Update Information: New feature release 0.16.0 Main new feature: - Improved object categories For further information read: http://forum.mapeditor.org/t/tiled-0-16-0-released/1206 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1321694 - tiled-v0.16.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1321694 -------------------------------------------------------------------------------- ================================================================================ tito-0.6.6-1.fc23 (FEDORA-2016-e9d179dce7) A tool for managing rpm based git projects -------------------------------------------------------------------------------- Update Information: Added ability to specify changelog lines on tagging CLI with --changelog (can be used multple times), and support for the new %autosetup macro. -------------------------------------------------------------------------------- ================================================================================ xdg-app-0.5.2-1.fc23 (FEDORA-2016-a86130c7b5) Application deployment framework for desktop apps -------------------------------------------------------------------------------- Update Information: Update to 0.5.2 -------------------------------------------------------------------------------- ================================================================================ xen-4.5.3-2.fc23 (FEDORA-2016-35d7b09908) Xen is a virtual machine monitor -------------------------------------------------------------------------------- Update Information: x86 shadow pagetables: address width overflow [XSA-173, CVE-2016-3960] Qemu: net: buffer overflow in stellaris_enet emulator [CVE-2016-4001] Qemu: net: buffer overflow in MIPSnet emulator [CVE-2016-4002] qemu: Infinite loop vulnerability in usb_ehci using siTD process [CVE-2016-4037] -------------------------------------------------------------------------------- References: [ 1 ] Bug #1323955 - CVE-2016-3960 xsa173 xen: x86 shadow pagetables: address width overflow (XSA-173) https://bugzilla.redhat.com/show_bug.cgi?id=1323955 [ 2 ] Bug #1325884 - CVE-2016-4001 Qemu: net: buffer overflow in stellaris_enet emulator https://bugzilla.redhat.com/show_bug.cgi?id=1325884 [ 3 ] Bug #1326082 - CVE-2016-4002 Qemu: net: buffer overflow in MIPSnet emulator https://bugzilla.redhat.com/show_bug.cgi?id=1326082 [ 4 ] Bug #1325129 - CVE-2016-4037 Qemu: usb: Infinite loop vulnerability in usb_ehci using siTD process https://bugzilla.redhat.com/show_bug.cgi?id=1325129 -------------------------------------------------------------------------------- ================================================================================ zanata-client-3.8.4-1.fc23 (FEDORA-2016-b357dff4fc) Zanata client module -------------------------------------------------------------------------------- Update Information: - Upstream update to 3.8.4 -------------------------------------------------------------------------------- ================================================================================ zathura-0.3.6-1.fc23 (FEDORA-2016-e3013e15d8) A lightweight document viewer -------------------------------------------------------------------------------- Update Information: New versions of girara and zathura are available. See https://pwmt.org/news/girara-0-2-6/ and https://pwmt.org/news/zathura-0-3-6/ for details on changes in these releases. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1328295 - zathura-0.3.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328295 [ 2 ] Bug #1328286 - girara-0.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1328286 -------------------------------------------------------------------------------- -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: http://lists.fedoraproject.org/admin/lists/test@xxxxxxxxxxxxxxxxxxxxxxx
